Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2019-6438

  • EPSS 0.54%
  • Published 31.01.2019 09:29:00
  • Last modified 21.11.2024 04:46:26

SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.

5.5

CVE-2019-7150

Exploit
  • EPSS 0.1%
  • Published 29.01.2019 00:29:00
  • Last modified 21.11.2024 04:47:40

An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted inp...

4.9

CVE-2019-3819

  • EPSS 0.01%
  • Published 25.01.2019 18:29:00
  • Last modified 21.11.2024 04:42:36

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up...

8.2

CVE-2019-6486

  • EPSS 2.4%
  • Published 24.01.2019 05:29:00
  • Last modified 21.11.2024 04:46:32

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.

5.3

CVE-2016-10739

  • EPSS 0.02%
  • Published 21.01.2019 19:29:00
  • Last modified 21.11.2024 02:44:38

In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume tha...

7.5

CVE-2018-5740

  • EPSS 58.05%
  • Published 16.01.2019 20:29:01
  • Last modified 21.11.2024 04:09:17

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feat...

3.1

CVE-2019-2422

  • EPSS 0.24%
  • Published 16.01.2019 19:30:31
  • Last modified 21.11.2024 04:40:50

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker...

4.3

CVE-2019-2426

  • EPSS 0.41%
  • Published 16.01.2019 19:30:31
  • Last modified 21.11.2024 04:40:51

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacke...

5.7

CVE-2018-14662

  • EPSS 0.1%
  • Published 15.01.2019 21:29:00
  • Last modified 21.11.2024 03:49:32

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

6.5

CVE-2018-16846

  • EPSS 4.86%
  • Published 15.01.2019 18:29:00
  • Last modified 21.11.2024 03:53:26

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.