Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2016-5705

  • EPSS 0.61%
  • Published 03.07.2016 01:59:17
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the us...

9.8

CVE-2016-5703

  • EPSS 1.58%
  • Published 03.07.2016 01:59:14
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column q...

6.1

CVE-2016-5701

  • EPSS 0.46%
  • Published 03.07.2016 01:59:11
  • Last modified 12.04.2025 10:46:40

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.

7.5

CVE-2016-5301

  • EPSS 1.39%
  • Published 30.06.2016 17:59:09
  • Last modified 12.04.2025 10:46:40

The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.

8.8

CVE-2016-3062

  • EPSS 2.51%
  • Published 16.06.2016 18:59:08
  • Last modified 12.04.2025 10:46:40

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

7.5

CVE-2016-4579

  • EPSS 1.16%
  • Published 13.06.2016 19:59:10
  • Last modified 12.04.2025 10:46:40

Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."

7.5

CVE-2016-4478

  • EPSS 0.59%
  • Published 13.06.2016 19:59:09
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

7.5

CVE-2016-4574

  • EPSS 0.96%
  • Published 13.06.2016 19:59:09
  • Last modified 12.04.2025 10:46:40

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of a...

7.5

CVE-2016-4414

  • EPSS 2.9%
  • Published 13.06.2016 19:59:08
  • Last modified 12.04.2025 10:46:40

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

7.5

CVE-2014-9773

  • EPSS 0.41%
  • Published 13.06.2016 19:59:00
  • Last modified 12.04.2025 10:46:40

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.