Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-16597

  • EPSS 0.09%
  • Published 21.09.2018 16:29:01
  • Last modified 21.11.2024 03:53:01

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

6.5

CVE-2018-17294

Exploit
  • EPSS 0.51%
  • Published 21.09.2018 07:29:00
  • Last modified 21.11.2024 03:54:11

The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with c...

9.8

CVE-2018-1000802

  • EPSS 23.2%
  • Published 18.09.2018 17:29:00
  • Last modified 21.11.2024 03:40:23

Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service...

8.8

CVE-2018-10929

  • EPSS 0.86%
  • Published 04.09.2018 16:29:00
  • Last modified 21.11.2024 03:42:19

A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.

6.5

CVE-2018-10930

  • EPSS 0.63%
  • Published 04.09.2018 16:29:00
  • Last modified 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.

8.8

CVE-2018-10926

  • EPSS 0.79%
  • Published 04.09.2018 15:29:00
  • Last modified 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.

8.1

CVE-2018-10927

  • EPSS 1.36%
  • Published 04.09.2018 15:29:00
  • Last modified 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.

8.8

CVE-2018-10928

  • EPSS 0.85%
  • Published 04.09.2018 15:29:00
  • Last modified 21.11.2024 03:42:19

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing any...

7.5

CVE-2018-10911

  • EPSS 4.26%
  • Published 04.09.2018 14:29:00
  • Last modified 21.11.2024 03:42:17

A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.

6.5

CVE-2018-10913

  • EPSS 0.94%
  • Published 04.09.2018 14:29:00
  • Last modified 21.11.2024 03:42:17

An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.