Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-6352

Exploit
  • EPSS 1.57%
  • Veröffentlicht 03.10.2016 18:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

7.5

CVE-2016-3623

Exploit
  • EPSS 1.59%
  • Veröffentlicht 03.10.2016 16:09:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

7.1

CVE-2016-6172

  • EPSS 0.01%
  • Veröffentlicht 26.09.2016 16:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

9.8

CVE-2016-4303

Exploit
  • EPSS 5.73%
  • Veröffentlicht 26.09.2016 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based b...

5.5

CVE-2016-6265

Exploit
  • EPSS 0.5%
  • Veröffentlicht 22.09.2016 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

7.5

CVE-2016-6262

  • EPSS 6.27%
  • Veröffentlicht 07.09.2016 20:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.

7.5

CVE-2015-8948

  • EPSS 7.11%
  • Veröffentlicht 07.09.2016 20:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.

7.5

CVE-2016-6855

Exploit
  • EPSS 3.02%
  • Veröffentlicht 07.09.2016 18:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invali...

8.1

CVE-2016-5421

  • EPSS 1.27%
  • Veröffentlicht 10.08.2016 14:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

9.8

CVE-2016-5772

Exploit
  • EPSS 15.31%
  • Veröffentlicht 07.08.2016 10:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execu...