Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2015-0255

  • EPSS 8.19%
  • Veröffentlicht 13.02.2015 15:59:09
  • Zuletzt bearbeitet 29.08.2025 13:42:30

X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry r...

1.9

CVE-2015-0245

  • EPSS 0.04%
  • Veröffentlicht 13.02.2015 15:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a...

4.6

CVE-2013-2027

  • EPSS 0.03%
  • Veröffentlicht 13.02.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

5

CVE-2015-1546

  • EPSS 10.38%
  • Veröffentlicht 12.02.2015 16:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matched values control.

2.1

CVE-2015-1345

Exploit
  • EPSS 0.09%
  • Veröffentlicht 12.02.2015 16:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.

6.4

CVE-2014-9512

Exploit
  • EPSS 8.88%
  • Veröffentlicht 12.02.2015 16:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

5

CVE-2014-9675

Exploit
  • EPSS 2.11%
  • Veröffentlicht 08.02.2015 11:59:36
  • Zuletzt bearbeitet 12.04.2025 10:46:40

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

7.5

CVE-2014-9674

Exploit
  • EPSS 5.12%
  • Veröffentlicht 08.02.2015 11:59:35
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based bu...

6.8

CVE-2014-9673

Exploit
  • EPSS 4.22%
  • Veröffentlicht 08.02.2015 11:59:34
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac fo...

5.8

CVE-2014-9672

Exploit
  • EPSS 2.29%
  • Veröffentlicht 08.02.2015 11:59:33
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac f...