Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2013-2637

Exploit
  • EPSS 1.43%
  • Published 12.02.2020 17:15:11
  • Last modified 21.11.2024 01:52:05

A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.

8.8

CVE-2014-1958

  • EPSS 1.14%
  • Published 06.02.2020 15:15:10
  • Last modified 21.11.2024 02:05:21

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8

CVE-2014-2030

  • EPSS 18.79%
  • Published 06.02.2020 15:15:10
  • Last modified 21.11.2024 02:05:29

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld...

6.1

CVE-2013-3565

Exploit
  • EPSS 0.39%
  • Published 31.01.2020 22:15:10
  • Last modified 21.11.2024 01:53:53

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter...

6.8

CVE-2006-7246

Exploit
  • EPSS 0.07%
  • Published 27.01.2020 15:15:10
  • Last modified 21.11.2024 00:24:43

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

7.5

CVE-2015-5333

Exploit
  • EPSS 2.09%
  • Published 23.01.2020 21:15:12
  • Last modified 21.11.2024 02:32:48

Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

9.8

CVE-2015-5334

Exploit
  • EPSS 9.91%
  • Published 23.01.2020 20:15:12
  • Last modified 21.11.2024 02:32:48

Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflo...

7.8

CVE-2015-2325

Exploit
  • EPSS 0.57%
  • Published 14.01.2020 17:15:12
  • Last modified 21.11.2024 02:27:13

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a gro...

5.5

CVE-2015-2326

Exploit
  • EPSS 0.3%
  • Published 14.01.2020 17:15:12
  • Last modified 21.11.2024 02:27:13

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call a...

7.8

CVE-2012-2142

Exploit
  • EPSS 1.33%
  • Published 09.01.2020 21:15:10
  • Last modified 21.11.2024 01:38:35

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.