Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2013-1862

  • EPSS 41.76%
  • Published 10.06.2013 17:55:01
  • Last modified 11.04.2025 00:51:21

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containi...

5

CVE-2013-4074

Exploit
  • EPSS 33.48%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cau...

5

CVE-2013-4075

  • EPSS 0.57%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

5

CVE-2013-4076

  • EPSS 1.05%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

5

CVE-2013-4077

  • EPSS 1.06%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.

5

CVE-2013-4078

  • EPSS 1.43%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet...

5

CVE-2013-4079

  • EPSS 0.84%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.

5

CVE-2013-4081

  • EPSS 1.26%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause...

5

CVE-2013-4082

  • EPSS 1.54%
  • Published 09.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (hea...

5

CVE-2002-2443

  • EPSS 21.41%
  • Published 29.05.2013 14:29:06
  • Last modified 11.04.2025 00:51:21

schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a for...