Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-3075

  • EPSS 10.88%
  • Published 01.06.2016 20:59:03
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.

7.5

CVE-2016-1234

Exploit
  • EPSS 1.18%
  • Published 01.06.2016 20:59:00
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.

9.8

CVE-2016-0718

  • EPSS 1.5%
  • Published 26.05.2016 16:59:00
  • Last modified 12.04.2025 10:46:40

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

7.5

CVE-2016-4049

  • EPSS 2.16%
  • Published 23.05.2016 19:59:07
  • Last modified 12.04.2025 10:46:40

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

5.5

CVE-2016-4578

Exploit
  • EPSS 0.2%
  • Published 23.05.2016 10:59:09
  • Last modified 12.04.2025 10:46:40

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...

9.8

CVE-2016-4544

Exploit
  • EPSS 3.94%
  • Published 22.05.2016 01:59:29
  • Last modified 12.04.2025 10:46:40

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly h...

9.8

CVE-2016-4346

Exploit
  • EPSS 0.59%
  • Published 22.05.2016 01:59:20
  • Last modified 12.04.2025 10:46:40

Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.

8.8

CVE-2016-4343

Exploit
  • EPSS 12.89%
  • Published 22.05.2016 01:59:17
  • Last modified 12.04.2025 10:46:40

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly ha...

9.6

CVE-2015-8866

Exploit
  • EPSS 3.05%
  • Published 22.05.2016 01:59:05
  • Last modified 12.04.2025 10:46:40

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML...

7.5

CVE-2016-4348

  • EPSS 3.08%
  • Published 20.05.2016 14:59:06
  • Last modified 12.04.2025 10:46:40

The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.