Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2015-5218

Exploit
  • EPSS 0.08%
  • Published 09.11.2015 16:59:06
  • Last modified 12.04.2025 10:46:40

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.

4

CVE-2015-2697

  • EPSS 6.39%
  • Published 09.11.2015 03:59:03
  • Last modified 12.04.2025 10:46:40

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field...

7.1

CVE-2015-2696

  • EPSS 8.28%
  • Published 09.11.2015 03:59:02
  • Last modified 12.04.2025 10:46:40

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mis...

5

CVE-2015-2695

  • EPSS 4.77%
  • Published 09.11.2015 03:59:00
  • Last modified 12.04.2025 10:46:40

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that...

4

CVE-2014-9749

  • EPSS 1.94%
  • Published 06.11.2015 21:59:00
  • Last modified 12.04.2025 10:46:40

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."

6.8

CVE-2015-8036

  • EPSS 0.92%
  • Published 02.11.2015 19:59:16
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the se...

6.8

CVE-2015-6031

Exploit
  • EPSS 2.8%
  • Published 02.11.2015 19:59:14
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversiz...

6.8

CVE-2015-5291

  • EPSS 1.7%
  • Published 02.11.2015 19:59:05
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a lon...

4.6

CVE-2015-4625

  • EPSS 0.11%
  • Published 26.10.2015 19:59:05
  • Last modified 12.04.2025 10:46:40

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

4.6

CVE-2015-3256

  • EPSS 0.08%
  • Published 26.10.2015 19:59:04
  • Last modified 12.04.2025 10:46:40

PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."