Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-2317

  • EPSS 4.67%
  • Published 25.03.2015 14:59:04
  • Last modified 12.04.2025 10:46:40

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a con...

5

CVE-2015-2316

  • EPSS 2%
  • Published 25.03.2015 14:59:02
  • Last modified 12.04.2025 10:46:40

The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the ...

5

CVE-2015-0295

  • EPSS 1.55%
  • Published 25.03.2015 14:59:01
  • Last modified 12.04.2025 10:46:40

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

7.5

CVE-2015-2155

  • EPSS 4.98%
  • Published 24.03.2015 17:59:08
  • Last modified 12.04.2025 10:46:40

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

4.4

CVE-2014-8169

  • EPSS 0.11%
  • Published 18.03.2015 16:59:00
  • Last modified 12.04.2025 10:46:40

automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges v...

7.5

CVE-2015-0778

  • EPSS 0.9%
  • Published 16.03.2015 14:59:01
  • Last modified 12.04.2025 10:46:40

osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.

6.4

CVE-2015-2304

Exploit
  • EPSS 3.52%
  • Published 15.03.2015 19:59:00
  • Last modified 12.04.2025 10:46:40

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

5

CVE-2015-2192

  • EPSS 0.55%
  • Published 08.03.2015 02:59:06
  • Last modified 12.04.2025 10:46:40

Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length ...

5

CVE-2015-2191

  • EPSS 3.29%
  • Published 08.03.2015 02:59:05
  • Last modified 12.04.2025 10:46:40

Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length...

5

CVE-2015-2190

  • EPSS 0.21%
  • Published 08.03.2015 02:59:04
  • Last modified 12.04.2025 10:46:40

epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is ...