Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2014-0187

  • EPSS 0.49%
  • Published 28.04.2014 14:09:06
  • Last modified 12.04.2025 10:46:40

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules fr...

1.9

CVE-2014-2893

  • EPSS 0.08%
  • Published 23.04.2014 15:55:05
  • Last modified 12.04.2025 10:46:40

The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names.

4.3

CVE-2014-2554

  • EPSS 0.23%
  • Published 23.04.2014 15:55:04
  • Last modified 12.04.2025 10:46:40

OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element.

6.8

CVE-2014-2327

  • EPSS 0.42%
  • Published 23.04.2014 15:55:03
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configur...

6.5

CVE-2014-2328

  • EPSS 1.13%
  • Published 23.04.2014 15:55:03
  • Last modified 12.04.2025 10:46:40

lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.

6.3

CVE-2012-0871

  • EPSS 0.15%
  • Published 18.04.2014 14:55:25
  • Last modified 12.04.2025 10:46:40

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

6.3

CVE-2011-0460

  • EPSS 0.04%
  • Published 16.04.2014 18:37:09
  • Last modified 12.04.2025 10:46:40

The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

4.3

CVE-2014-0157

  • EPSS 0.26%
  • Published 15.04.2014 14:55:04
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the descri...

5

CVE-2014-0128

  • EPSS 54.97%
  • Published 14.04.2014 15:09:05
  • Last modified 12.04.2025 10:46:40

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.

7.5

CVE-2014-1716

  • EPSS 1.07%
  • Published 09.04.2014 10:56:51
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Univ...