Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2012-0427

Exploit
  • EPSS 0.05%
  • Published 02.12.2013 04:36:26
  • Last modified 11.04.2025 00:51:21

yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name.

5

CVE-2013-6712

  • EPSS 22.79%
  • Published 28.11.2013 04:37:39
  • Last modified 11.04.2025 00:51:21

The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted inte...

1.9

CVE-2013-4509

  • EPSS 0.08%
  • Published 23.11.2013 19:55:03
  • Last modified 11.04.2025 00:51:21

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user ...

4.3

CVE-2013-0221

Exploit
  • EPSS 6.01%
  • Published 23.11.2013 18:55:04
  • Last modified 11.04.2025 00:51:21

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based...

2.1

CVE-2013-0222

  • EPSS 0.14%
  • Published 23.11.2013 18:55:04
  • Last modified 11.04.2025 00:51:21

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.

1.9

CVE-2013-0223

Exploit
  • EPSS 0.14%
  • Published 23.11.2013 18:55:04
  • Last modified 11.04.2025 00:51:21

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overfl...

7.5

CVE-2013-4547

  • EPSS 93.55%
  • Published 23.11.2013 18:55:04
  • Last modified 11.04.2025 00:51:21

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

4.3

CVE-2013-6858

  • EPSS 0.76%
  • Published 23.11.2013 17:55:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.

7.9

CVE-2013-6375

  • EPSS 0.63%
  • Published 23.11.2013 11:55:04
  • Last modified 11.04.2025 00:51:21

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified ...

5

CVE-2013-4487

Exploit
  • EPSS 0.34%
  • Published 20.11.2013 14:12:30
  • Last modified 11.04.2025 00:51:21

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: th...