Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2013-4132

  • EPSS 0.83%
  • Published 16.09.2013 19:14:38
  • Last modified 11.04.2025 00:51:21

KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a ...

4.3

CVE-2013-5588

Exploit
  • EPSS 0.33%
  • Published 29.08.2013 12:07:56
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.

7.5

CVE-2013-5589

  • EPSS 0.42%
  • Published 29.08.2013 12:07:56
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

4.3

CVE-2013-5018

Exploit
  • EPSS 2.9%
  • Published 28.08.2013 23:55:10
  • Last modified 11.04.2025 00:51:21

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation fault) via a (1) XAuth username, (2) EAP identit...

4.7

CVE-2013-3495

  • EPSS 0.08%
  • Published 28.08.2013 21:55:08
  • Last modified 11.04.2025 00:51:21

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a Syst...

5.8

CVE-2013-4111

  • EPSS 0.25%
  • Published 28.08.2013 21:55:08
  • Last modified 11.04.2025 00:51:21

The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name (CN) or subjectAltName fie...

7.5

CVE-2013-2161

  • EPSS 0.33%
  • Published 20.08.2013 22:55:04
  • Last modified 11.04.2025 00:51:21

XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name.

1.9

CVE-2013-4242

  • EPSS 0.16%
  • Published 19.08.2013 23:55:09
  • Last modified 11.04.2025 00:51:21

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

6.8

CVE-2013-4852

  • EPSS 1.75%
  • Published 19.08.2013 23:55:09
  • Last modified 11.04.2025 00:51:21

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negativ...

4.3

CVE-2013-5029

Exploit
  • EPSS 1.73%
  • Published 19.08.2013 23:55:09
  • Last modified 11.04.2025 00:51:21

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.