Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2013-2637

Exploit
  • EPSS 1.43%
  • Veröffentlicht 12.02.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 01:52:05

A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.

8.8

CVE-2014-1958

  • EPSS 1.14%
  • Veröffentlicht 06.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 02:05:21

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8

CVE-2014-2030

  • EPSS 18.79%
  • Veröffentlicht 06.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 02:05:29

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld...

6.1

CVE-2013-3565

Exploit
  • EPSS 0.39%
  • Veröffentlicht 31.01.2020 22:15:10
  • Zuletzt bearbeitet 21.11.2024 01:53:53

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter...

6.8

CVE-2006-7246

Exploit
  • EPSS 0.07%
  • Veröffentlicht 27.01.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 00:24:43

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

7.5

CVE-2015-5333

Exploit
  • EPSS 2.09%
  • Veröffentlicht 23.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 02:32:48

Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

9.8

CVE-2015-5334

Exploit
  • EPSS 9.91%
  • Veröffentlicht 23.01.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 02:32:48

Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflo...

7.8

CVE-2015-2325

Exploit
  • EPSS 0.57%
  • Veröffentlicht 14.01.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 02:27:13

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a gro...

5.5

CVE-2015-2326

Exploit
  • EPSS 0.3%
  • Veröffentlicht 14.01.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 02:27:13

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call a...

7.8

CVE-2012-2142

Exploit
  • EPSS 1.33%
  • Veröffentlicht 09.01.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 01:38:35

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.