Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2008-2812

  • EPSS 0.05%
  • Published 09.07.2008 00:41:00
  • Last modified 09.04.2025 00:30:58

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) ha...

7.5

CVE-2008-2371

Exploit
  • EPSS 4.13%
  • Published 07.07.2008 23:41:00
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins ...

4.9

CVE-2008-2826

  • EPSS 0.08%
  • Published 02.07.2008 16:41:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consu...

10

CVE-2008-2388

  • EPSS 0.34%
  • Published 06.06.2008 22:32:00
  • Last modified 09.04.2025 00:30:58

Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."

4.9

CVE-2008-2389

  • EPSS 0.03%
  • Published 06.06.2008 22:32:00
  • Last modified 09.04.2025 00:30:58

opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.

6.9

CVE-2008-1375

  • EPSS 0.05%
  • Published 02.05.2008 16:05:00
  • Last modified 09.04.2025 00:30:58

Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.

5.5

CVE-2008-1567

  • EPSS 0.04%
  • Published 31.03.2008 22:44:00
  • Last modified 09.04.2025 00:30:58

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

7.5

CVE-2008-0063

  • EPSS 4.75%
  • Published 19.03.2008 10:44:00
  • Last modified 09.04.2025 00:30:58

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."

9.3

CVE-2007-6427

  • EPSS 3.74%
  • Published 18.01.2008 23:00:00
  • Last modified 09.04.2025 00:30:58

The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

4.3

CVE-2007-5000

  • EPSS 88.67%
  • Published 13.12.2007 18:46:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inje...