Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1660

  • EPSS 1.24%
  • Veröffentlicht 14.05.2016 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified ...

9.8

CVE-2016-4024

  • EPSS 9.63%
  • Veröffentlicht 13.05.2016 16:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.

10

CVE-2016-2099

  • EPSS 1.61%
  • Veröffentlicht 13.05.2016 14:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.

10

CVE-2016-4117

Warnung Exploit
  • EPSS 92.78%
  • Veröffentlicht 11.05.2016 01:59:46
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

10

CVE-2015-8863

  • EPSS 17.25%
  • Veröffentlicht 06.05.2016 17:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.

5.9

CVE-2016-4008

  • EPSS 5.05%
  • Veröffentlicht 05.05.2016 18:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

5.5

CVE-2016-3718

Warnung
  • EPSS 79.25%
  • Veröffentlicht 05.05.2016 18:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.8

CVE-2016-3715

Warnung Exploit
  • EPSS 79.8%
  • Veröffentlicht 05.05.2016 18:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

10

CVE-2016-3714

Warnung
  • EPSS 93.75%
  • Veröffentlicht 05.05.2016 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I...

5.9

CVE-2016-2107

  • EPSS 79.14%
  • Veröffentlicht 05.05.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...