Filtered by vendor Opensuse
Subscriptions
Total
3286 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-3856 | 7 Debian, Fedoraproject, Libssh2 and 4 more | 17 Debian Linux, Fedora, Libssh2 and 14 more | 2025-04-23 | 8.8 High |
| An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. | ||||
| CVE-2016-10051 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 7.8 High |
| Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | ||||
| CVE-2014-9844 | 5 Canonical, Imagemagick, Opensuse and 2 more | 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more | 2025-04-20 | N/A |
| The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | ||||
| CVE-2017-9814 | 2 Cairographics, Opensuse | 2 Cairo, Leap | 2025-04-20 | 7.5 High |
| cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. | ||||
| CVE-2014-8127 | 3 Libtiff, Opensuse, Redhat | 3 Libtiff, Opensuse, Enterprise Linux | 2025-04-20 | N/A |
| LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool. | ||||
| CVE-2017-13087 | 7 Canonical, Debian, Freebsd and 4 more | 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | ||||
| CVE-2016-7969 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2025-04-20 | 7.5 High |
| The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | ||||
| CVE-2017-17805 | 7 Canonical, Debian, Linux and 4 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2025-04-20 | 7.8 High |
| The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. | ||||
| CVE-2017-8932 | 5 Fedoraproject, Golang, Novell and 2 more | 5 Fedora, Go, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-04-20 | N/A |
| A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. | ||||
| CVE-2016-8683 | 3 Debian, Graphicsmagick, Opensuse | 3 Debian Linux, Graphicsmagick, Opensuse | 2025-04-20 | N/A |
| The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file." | ||||
| CVE-2016-9840 | 9 Apple, Boost, Canonical and 6 more | 27 Iphone Os, Mac Os X, Tvos and 24 more | 2025-04-20 | 8.8 High |
| inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | ||||
| CVE-2017-5336 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2025-04-20 | N/A |
| Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. | ||||
| CVE-2017-5335 | 3 Gnu, Opensuse, Redhat | 3 Gnutls, Leap, Enterprise Linux | 2025-04-20 | N/A |
| The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | ||||
| CVE-2017-8386 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2025-04-20 | N/A |
| git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. | ||||
| CVE-2017-6542 | 3 Opensuse, Opensuse Project, Putty | 3 Leap, Leap, Putty | 2025-04-20 | N/A |
| The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. | ||||
| CVE-2016-10070 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2025-04-20 | 5.5 Medium |
| Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | ||||
| CVE-2017-13078 | 7 Canonical, Debian, Freebsd and 4 more | 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. | ||||
| CVE-2017-13079 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. | ||||
| CVE-2017-8834 | 2 Gnome, Opensuse | 2 Libcroco, Leap | 2025-04-20 | 6.5 Medium |
| The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file. | ||||
| CVE-2017-8871 | 2 Gnome, Opensuse | 2 Libcroco, Leap | 2025-04-20 | 6.5 Medium |
| The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file. | ||||