Filtered by vendor Opensuse
Subscribe
Total
3287 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9852 | 3 Imagemagick, Opensuse, Suse | 7 Imagemagick, Leap, Opensuse and 4 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. | |||||
| CVE-2017-13078 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | 2.9 LOW | 5.3 MEDIUM |
| Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. | |||||
| CVE-2016-8569 | 4 Fedoraproject, Libgit2 Project, Opensuse and 1 more | 5 Fedora, Libgit2, Leap and 2 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | |||||
| CVE-2016-5316 | 3 Libtiff, Opensuse, Opensuse Project | 3 Libtiff, Opensuse, Leap | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | |||||
| CVE-2015-5221 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 5 Fedora, Jasper, Leap and 2 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. | |||||
| CVE-2016-9399 | 3 Fedoraproject, Jasper Project, Opensuse | 3 Fedora, Jasper, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
| CVE-2017-13077 | 7 Canonical, Debian, Freebsd and 4 more | 12 Ubuntu Linux, Debian Linux, Freebsd and 9 more | 2025-04-20 | 5.4 MEDIUM | 6.8 MEDIUM |
| Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | |||||
| CVE-2016-7969 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | |||||
| CVE-2014-9841 | 4 Canonical, Imagemagick, Opensuse and 1 more | 8 Ubuntu Linux, Imagemagick, Opensuse and 5 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." | |||||
| CVE-2016-10068 | 3 Imagemagick, Opensuse, Opensuse Project | 3 Imagemagick, Leap, Leap | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | |||||
| CVE-2015-8864 | 2 Opensuse, Roundcube | 4 Leap, Opensuse, Roundcube Webmail and 1 more | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. | |||||
| CVE-2017-14491 | 13 Arista, Arubanetworks, Canonical and 10 more | 29 Eos, Arubaos, Ubuntu Linux and 26 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | |||||
| CVE-2016-4068 | 2 Opensuse, Roundcube | 4 Leap, Opensuse, Roundcube Webmail and 1 more | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864. | |||||
| CVE-2014-9848 | 4 Canonical, Imagemagick, Opensuse and 1 more | 10 Ubuntu Linux, Imagemagick, Leap and 7 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2016-9398 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 6 Fedora, Jasper, Leap and 3 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
| CVE-2014-9844 | 5 Canonical, Imagemagick, Opensuse and 2 more | 10 Ubuntu Linux, Imagemagick, Opensuse and 7 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | |||||
| CVE-2016-7447 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Leap and 1 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2016-10165 | 6 Canonical, Debian, Littlecms and 3 more | 19 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 16 more | 2025-04-20 | 5.8 MEDIUM | 7.1 HIGH |
| The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | |||||
| CVE-2016-7972 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. | |||||
| CVE-2017-9814 | 2 Cairographics, Opensuse | 2 Cairo, Leap | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. | |||||