Opensuse

opensuse

Vendor: Opensuse • 1,454 CVEs

CVEs (1,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-2105 8Apple CanonicalDebian+5 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+12 more May 6, 2026 May 5, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount o...Show more Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.Show less
CVE-2016-2807 3Mozilla OpensuseSuse 4Firefox LeapLinux Enterprise+1 more May 6, 2026 Apr 30, 2016 N/A· v4 8.8 HIGH· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corrup...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2016-2806 4Debian MozillaOpensuse+1 more 5Debian Linux FirefoxLeap+2 more May 6, 2026 Apr 30, 2016 N/A· v4 8.8 HIGH· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2016-3074 6Canonical DebianFedoraproject+3 more 6Debian Linux FedoraLibgd+3 more May 6, 2026 Apr 26, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which trigge...Show more Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.Show less
CVE-2016-3977 2Giflib Project Opensuse 2Giflib Opensuse May 6, 2026 Apr 21, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
CVE-2016-3190 2Cairographics Opensuse 2Cairo Opensuse May 6, 2026 Apr 21, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
CVE-2016-3427 8Apache CanonicalDebian+5 more 38Cassandra Debian LinuxE Series Santricity Management Plug Ins+35 more Apr 22, 2026 Apr 21, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVE-2016-0668 6Canonical DebianMariadb+3 more 10Debian Linux LeapLinux Enterprise Desktop+7 more May 6, 2026 Apr 21, 2016 N/A· v4 4.1 MEDIUM· v3 1.7 LOW· v2 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0651 5Mariadb OpensuseOracle+2 more 15Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+12 more May 6, 2026 Apr 21, 2016 N/A· v4 5.5 MEDIUM· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVE-2016-0642 7Canonical DebianMariadb+4 more 17Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+14 more May 6, 2026 Apr 21, 2016 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVE-2015-8842 1Opensuse 1Opensuse May 6, 2026 Apr 20, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
CVE-2014-9770 1Opensuse 1Opensuse May 6, 2026 Apr 20, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these f...Show more tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.Show less
CVE-2015-8779 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary...Show more Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.Show less
CVE-2015-8778 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the _...Show more Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.Show less
CVE-2015-8776 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraGlibc+7 more May 6, 2026 Apr 19, 2016 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range...Show more The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.Show less
CVE-2014-9765 4Canonical DebianOpensuse+1 more 4Debian Linux OpensuseUbuntu Linux+1 more May 6, 2026 Apr 19, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in the main_get_appheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code via a crafted input file.
CVE-2014-9761 5Canonical FedoraprojectGnu+2 more 9Fedora GlibcLinux Enterprise Debuginfo+6 more May 6, 2026 Apr 19, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long...Show more Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.Show less
CVE-2016-3186 2Libtiff Opensuse 2Libtiff Opensuse May 6, 2026 Apr 19, 2016 N/A· v4 6.2 MEDIUM· v3 5.0 MEDIUM· v2 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
CVE-2016-4036 1Opensuse 2Leap Opensuse May 6, 2026 Apr 18, 2016 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which allows local users to obtain sensitive information by reading files in the directo...Show more The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which allows local users to obtain sensitive information by reading files in the directory.Show less
CVE-2015-7552 1Opensuse 1Opensuse May 6, 2026 Apr 18, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.

Previous 1...131415...73 Next