Opensuse

opensuse

Vendor: Opensuse • 1,454 CVEs

CVEs (1,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-2145 3Canonical OpensusePerlmonks 3Module\ OpensuseUbuntu Linux Apr 29, 2026 Aug 19, 2013 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that r...Show more The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.Show less
CVE-2013-1872 4Canonical Mesa3dOpensuse+1 more 4Enterprise Linux MesaOpensuse+1 more Apr 29, 2026 Aug 19, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger...Show more The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.Show less
CVE-2013-4238 3Canonical OpensusePython 3Opensuse PythonUbuntu Linux Apr 29, 2026 Aug 18, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-th...Show more The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.Show less
CVE-2013-2132 3Canonical MongodbOpensuse 3Mongodb OpensuseUbuntu Linux Apr 29, 2026 Aug 15, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to...Show more bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."Show less
CVE-2013-2126 3Canonical LibrawOpensuse 3Libraw OpensuseUbuntu Linux Apr 29, 2026 Aug 14, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitr...Show more Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.Show less
CVE-2013-4115 2Opensuse Squid Cache 2Opensuse Squid Apr 29, 2026 Aug 9, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long...Show more Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.Show less
CVE-2013-4124 5Canonical FedoraprojectOpensuse+2 more 5Enterprise Linux FedoraOpensuse+2 more Apr 29, 2026 Aug 6, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) v...Show more Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.Show less
CVE-2013-2174 4Canonical HaxxOpensuse+1 more 5Curl Enterprise LinuxLibcurl+2 more Apr 29, 2026 Jul 31, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary...Show more Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.Show less
CVE-2013-2112 4Apache CanonicalCollabnet+1 more 4Opensuse SubversionSubversion+1 more Apr 29, 2026 Jul 31, 2013 N/A· v4 N/A· v3 7.8 HIGH· v2 The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
CVE-2013-2088 3Apache CollabnetOpensuse 3Opensuse SubversionSubversion Apr 29, 2026 Jul 31, 2013 N/A· v4 N/A· v3 7.1 HIGH· v2 contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
CVE-2013-1968 4Apache CanonicalCollabnet+1 more 4Opensuse SubversionSubversion+1 more Apr 29, 2026 Jul 31, 2013 N/A· v4 N/A· v3 5.5 MEDIUM· v2 Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
CVE-2013-4854 10Fedoraproject FreebsdHp+7 more 12Bind Business ServerDnsco Bind+9 more Apr 29, 2026 Jul 29, 2013 N/A· v4 N/A· v3 7.8 HIGH· v2 The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause...Show more The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.Show less
CVE-2013-4002 6Apache CanonicalIbm+3 more 15Host On Demand JavaJdk+12 more Apr 29, 2026 Jul 23, 2013 N/A· v4 N/A· v3 7.1 HIGH· v2 XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracl...Show more XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.Show less
CVE-2013-3812 6Canonical DebianMariadb+3 more 9Debian Linux Linux Enterprise DesktopLinux Enterprise Server+6 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.Show less
CVE-2013-3809 5Canonical MariadbOpensuse+2 more 8Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Software Development Kit+5 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
CVE-2013-3808 4Mariadb OpensuseOracle+1 more 6Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Software Development Kit+3 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Op...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.Show less
CVE-2013-3805 4Mariadb OpensuseOracle+1 more 7Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Software Development Kit+4 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
CVE-2013-3804 6Canonical DebianMariadb+3 more 8Debian Linux Linux Enterprise DesktopLinux Enterprise Server+5 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.Show less
CVE-2013-3802 6Canonical DebianMariadb+3 more 8Debian Linux Linux Enterprise DesktopLinux Enterprise Server+5 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related...Show more Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.Show less
CVE-2013-3801 4Mariadb OpensuseOracle+1 more 6Linux Enterprise Desktop Linux Enterprise ServerLinux Enterprise Software Development Kit+3 more Apr 29, 2026 Jul 17, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

Previous 1...495051...73 Next