Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-9948 6Canonical DebianFedoraproject+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+8 more Jun 17, 2026 Mar 23, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('l...Show more urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.Show less
CVE-2019-9924 5Canonical DebianGnu+2 more 6Bash Debian LinuxHci Management Node+3 more Jun 17, 2026 Mar 22, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
CVE-2019-9923 2Gnu Opensuse 2Leap Tar Jun 17, 2026 Mar 22, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.
CVE-2019-3858 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2019-3855 8Apple DebianFedoraproject+5 more 14Debian Linux Enterprise LinuxEnterprise Linux Desktop+11 more Jun 17, 2026 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execut...Show more An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.Show less
CVE-2019-9898 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
CVE-2019-9897 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
CVE-2019-9896 2Opensuse Putty 3Backports Sle LeapPutty Jun 17, 2026 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
CVE-2019-9894 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
CVE-2019-8934 2Opensuse Qemu 2Leap Qemu Jun 17, 2026 Mar 21, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
CVE-2019-7222 7Canonical DebianFedoraproject+4 more 18Active Iq Performance Analytics Services Debian LinuxElement Software Management Node+15 more Jun 17, 2026 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2019-7221 7Canonical DebianFedoraproject+4 more 15Active Iq Performance Analytics Services Debian LinuxElement Software Management Node+12 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-6778 4Canonical FedoraprojectOpensuse+1 more 4Fedora LeapQemu+1 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVE-2019-6690 5Canonical DebianOpensuse+2 more 5Backports Debian LinuxLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should...Show more python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component.Show less
CVE-2019-6454 8Canonical DebianFedoraproject+5 more 22Active Iq Performance Analytics Services Debian LinuxEnterprise Linux+19 more Jun 17, 2026 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An un...Show more An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).Show less
CVE-2019-6116 6Artifex CanonicalDebian+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more Jun 17, 2026 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
CVE-2019-3862 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be ab...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2019-3859 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Jun 17, 2026 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Ser...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2018-20615 4Canonical HaproxyOpensuse+1 more 5Enterprise Linux HaproxyLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra byte...Show more An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.Show less
CVE-2018-19872 3Fedoraproject OpensuseQt 3Fedora LeapQt Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

Previous 1...717273...164 Next