← Back

Opensuse

opensuse

3,271 CVEs • 50 products

Products (50)

Click to collapse
Toggle
Leap
leap
1,898 CVEs
Opensuse
opensuse
1,454 CVEs
Backports Sle
backports_sle
326 CVEs
Backports
backports
97 CVEs
Evergreen
evergreen
43 CVEs
Open Build Service
open_build_service
22 CVEs
Libsolv
libsolv
13 CVEs
Factory
factory
10 CVEs
Supportutils
supportutils
6 CVEs
Libzypp
libzypp
5 CVEs
Tumbleweed
tumbleweed
4 CVEs
Zypper
zypper
3 CVEs
Openldap2
openldap2
3 CVEs
Osc
osc
2 CVEs
Suse Linux Enterprise Server
suse_linux_enterprise_server
2 CVEs
Cryptctl
cryptctl
2 CVEs
Munge
munge
2 CVEs
Wicked
wicked
2 CVEs
Pcp
pcp
2 CVEs
Texlive Filesystem
texlive-filesystem
2 CVEs
Rmt Server
rmt-server
2 CVEs
Cscreen
cscreen
2 CVEs
Libeconf
libeconf
2 CVEs
Openstack Cloud
openstack_cloud
1 CVE
Libstorage
libstorage
1 CVE
Libstorage Ng
libstorage-ng
1 CVE
Obs Service Source Validator
obs-service-source_validator
1 CVE
Open Buildservice
open_buildservice
1 CVE
Sysconfig
sysconfig
1 CVE
Tar Scm
tar_scm
1 CVE
Package Hub
package_hub
1 CVE
Yast2 Multipath
yast2-multipath
1 CVE
Yast2 Samba Provision
yast2-samba-provision
1 CVE
Yast2 Printer
yast2-printer
1 CVE
Munin
munin
1 CVE
Suse Package Hub
suse_package_hub
1 CVE
Autoyast2
autoyast2
1 CVE
Hylafax+
hylafax+
1 CVE
Tumbleweed Kopano Spamd
tumbleweed_kopano-spamd
1 CVE
Cyrus Sasl
cyrus-sasl
1 CVE
Python Postorius
python-postorius
1 CVE
Inn
inn
1 CVE
Factory Watchman
factory_watchman
1 CVE
Canna
canna
1 CVE
Leap Micro
leap_micro
1 CVE
Travel Support Program
travel_support_program
1 CVE
Libzypp Plugin Appdata
libzypp-plugin-appdata
1 CVE
Paste
paste
1 CVE
Welcome
welcome
1 CVE
Mirrorcache
mirrorcache
1 CVE

CVEs (3,271)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18849
4Canonical
FedoraprojectOpensuse+1 more
4Fedora
LeapQemu+1 more
Nov 21, 2024
Mar 21, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
CVE-2017-16232
3Libtiff
OpensuseSuse
5Leap
LibtiffLinux Enterprise Desktop+2 more
Nov 21, 2024
Mar 21, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to...Show more
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issueShow less
CVE-2018-20106
1Opensuse
1Yast2 Printer
Nov 21, 2024
Mar 15, 2019
N/A· v4
8.1 HIGH· v3
9.3 HIGH· v2
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as...Show more
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.Show less
CVE-2018-17956
1Opensuse
1Yast2 Samba Provision
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.8 HIGH· v3
2.1 LOW· v2
In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list
CVE-2018-17955
1Opensuse
1Yast2 Multipath
Nov 21, 2024
Mar 15, 2019
N/A· v4
5.5 MEDIUM· v3
3.6 LOW· v2
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection
CVE-2018-20177
3Debian
OpensuseRdesktop
4Backports
Debian LinuxLeap+1 more
Nov 21, 2024
Mar 15, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code executi...Show more
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.Show less
CVE-2019-3833
3Fedoraproject
OpensuseOpenwsman Project
3Fedora
LeapOpenwsman
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by se...Show more
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.Show less
CVE-2019-3816
4Fedoraproject
OpensuseOpenwsman Project+1 more
11Enterprise Linux
Enterprise Linux DesktopEnterprise Linux Eus+8 more
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this...Show more
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.Show less
CVE-2019-9779
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
CVE-2019-9778
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
CVE-2019-9777
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
CVE-2019-9776
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
CVE-2019-9775
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
CVE-2019-9774
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
CVE-2019-9773
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
CVE-2019-9772
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
CVE-2019-9771
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
CVE-2019-9770
2Gnu
Opensuse
3Backports Sle
LeapLibredwg
Jun 17, 2026
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CVE-2019-9752
2Opensuse
Otrs
3Backports Sle
LeapOtrs
Jun 17, 2026
Mar 13, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted r...Show more
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.Show less
CVE-2019-9675
3Canonical
OpensusePhp
3Leap
PhpUbuntu Linux
Jun 17, 2026
Mar 11, 2019
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used onl...Show more
An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible.Show less