Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-13099 4Canonical DebianLinux+1 more 4Debian Linux LeapLinux Kernel+1 more Nov 21, 2024 Jul 3, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an i...Show more An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.Show less
CVE-2018-13096 4Canonical DebianLinux+1 more 4Debian Linux LeapLinux Kernel+1 more Nov 21, 2024 Jul 3, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs imag...Show more An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.Show less
CVE-2011-4183 1Opensuse 1Open Build Service Nov 21, 2024 Jun 13, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.
CVE-2011-4182 1Opensuse 1Sysconfig Nov 21, 2024 Jun 12, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. Affected releases are sysconfig prior to 0.83.7-2.1.
CVE-2011-4181 1Opensuse 1Open Build Service Nov 21, 2024 Jun 11, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2....Show more A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.Show less
CVE-2018-10360 3Canonical File ProjectOpensuse 3File LeapUbuntu Linux Nov 21, 2024 Jun 11, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
CVE-2018-12085 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 Jun 9, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
CVE-2014-5220 2Mdadm Project Opensuse 2Mdadm Opensuse Nov 21, 2024 Jun 8, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root.
CVE-2014-0594 1Opensuse 1Open Build Service Nov 21, 2024 Jun 8, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.
CVE-2014-0593 1Opensuse 1Open Build Service Nov 21, 2024 Jun 8, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user,...Show more The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.Show less
CVE-2013-3703 1Opensuse 1Open Build Service Nov 21, 2024 Jun 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data.
CVE-2018-7689 1Opensuse 1Open Build Service Jun 17, 2026 Jun 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.
CVE-2018-7688 1Opensuse 1Open Build Service Jun 17, 2026 Jun 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.
CVE-2018-11685 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 Jun 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
CVE-2018-11684 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 Jun 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
CVE-2018-11683 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 Jun 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
CVE-2018-11577 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 May 31, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
CVE-2018-11440 3Canonical LiblouisOpensuse 3Leap LiblouisUbuntu Linux Nov 21, 2024 May 25, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
CVE-2018-1125 4Canonical DebianOpensuse+1 more 4Debian Linux LeapProcps Ng+1 more Dec 17, 2025 May 23, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as...Show more procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.Show less
CVE-2018-1124 6Canonical DebianOpensuse+3 more 9Debian Linux Enterprise LinuxEnterprise Linux Desktop+6 more Nov 21, 2024 May 23, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs b...Show more procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.Show less

Previous 1...818283...164 Next