Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-14491 12Arista ArubanetworksCanonical+9 more 21Arubaos Debian LinuxDiskstation Manager+18 more May 13, 2026 Oct 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVE-2017-14493 5Canonical DebianOpensuse+2 more 7Debian Linux DnsmasqEnterprise Linux Desktop+4 more May 13, 2026 Oct 3, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
CVE-2015-3138 3Opensuse Opensuse ProjectTcpdump 3Leap LeapTcpdump May 13, 2026 Sep 28, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
CVE-2016-5759 2Novell Opensuse 3Leap Suse Linux Enterprise DesktopSuse Linux Enterprise Server May 13, 2026 Sep 8, 2017 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
CVE-2017-6594 2Heimdal Project Opensuse 2Heimdal Leap May 13, 2026 Aug 28, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
CVE-2014-4616 4Opensuse Opensuse ProjectPython+1 more 4Opensuse OpensusePython+1 more May 13, 2026 Aug 24, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the...Show more Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.Show less
CVE-2015-3405 7Debian FedoraprojectNtp+4 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux For Ibm Z Systems+10 more May 13, 2026 Aug 9, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and...Show more ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.Show less
CVE-2014-3462 2Encfs Project Opensuse 3Encfs LeapOpensuse May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes".
CVE-2015-5203 4Fedoraproject Jasper ProjectOpensuse+1 more 5Fedora JasperLeap+2 more May 13, 2026 Aug 2, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
CVE-2015-5221 4Fedoraproject Jasper ProjectOpensuse+1 more 5Fedora JasperLeap+2 more May 13, 2026 Jul 25, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000...Show more Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.Show less
CVE-2015-5300 7Canonical DebianFedoraproject+4 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+17 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time wh...Show more The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).Show less
CVE-2015-5219 10Canonical DebianFedoraproject+7 more 18Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+15 more May 13, 2026 Jul 21, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a craft...Show more The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.Show less
CVE-2017-9814 2Cairographics Opensuse 2Cairo Leap May 13, 2026 Jul 17, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
CVE-2017-8932 4Fedoraproject GolangNovell+1 more 4Fedora GoLeap+1 more May 13, 2026 Jul 6, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive att...Show more A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries.Show less
CVE-2014-8127 2Libtiff Opensuse 2Libtiff Opensuse May 13, 2026 Jun 26, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig fu...Show more LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.Show less
CVE-2017-1000366 8Debian GnuMcafee+5 more 20Cloud Magnum Orchestration Debian LinuxEnterprise Linux+17 more May 13, 2026 Jun 19, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hard...Show more glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.Show less
CVE-2017-8871 2Gnome Opensuse 2Leap Libcroco May 13, 2026 Jun 12, 2017 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
CVE-2017-8834 2Gnome Opensuse 2Leap Libcroco May 13, 2026 Jun 12, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
CVE-2016-9961 5Fedoraproject Game Music Emu ProjectNovell+2 more 7Fedora Game Music EmuLeap+4 more May 13, 2026 Jun 6, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 game-music-emu before 0.6.1 mishandles unspecified integer values.
CVE-2016-9960 5Fedoraproject Game Music Emu ProjectNovell+2 more 7Fedora Game Music EmuLeap+4 more May 13, 2026 Jun 6, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

Previous 1...848586...164 Next