Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-8386 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraGit Shell+2 more May 13, 2026 Jun 1, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote...Show more git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.Show less
CVE-2016-9843 10Apple CanonicalDebian+7 more 24Active Iq Unified Manager Database ServerDebian Linux+21 more May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 8Apple CanonicalDebian+5 more 19Database Server Debian LinuxEnterprise Linux Desktop+16 more May 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 9Apple CanonicalDebian+6 more 39Active Iq Unified Manager Cloud BackupDatabase Server+36 more May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 9Apple BoostCanonical+6 more 20Boost Database ServerDebian Linux+17 more May 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-5178 5Debian FedoraprojectGoogle+2 more 7Chrome Debian LinuxEnterprise Linux Server Supplementary+4 more May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-5177 5Debian FedoraprojectGoogle+2 more 7Chrome Debian LinuxEnterprise Linux Server Supplementary+4 more May 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-2347 3Debian Lhasa ProjectOpensuse 4Debian Linux LeapLhasa+1 more May 13, 2026 Apr 21, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
CVE-2015-8567 6Canonical DebianFedoraproject+3 more 10Debian Linux FedoraLeap+7 more May 13, 2026 Apr 13, 2017 N/A· v4 7.7 HIGH· v3 6.8 MEDIUM· v2 Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2016-4068 2Opensuse Roundcube 4Leap OpensuseRoundcube Webmail+1 more May 13, 2026 Apr 13, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-...Show more Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.Show less
CVE-2015-8864 2Opensuse Roundcube 4Leap OpensuseRoundcube Webmail+1 more May 13, 2026 Apr 13, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-...Show more Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.Show less
CVE-2016-9959 4Game Music Emu Project OpensuseOpensuse Project+1 more 9Game Music Emu LeapLeap+6 more May 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVE-2016-9958 4Game Music Emu Project OpensuseOpensuse Project+1 more 9Game Music Emu LeapLeap+6 more May 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVE-2016-9957 4Game Music Emu Project OpensuseOpensuse Project+1 more 9Game Music Emu LeapLeap+6 more May 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in game-music-emu before 0.6.1.
CVE-2014-9114 3Fedoraproject KernelOpensuse 3Fedora OpensuseUtil Linux May 13, 2026 Mar 31, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
CVE-2017-6542 3Opensuse Opensuse ProjectPutty 3Leap LeapPutty May 13, 2026 Mar 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain s...Show more The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.Show less
CVE-2015-8010 3Icinga OpensuseOpensuse Project 3Icinga LeapLeap May 13, 2026 Mar 27, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-...Show more Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.Show less
CVE-2017-5337 2Gnu Opensuse 2Gnutls Leap May 13, 2026 Mar 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
CVE-2017-5336 2Gnu Opensuse 2Gnutls Leap May 13, 2026 Mar 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
CVE-2017-5335 2Gnu Opensuse 2Gnutls Leap May 13, 2026 Mar 24, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certifica...Show more The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.Show less

Previous 1...858687...164 Next