← Back

Opensuse

opensuse

3,271 CVEs • 50 products

Products (50)

Click to collapse
Toggle
Leap
leap
1,898 CVEs
Opensuse
opensuse
1,454 CVEs
Backports Sle
backports_sle
326 CVEs
Backports
backports
97 CVEs
Evergreen
evergreen
43 CVEs
Open Build Service
open_build_service
22 CVEs
Libsolv
libsolv
13 CVEs
Factory
factory
10 CVEs
Supportutils
supportutils
6 CVEs
Libzypp
libzypp
5 CVEs
Tumbleweed
tumbleweed
4 CVEs
Zypper
zypper
3 CVEs
Openldap2
openldap2
3 CVEs
Osc
osc
2 CVEs
Suse Linux Enterprise Server
suse_linux_enterprise_server
2 CVEs
Cryptctl
cryptctl
2 CVEs
Munge
munge
2 CVEs
Wicked
wicked
2 CVEs
Pcp
pcp
2 CVEs
Texlive Filesystem
texlive-filesystem
2 CVEs
Rmt Server
rmt-server
2 CVEs
Cscreen
cscreen
2 CVEs
Libeconf
libeconf
2 CVEs
Openstack Cloud
openstack_cloud
1 CVE
Libstorage
libstorage
1 CVE
Libstorage Ng
libstorage-ng
1 CVE
Obs Service Source Validator
obs-service-source_validator
1 CVE
Open Buildservice
open_buildservice
1 CVE
Sysconfig
sysconfig
1 CVE
Tar Scm
tar_scm
1 CVE
Package Hub
package_hub
1 CVE
Yast2 Multipath
yast2-multipath
1 CVE
Yast2 Samba Provision
yast2-samba-provision
1 CVE
Yast2 Printer
yast2-printer
1 CVE
Munin
munin
1 CVE
Suse Package Hub
suse_package_hub
1 CVE
Autoyast2
autoyast2
1 CVE
Hylafax+
hylafax+
1 CVE
Tumbleweed Kopano Spamd
tumbleweed_kopano-spamd
1 CVE
Cyrus Sasl
cyrus-sasl
1 CVE
Python Postorius
python-postorius
1 CVE
Inn
inn
1 CVE
Factory Watchman
factory_watchman
1 CVE
Canna
canna
1 CVE
Leap Micro
leap_micro
1 CVE
Travel Support Program
travel_support_program
1 CVE
Libzypp Plugin Appdata
libzypp-plugin-appdata
1 CVE
Paste
paste
1 CVE
Welcome
welcome
1 CVE
Mirrorcache
mirrorcache
1 CVE

CVEs (3,271)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-2389
1Opensuse
1Opensuse
Apr 23, 2026
Jun 6, 2008
N/A· v4
N/A· v3
4.9 MEDIUM· v2
opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.
CVE-2008-2388
1Opensuse
1Opensuse
Apr 23, 2026
Jun 6, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."
CVE-2008-1375
6Canonical
DebianFedoraproject+3 more
8Debian Linux
FedoraLinux Enterprise Desktop+5 more
Apr 23, 2026
May 2, 2008
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via...Show more
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.Show less
CVE-2008-1567
4Debian
FedoraprojectOpensuse+1 more
4Debian Linux
FedoraOpensuse+1 more
Apr 23, 2026
Mar 31, 2008
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
CVE-2008-0063
7Apple
CanonicalDebian+4 more
11Debian Linux
FedoraKerberos 5+8 more
Apr 23, 2026
Mar 19, 2008
N/A· v4
7.5 HIGH· v3
4.3 MEDIUM· v2
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "...Show more
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."Show less
CVE-2007-6427
7Apple
CanonicalDebian+4 more
11Debian Linux
FedoraLinux+8 more
Apr 23, 2026
Jan 18, 2008
N/A· v4
N/A· v3
9.3 HIGH· v2
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerabili...Show more
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.Show less
CVE-2007-5000
6Apache
CanonicalFedoraproject+3 more
7Fedora
Http ServerHttp Server+4 more
Apr 23, 2026
Dec 13, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 a...Show more
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2007-6206
6Canonical
DebianLinux+3 more
12Debian Linux
Enterprise Linux DesktopEnterprise Linux Eus+9 more
Apr 23, 2026
Dec 4, 2007
N/A· v4
N/A· v3
2.1 LOW· v2
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in t...Show more
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.Show less
CVE-2007-5729
3Debian
OpensuseQemu
3Debian Linux
OpensuseQemu
Apr 23, 2026
Oct 30, 2007
N/A· v4
N/A· v3
7.2 HIGH· v2
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp...Show more
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.Show less
CVE-2007-5200
1Opensuse
1Opensuse
Apr 23, 2026
Oct 14, 2007
N/A· v4
N/A· v3
3.3 LOW· v2
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
CVE-2007-1320
4Debian
FedoraprojectOpensuse+1 more
5Debian Linux
FedoraFedora Core+2 more
Apr 23, 2026
May 2, 2007
N/A· v4
N/A· v3
7.2 HIGH· v2
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via u...Show more
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.Show less