Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-15605 6Debian FedoraprojectNodejs+3 more 13Debian Linux Enterprise LinuxEnterprise Linux Desktop+10 more Nov 21, 2024 Feb 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
CVE-2019-15604 5Debian NodejsOpensuse+2 more 10Communications Cloud Native Core Network Function Cloud Native Environment Debian LinuxEnterprise Linux+7 more Nov 21, 2024 Feb 7, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
CVE-2020-8608 3Debian Libslirp ProjectOpensuse 3Debian Linux LeapLibslirp Nov 21, 2024 Feb 6, 2020 N/A· v4 5.6 MEDIUM· v3 6.8 MEDIUM· v2 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
CVE-2014-2030 3Canonical ImagemagickOpensuse 3Imagemagick OpensuseUbuntu Linux Nov 21, 2024 Feb 6, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted P...Show more Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.Show less
CVE-2014-1958 3Canonical ImagemagickOpensuse 3Imagemagick OpensuseUbuntu Linux Nov 21, 2024 Feb 6, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulne...Show more Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.Show less
CVE-2020-8649 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Feb 6, 2020 N/A· v4 5.9 MEDIUM· v3 3.6 LOW· v2 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
CVE-2020-8648 6Broadcom CanonicalDebian+3 more 9Active Iq Unified Manager Brocade Fabric Operating System FirmwareCloud Backup+6 more Nov 21, 2024 Feb 6, 2020 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-8647 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Feb 6, 2020 N/A· v4 6.1 MEDIUM· v3 3.6 LOW· v2 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
CVE-2020-7216 1Opensuse 2Leap Wicked Nov 21, 2024 Feb 5, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.
CVE-2020-8632 3Canonical DebianOpensuse 3Cloud Init Debian LinuxLeap Nov 21, 2024 Feb 5, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
CVE-2020-8631 3Canonical DebianOpensuse 3Cloud Init Debian LinuxLeap Nov 21, 2024 Feb 5, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2020-5208 4Debian FedoraprojectIpmitool Project+1 more 4Debian Linux FedoraIpmitool+1 more Nov 21, 2024 Feb 5, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the i...Show more It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.Show less
CVE-2019-12528 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Feb 4, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid process...Show more An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.Show less
CVE-2020-8517 3Canonical OpensuseSquid Cache 3Leap SquidUbuntu Linux Nov 21, 2024 Feb 4, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory a...Show more An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.Show less
CVE-2020-8450 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Feb 4, 2020 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
CVE-2020-8449 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Feb 4, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
CVE-2020-8118 3Nextcloud NovellOpensuse 3Backports Sle Nextcloud ServerSuse Linux Enterprise Server Nov 21, 2024 Feb 4, 2020 N/A· v4 5.0 MEDIUM· v3 4.0 MEDIUM· v2 An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
CVE-2019-15624 3Nextcloud OpensuseSuse 3Backports Nextcloud ServerSuse Linux Enterprise Server Nov 21, 2024 Feb 4, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
CVE-2019-15623 3Nextcloud OpensuseSuse 3Backports Sle Nextcloud ServerPackage Hub Nov 21, 2024 Feb 4, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
CVE-2019-15613 2Nextcloud Opensuse 2Backports Nextcloud Server Nov 21, 2024 Feb 4, 2020 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

Previous 1...373839...164 Next