Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-19536 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.
CVE-2019-19535 4Debian LinuxOpensuse+1 more 4Debian Linux LeapLinux Kernel+1 more Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.
CVE-2019-19531 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
CVE-2019-19530 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
CVE-2019-19527 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
CVE-2019-19526 3Canonical LinuxOpensuse 3Leap Linux KernelUbuntu Linux Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
CVE-2019-19525 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
CVE-2019-19523 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Dec 3, 2019 N/A· v4 4.6 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
CVE-2019-19462 5Canonical DebianLinux+2 more 9Active Iq Unified Manager Debian LinuxHci Compute Node+6 more Nov 21, 2024 Nov 30, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
CVE-2019-19451 3Fedoraproject GnomeOpensuse 3Dia FedoraLeap Nov 21, 2024 Nov 29, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thum...Show more When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.Show less
CVE-2019-14895 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Nov 29, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the...Show more A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.Show less
CVE-2019-19318 5Canonical DebianLinux+2 more 14Active Iq Unified Manager Aff A400 FirmwareAff A700s Firmware+11 more Nov 21, 2024 Nov 28, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already f...Show more In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,Show less
CVE-2019-19319 3Linux OpensuseRedhat 3Enterprise Linux LeapLinux Kernel Nov 21, 2024 Nov 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.4 MEDIUM· v2 In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large o...Show more In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.Show less
CVE-2019-18660 5Canonical FedoraprojectLinux+2 more 5Enterprise Linux FedoraLeap+2 more Nov 21, 2024 Nov 27, 2019 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and...Show more The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.Show less
CVE-2013-2625 3Debian OpensuseOtrs 5Debian Linux FaqOpensuse+2 more Nov 21, 2024 Nov 27, 2019 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not ver...Show more An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verifiedShow less
CVE-2012-6655 4Accountsservice Project DebianOpensuse+1 more 4Accountsservice Debian LinuxEnterprise Linux+1 more Nov 21, 2024 Nov 27, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
CVE-2019-16255 4Debian OpensuseOracle+1 more 4Debian Linux GraalvmLeap+1 more Nov 21, 2024 Nov 26, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can explo...Show more Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.Show less
CVE-2019-12526 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Nov 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that th...Show more An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.Show less
CVE-2019-12523 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Nov 26, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes a...Show more An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.Show less
CVE-2019-14856 2Opensuse Redhat 4Ansible Backports SleLeap+1 more Nov 21, 2024 Nov 26, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None

Previous 1...454647...164 Next