Filtered by vendor Opensuse
Subscriptions
Filtered by product Opensuse
Subscriptions
Total
1435 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-1927 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Opensuse, Icedtea-web | 2018-10-30 | N/A |
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR." | ||||
CVE-2013-4132 | 2 Kde, Opensuse | 3 Kde-workspace, Kde Sc, Opensuse | 2018-10-30 | N/A |
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. | ||||
CVE-2012-4288 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | N/A |
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. | ||||
CVE-2012-4285 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2018-10-30 | N/A |
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. | ||||
CVE-2011-3377 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Opensuse, Icedtea-web | 2018-10-30 | N/A |
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain. | ||||
CVE-2012-1095 | 1 Opensuse | 2 Opensuse, Osc | 2018-10-30 | N/A |
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. | ||||
CVE-2012-0425 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive information by reading the (1) WIRELESS_WPA_PASSWORD or (2) WIRELESS_CLIENT_KEY_PASSWORD field. | ||||
CVE-2012-4296 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | N/A |
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. | ||||
CVE-2012-4293 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | N/A |
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. | ||||
CVE-2012-4292 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2018-10-30 | N/A |
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
CVE-2011-2198 | 3 Gnome, Opensuse, Oracle | 3 Gnome-terminal, Opensuse, Solaris | 2018-10-30 | N/A |
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@". | ||||
CVE-2012-4291 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2018-10-30 | N/A |
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | ||||
CVE-2012-4290 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2018-10-30 | N/A |
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. | ||||
CVE-2012-4289 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2018-10-30 | N/A |
epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. | ||||
CVE-2012-4049 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2018-10-30 | N/A |
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | ||||
CVE-2013-2112 | 4 Apache, Canonical, Collabnet and 1 more | 4 Subversion, Ubuntu Linux, Subversion and 1 more | 2018-10-30 | N/A |
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. | ||||
CVE-2011-2725 | 3 Canonical, Kde, Opensuse | 4 Ubuntu Linux, Ark, Kde Sc and 1 more | 2018-10-30 | N/A |
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file. | ||||
CVE-2014-0128 | 2 Opensuse, Squid-cache | 2 Opensuse, Squid | 2018-10-30 | N/A |
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. | ||||
CVE-2013-1968 | 4 Apache, Canonical, Collabnet and 1 more | 4 Subversion, Ubuntu Linux, Subversion and 1 more | 2018-10-30 | N/A |
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. | ||||
CVE-2013-2088 | 3 Apache, Collabnet, Opensuse | 3 Subversion, Subversion, Opensuse | 2018-10-30 | N/A |
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename. |