Filtered by vendor Opensuse
Subscriptions
Filtered by product Opensuse
Subscriptions
Total
1435 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-0468 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion. | ||||
CVE-2012-0427 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name. | ||||
CVE-2011-0461 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab. | ||||
CVE-2010-3087 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2018-10-30 | N/A |
LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image. | ||||
CVE-2011-0460 | 2 Kbd-project, Opensuse | 2 Kbd, Opensuse | 2018-10-30 | N/A |
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map. | ||||
CVE-2009-1297 | 2 Novell, Opensuse | 2 Suse Linux, Opensuse | 2018-10-30 | N/A |
iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name. | ||||
CVE-2009-0310 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through 11.0 has unknown impact and attack vectors related to "incoming data and authentication-strings." | ||||
CVE-2007-5200 | 1 Opensuse | 1 Opensuse | 2018-10-30 | N/A |
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | ||||
CVE-2007-5197 | 4 Debian, Mono, Opensuse and 1 more | 6 Debian Linux, Mono, Opensuse and 3 more | 2018-10-30 | N/A |
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | ||||
CVE-2016-5314 | 4 Debian, Libtiff, Opensuse and 1 more | 5 Debian Linux, Libtiff, Leap and 2 more | 2018-04-05 | N/A |
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. | ||||
CVE-2009-0848 | 1 Opensuse | 1 Opensuse | 2017-08-17 | N/A |
Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to execute arbitrary code via a Trojan horse GTK module in an unspecified "relative search path." | ||||
CVE-2010-4226 | 2 Gnu, Opensuse | 2 Cpio, Opensuse | 2014-02-07 | N/A |
cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. | ||||
CVE-2008-2025 | 3 Apache, Novell, Opensuse | 3 Struts, Suse Linux, Opensuse | 2009-04-18 | N/A |
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." | ||||
CVE-2008-2389 | 1 Opensuse | 1 Opensuse | 2008-09-11 | N/A |
opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack. | ||||
CVE-2008-2388 | 1 Opensuse | 1 Opensuse | 2008-09-11 | N/A |
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem." |