Vulnerabilities (CVE)

Vendor filter

Opensuse Project Subscribe

Filter

157 total CVE
CVE Vendors Products Updated CVSS
CVE-2014-0081 4 Opensuse Project, Rubyonrails, Redhat and 1 more 6 Enterprise Linux, Ruby On Rails, Opensuse and 3 more 2019-08-08 4.3
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or...
CVE-2017-1000366 9 Gnu, Redhat, Suse and 6 more 24 Glibc, Enterprise Linux, Linux Enterprise Server For Raspberry Pi and 21 more 2019-04-26 7.2
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been...
CVE-2016-7447 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-15 7.5
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2016-7446 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-15 7.5
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
CVE-2016-5241 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 4.3
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-8866 3 Imagemagick, Opensuse Project, Opensuse 5 Imagemagick, Leap, Opensuse and 2 more 2019-04-12 6.8
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists...
CVE-2016-7449 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 5.0
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVE-2016-7800 5 Debian, Graphicsmagick, Novell and 2 more 6 Debian Linux, Graphicsmagick, Leap and 3 more 2019-04-12 5.0
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
CVE-2016-7448 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 7.8
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
CVE-2016-9843 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2015-1819 9 Apple, Oracle, Canonical and 6 more 14 Ubuntu Linux, Linux, Debian Linux and 11 more 2019-03-14 5.0
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
CVE-2016-10051 3 Imagemagick, Opensuse Project, Opensuse 3 Imagemagick, Leap, Leap 2019-03-12 6.8
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10050 3 Imagemagick, Opensuse Project, Opensuse 3 Imagemagick, Leap, Leap 2019-03-12 6.8
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2014-3004 3 Castor Project, Opensuse Project, Opensuse 3 Opensuse, Castor, Opensuse 2019-02-11 4.3
The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.
CVE-2014-9114 5 Util-linux Project, Fedoraproject, Opensuse Project and 2 more 5 Fedora, Opensuse, Util-linux and 2 more 2019-01-04 7.2
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
CVE-2016-9105 3 Qemu, Opensuse Project, Opensuse 3 Leap, Qemu, Leap 2018-12-01 2.1
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
CVE-2016-9101 3 Qemu, Opensuse Project, Opensuse 3 Leap, Qemu, Leap 2018-12-01 2.1
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.