Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse opensuse 11.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12900
BZ2_decompress in decompress.c in bzip2 up to and including 1.0.6 has an out-of-bounds write when there are many selectors.
Bzip Bzip2
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd 11.3
Python Python
1 Github repository
5.9
CVSSv3
CVE-2019-9494
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Synology Radius Server 3.0
Synology Router Manager
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
1 Article
3.7
CVSSv3
CVE-2019-9495
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary f...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Radius Server 3.0
Synology Router Manager
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
8.1
CVSSv3
CVE-2019-9498
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete au...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Router Manager 1.2
Synology Radius Server 3.0
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd
8.1
CVSSv3
CVE-2019-9499
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of th...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Router Manager 1.2
Synology Radius Server 3.0
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd
5.9
CVSSv3
CVE-2015-2774
Erlang/OTP prior to 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Erlang Erlang\\/otp
Oracle Solaris 11.2
Opensuse Opensuse 13.2
NA
CVE-2015-2316
The utils.html.strip_tags function in Django 1.6.x prior to 1.6.11, 1.7.x prior to 1.7.7, and 1.8.x prior to 1.8c1, when using certain versions of Python, allows remote malicious users to cause a denial of service (infinite loop) by increasing the length of the input string.
Oracle Solaris 11.2
Djangoproject Django 1.6.10
Djangoproject Django 1.6.2
Djangoproject Django 1.6.1
Djangoproject Django 1.7
Djangoproject Django 1.7.3
Djangoproject Django 1.7.4
Djangoproject Django 1.6.4
Djangoproject Django 1.6.3
Djangoproject Django 1.6
Djangoproject Django 1.7.1
Djangoproject Django 1.7.2
Djangoproject Django 1.6.7
Djangoproject Django 1.6.6
Djangoproject Django 1.6.5
Djangoproject Django 1.6.9
Djangoproject Django 1.6.8
Djangoproject Django 1.7.5
Djangoproject Django 1.7.6
Djangoproject Django 1.8.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
NA
CVE-2015-2317
The utils.http.is_safe_url function in Django prior to 1.4.20, 1.5.x, 1.6.x prior to 1.6.11, 1.7.x prior to 1.7.7, and 1.8.x prior to 1.8c1 does not properly validate URLs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a control character i...
Opensuse Opensuse 13.2
Fedoraproject Fedora 22
Debian Debian Linux 7.0
Djangoproject Django 1.5.1
Djangoproject Django 1.5.2
Djangoproject Django 1.5.10
Djangoproject Django 1.5.11
Djangoproject Django 1.6.1
Djangoproject Django 1.6.10
Djangoproject Django 1.6.8
Djangoproject Django 1.6.9
Djangoproject Django 1.7.1
Djangoproject Django 1.7.2
Djangoproject Django 1.5
Djangoproject Django 1.5.7
Djangoproject Django 1.5.8
Djangoproject Django 1.5.9
Djangoproject Django 1.6
Djangoproject Django 1.6.6
Djangoproject Django 1.6.7
Djangoproject Django 1.7
Djangoproject Django 1.8.0
NA
CVE-2015-2190
epan/proto.c in Wireshark 1.12.x prior to 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote malicious users to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by ...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.3
Oracle Solaris 11.2
NA
CVE-2014-9657
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType prior to 2.5.4 does not establish a minimum record size, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Oracle Solaris 10.0
Oracle Solaris 11.2
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Freetype Freetype
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »