Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv2
CVE-2011-0461
/etc/init.d/boot.localfs in the aaa_base package prior to 11.2-43.48.1 in SUSE openSUSE 11.2, and prior to 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
6.9
CVSSv2
CVE-2011-0468
The aaa_base package prior to 11.3-8.9.1 in SUSE openSUSE 11.3, and prior to 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
3.3
CVSSv2
CVE-2007-5200
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
Opensuse Opensuse 10.3
Opensuse Opensuse 10.2
7.2
CVSSv2
CVE-2009-0310
Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 up to and including 11.0 has unknown impact and attack vectors related to "incoming data and authentication-strings."
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
5
CVSSv2
CVE-2012-4528
The mod_security2 module prior to 2.7.0 for the Apache HTTP Server allows remote malicious users to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
Trustwave Modsecurity
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Fedoraproject Fedora 18
1 EDB exploit
4.3
CVSSv2
CVE-2013-4389
Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x prior to 3.2.15 allow remote malicious users to cause a denial of service via a crafted e-mail address that is improperly handled during constru...
Rubyonrails Rails
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Debian Debian Linux 7.0
5
CVSSv2
CVE-2015-8792
The KaxInternalBlock::ReadData function in libMatroska prior to 1.4.4 allows context-dependent malicious users to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
Matroska Libmatroska
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
6.5
CVSSv2
CVE-2016-2313
auth_login.php in Cacti prior to 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
Cacti Cacti
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
10
CVSSv2
CVE-2016-1946
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox prior to 44.0 does not limit the size of read operations, which might allow remote malicious users to cause a denial of service (integer overflow and buffer overflow) or possibly have...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Mozilla Firefox
10
CVSSv2
CVE-2016-1931
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 44.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encounter...
Mozilla Firefox
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »