Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse project vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2019-10152
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator trie...
Libpod Project Libpod
Opensuse Leap 15.1
383
VMScore
CVE-2016-10069
coders/mat.c in ImageMagick prior to 6.9.4-5 allows remote malicious users to cause a denial of service (application crash) via a mat file with an invalid number of frames.
Imagemagick Imagemagick
Opensuse Project Leap 42.1
383
VMScore
CVE-2019-16779
In RubyGem excon prior to 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. ...
Excon Project Excon
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
383
VMScore
CVE-2019-14275
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.
Xfig Project Fig2dev 3.2.7
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
383
VMScore
CVE-2016-8568
The git_commit_message function in oid.c in libgit2 prior to 0.24.3 allows remote malicious users to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Suse Linux Enterprise 12.0
Opensuse Leap 42.2
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Libgit2 Project Libgit2
383
VMScore
CVE-2016-8569
The git_oid_nfmt function in commit.c in libgit2 prior to 0.24.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
Libgit2 Project Libgit2
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Suse Linux Enterprise 12.0
Opensuse Leap 42.2
Opensuse Leap 42.1
Opensuse Opensuse 13.2
187
VMScore
CVE-2014-0979
The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter prior to 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) ...
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.3
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.2
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.6
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.6.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.5
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.4
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.5.0
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.3.1
Lightdm Gtk\\+ Greeter Project Lightdm Gtk\\+ Greeter 1.1.1
516
VMScore
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
445
VMScore
CVE-2016-1254
Tor prior to 0.2.8.12 might allow remote malicious users to cause a denial of service (client crash) via a crafted hidden service descriptor.
Torproject Tor
Opensuse Project Leap 42.1
Debian Debian Linux 8.0
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Debian Debian Linux 9.0
Opensuse Leap 42.2
Opensuse Opensuse 13.2
890
VMScore
CVE-2019-11627
gpg-key2ps in signing-party 1.1.x and 2.x prior to 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.
Signing-party Project Signing-party
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 42.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »