Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-10937
IMAPFilter up to and including 2.6.12 does not validate the hostname in an SSL certificate.
Imapfilter Project Imapfilter
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
4.3
CVSSv2
CVE-2019-15143
In DjVuLibre 3.5.27, the bitmap reader component allows malicious users to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
Djvulibre Project Djvulibre 3.5.27
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-15144
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows malicious users to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.
Djvulibre Project Djvulibre 3.5.27
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-15145
DjVuLibre 3.5.27 allows malicious users to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check...
Djvulibre Project Djvulibre 3.5.27
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-15142
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows malicious users to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
Djvulibre Project Djvulibre 3.5.27
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
6.8
CVSSv2
CVE-2019-10181
It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.
Icedtea-web Project Icedtea-web
Icedtea-web Project Icedtea-web 1.8.2
Debian Debian Linux 8.0
Opensuse Leap 15.0
1 Github repository
6.4
CVSSv2
CVE-2019-10185
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, ...
Icedtea-web Project Icedtea-web
Icedtea-web Project Icedtea-web 1.8.2
Debian Debian Linux 8.0
Opensuse Leap 15.0
1 Github repository
2.6
CVSSv2
CVE-2019-10152
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator trie...
Libpod Project Libpod
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-14274
MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.
Mcpp Project Mcpp 2.7.2
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
4.3
CVSSv2
CVE-2019-14275
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.
Xfig Project Fig2dev 3.2.7
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »