Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 42.3 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2019-11007
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows malicious users to cause a denial of service or information disclosure via an image colormap.
Graphicsmagick Graphicsmagick
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
8.8
CVSSv3
CVE-2019-11008
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file...
Graphicsmagick Graphicsmagick
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
8.1
CVSSv3
CVE-2019-11009
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows malicious users to cause a denial of service or information disclosure via a crafted image file.
Graphicsmagick Graphicsmagick
Opensuse Leap 42.3
Opensuse Leap 15.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2019-1787
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability ...
Clamav Clamav
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
9.8
CVSSv3
CVE-2019-11005
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font fam...
Graphicsmagick Graphicsmagick
Opensuse Leap 42.3
Opensuse Leap 15.0
6.5
CVSSv3
CVE-2019-11010
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows malicious users to cause a denial of service via a crafted image file.
Graphicsmagick Graphicsmagick
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 42.3
8.6
CVSSv3
CVE-2019-10906
In Pallets Jinja prior to 2.10.1, str.format_map allows a sandbox escape.
Palletsprojects Jinja
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Software Collections 1.0
Opensuse Leap 42.3
Opensuse Leap 15.0
2 Github repositories
5.4
CVSSv3
CVE-2019-3886
An incorrect permissions check exists in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.
Redhat Libvirt
Opensuse Leap 42.3
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.1
CVSSv3
CVE-2018-20506
SQLite prior to 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote malicious users to execute arbitra...
Sqlite Sqlite
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Apple Icloud
Apple Itunes
Opensuse Leap 42.3
7.5
CVSSv3
CVE-2019-5739
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and previous versions. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and previous versions is a pote...
Nodejs Node.js
Opensuse Leap 42.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »