Total
1402 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-4675 | 4 Ibm, Linux, Microsoft and 1 more | 6 Aix, Infosphere Master Data Management Server, Linux On Zseries and 3 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186324. | |||||
CVE-2020-8015 | 2 Exim, Opensuse | 2 Exim, Opensuse | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. | |||||
CVE-2015-5333 | 2 Openbsd, Opensuse | 2 Libressl, Opensuse | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates. | |||||
CVE-2014-2387 | 3 Debian, Opensuse, Pen Project | 3 Debian Linux, Opensuse, Pen | 2024-02-04 | 4.6 MEDIUM | 4.4 MEDIUM |
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | |||||
CVE-2014-2030 | 3 Canonical, Imagemagick, Opensuse | 3 Ubuntu Linux, Imagemagick, Opensuse | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. | |||||
CVE-2011-1145 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Enterprise Linux and 1 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. | |||||
CVE-2012-6655 | 4 Accountsservice Project, Debian, Opensuse and 1 more | 4 Accountsservice, Debian Linux, Opensuse and 1 more | 2024-02-04 | 2.1 LOW | 3.3 LOW |
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. | |||||
CVE-2014-1958 | 3 Canonical, Imagemagick, Opensuse | 3 Ubuntu Linux, Imagemagick, Opensuse | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | |||||
CVE-2016-1000104 | 2 Apache, Opensuse | 3 Mod Fcgid, Leap, Opensuse | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. | |||||
CVE-2014-8178 | 2 Docker, Opensuse | 3 Cs Engine, Docker, Opensuse | 2024-02-04 | 1.9 LOW | 5.5 MEDIUM |
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands. | |||||
CVE-2006-7246 | 3 Gnome, Opensuse, Suse | 4 Networkmanager, Opensuse, Linux Enterprise Desktop and 1 more | 2024-02-04 | 3.2 LOW | 6.8 MEDIUM |
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. | |||||
CVE-2013-2637 | 2 Opensuse, Otrs | 3 Opensuse, Faq, Otrs Itsm | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2017-5333 | 5 Canonical, Debian, Icoutils Project and 2 more | 11 Ubuntu Linux, Debian Linux, Icoutils and 8 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. | |||||
CVE-2011-1488 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-02-04 | 1.9 LOW | 5.5 MEDIUM |
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time. | |||||
CVE-2011-1490 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset | |||||
CVE-2017-5331 | 4 Canonical, Debian, Icoutils Project and 1 more | 5 Ubuntu Linux, Debian Linux, Icoutils and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. | |||||
CVE-2010-4661 | 5 Debian, Fedoraproject, Opensuse and 2 more | 5 Debian Linux, Fedora, Opensuse and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | |||||
CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
evince is missing a check on number of pages which can lead to a segmentation fault | |||||
CVE-2011-1588 | 3 Debian, Opensuse, Xfce | 3 Debian Linux, Opensuse, Thunar | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. | |||||
CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. |