Opensuse - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Opensuse
(Opensuse)

Repositories

• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/krb5/krb5
• https://github.com/torvalds/linux
• https://github.com/file/file
• https://github.com/madler/zlib

• https://github.com/php/php-src
• https://github.com/quassel/quassel
• https://github.com/libarchive/libarchive
• https://github.com/mdadams/jasper
• https://github.com/git/git
• https://github.com/libgd/libgd
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/erikd/libsndfile
• https://github.com/dosfstools/dosfstools
• https://github.com/atheme/atheme
• https://github.com/roundcube/roundcubemail
• git://git.openssl.org/openssl.git
• https://github.com/apache/httpd
• https://github.com/systemd/systemd
• https://github.com/karelzak/util-linux
• https://github.com/mongodb/mongo-python-driver
• https://github.com/ibus/ibus-anthy
• https://github.com/phppgadmin/phppgadmin
• https://github.com/esnet/iperf
• https://github.com/ImageMagick/ImageMagick
• https://github.com/opencontainers/runc
• https://github.com/OpenVPN/openvpn
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mysql/mysql-server
• https://github.com/puppetlabs/puppet
• https://github.com/vadz/libtiff
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/fragglet/lhasa
• https://github.com/ocaml/ocaml
• https://github.com/stedolan/jq
• https://github.com/Matroska-Org/libmatroska
• https://github.com/ipython/ipython
• https://github.com/kerolasa/lelux-utiliteetit
• https://github.com/weidai11/cryptopp
• https://github.com/khaledhosny/ots
• https://github.com/jmacd/xdelta-devel
• https://github.com/libguestfs/hivex
• https://github.com/miniupnp/miniupnp
• https://github.com/python-pillow/Pillow
• https://github.com/django/django
• https://github.com/drk1wi/portspoof
• https://github.com/bagder/curl
• https://github.com/audreyt/module-signature
• https://github.com/LibRaw/LibRaw

#Vulnerabilities

1420

Date	Id	Summary	Products	Score	Patch	Annotated
2012-06-05	CVE-2012-1798	The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.	Debian_linux, Imagemagick, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Storage	N/A
2012-06-05	CVE-2012-0260	The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.	Ubuntu_linux, Debian_linux, Imagemagick, Opensuse, Enterprise_linux_aus, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Storage	N/A
2012-06-05	CVE-2012-0259	The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.	Ubuntu_linux, Debian_linux, Imagemagick, Opensuse	N/A
2010-12-07	CVE-2010-4494	Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.	Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2	N/A
2010-10-21	CVE-2010-4042	Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."	Chrome, Opensuse	N/A
2010-10-21	CVE-2010-4040	Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.	Debian_linux, Chrome, Opensuse	N/A
2016-07-05	CVE-2016-4957	ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.	Suse_manager, Ntp, Leap, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Manager_proxy, Openstack_cloud	N/A
2010-11-17	CVE-2010-4008	libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.	Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2	N/A
2016-06-03	CVE-2016-4804	The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.	Ubuntu_linux, Dosfstools, Leap, Opensuse	6.2
2016-06-03	CVE-2015-8872	The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."	Ubuntu_linux, Dosfstools, Leap, Opensuse	6.2