Product:

Opensuse

(Opensuse)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/torvalds/linux
https://github.com/madler/zlib
https://github.com/quassel/quassel
https://github.com/erikd/libsndfile
https://github.com/dosfstools/dosfstools
https://github.com/mdadams/jasper
https://github.com/atheme/atheme
https://github.com/roundcube/roundcubemail
https://github.com/git/git
https://github.com/libarchive/libarchive
https://github.com/SpiderLabs/ModSecurity
https://github.com/apache/httpd
• git://git.openssl.org/openssl.git
https://github.com/OpenVPN/openvpn
https://github.com/FreeRDP/FreeRDP
https://github.com/esnet/iperf
https://github.com/krb5/krb5
https://github.com/mysql/mysql-server
https://github.com/puppetlabs/puppet
https://github.com/ImageMagick/ImageMagick
https://github.com/libgd/libgd
https://github.com/vadz/libtiff
https://github.com/libimobiledevice/libimobiledevice
https://github.com/opencontainers/runc
https://github.com/fragglet/lhasa
https://github.com/ocaml/ocaml
https://github.com/stedolan/jq
https://github.com/systemd/systemd
https://github.com/Matroska-Org/libmatroska
https://github.com/ipython/ipython
https://github.com/kerolasa/lelux-utiliteetit
https://github.com/weidai11/cryptopp
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/libguestfs/hivex
https://github.com/karelzak/util-linux
https://github.com/php/php-src
https://github.com/miniupnp/miniupnp
https://github.com/python-pillow/Pillow
https://github.com/django/django
https://github.com/drk1wi/portspoof
https://github.com/ibus/ibus-anthy
https://github.com/bagder/curl
https://github.com/audreyt/module-signature
https://github.com/mongodb/mongo-python-driver
https://github.com/LibRaw/LibRaw
https://github.com/phppgadmin/phppgadmin
#Vulnerabilities 1232
Date Id Summary Products Score Patch Annotated
2014-11-04 CVE-2013-4540 Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image. Opensuse, Qemu N/A
2016-06-10 CVE-2016-3706 Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. Glibc, Opensuse 7.5
2015-03-08 CVE-2015-0228 The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. Http_server, Mac_os_x, Mac_os_x_server, Ubuntu_linux, Opensuse N/A
2014-02-06 CVE-2014-1483 Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions. Ubuntu_linux, Firefox, Seamonkey, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Suse_linux_enterprise_software_development_kit N/A
2013-02-08 CVE-2013-0170 Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue. Ubuntu_linux, Fedora, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Libvirt, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2017-03-03 CVE-2016-7969 The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." Fedora, Libass, Leap, Opensuse 7.5
2014-01-18 CVE-2013-6425 Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Ubuntu_linux, Debian_linux, Opensuse, Pixman, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation N/A
2009-09-08 CVE-2009-3095 The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. Http_server, Mac_os_x, Debian_linux, Fedora, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server N/A
2016-04-08 CVE-2016-2381 Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. Ubuntu_linux, Debian_linux, Opensuse, Communications_billing_and_revenue_management, Configuration_manager, Database_server, Enterprise_manager_base_platform, Solaris, Timesten_in\-Memory_database, Perl N/A
2017-04-13 CVE-2015-8567 Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). Ubuntu_linux, Debian_linux, Fedora, Leap, Opensuse, Qemu, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A