Sun Jul 21 2024 18:33:14 UTC
 A witty saying proves nothing -- Voltaire
Hide Search Description
This result was limited to 500 bugs. See all search results for this query.
ID Product Comp Assignee Status Resolution Summary Changed
903989 openSUSE Distribution Security Sascha.Manns REOP --- lynis permissions needs small changes. 2022-03-04
1042218 openSUSE Distribution Security mls REOP --- VUL-0: CVE-2017-6512: perl-File-Path: rmtree/remove_tree race condition 2022-09-02
1047511 openSUSE Distribution Security alarrosa REOP --- VUL-0: plasma-nm5: Does not pin WPA enterprise certificates 2020-01-16
1047874 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2017-11125: xar: NULL pointer dereference in the xar_get_pathfunction in util.c. 2020-08-19
1047875 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2017-11124: xar: NULL pointer dereference in the xar_unserializefunction in archive.c. 2020-08-19
1073243 openSUSE Distribution Security gnome-bugs REOP --- VUL-0: CVE-2017-17529: abiword: af/util/xp/ut_go_file.cpp does not validate strings before launching the program specified by the BROWSER environment variable 2020-01-16
1080734 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2017-17725: exiv2: In Exiv2 0.26, there is an integer overflow leading to a heap-based bufferover-read in the Exiv2::getULong function in types.cpp. Remote attackers canexploit the vulnerability to cause a denial of service via 2022-11-28
1081113 openSUSE Distribution Security drbeagle REOP --- VUL-0: CVE-2018-7032: mr: webcheckout does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to execute arbitrary code 2020-01-16
1083884 openSUSE Distribution Security security-team NEW --- No firewalld service file for syncthing 2018-03-05
1084385 openSUSE Distribution Security forgotten_ny8t7SHjD_ NEW --- Update swipl to current stable upstream version (7.6.4) 2018-03-07
1085789 openSUSE Distribution Security Greg.Freemyer REOP --- VUL-0: CVE-2018-8754: libevt: The libevt_record_values_read_event() function does not properly check for out-of-bounds values of user SID data size, strings size, or data size. 2020-01-16
1088255 openSUSE Distribution Security security-team REOP --- VUL-1: CVE-2018-9234: gpg2: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 2023-09-28
1090497 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-10289: mupdf: Infinite loop in the fz_skip_space function allowing to cause a denial of service via a crafted pdf file. 2020-01-16
1093475 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2018-11037: exiv2: The Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file. 2022-11-14
1093634 openSUSE Distribution Security p.drouand NEW --- VUL-0: CVE-2018-11210: TinyXML2: heap-based buffer over-read in the XMLDocument::Parsefunction in libtinyxml2.so. 2020-01-16
1094628 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-1000040: mupdf: Improper Initialization of values in the PDF parser 2020-01-16
1094630 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-1000039: mupdf: multiple use after free in the PDF parser 2020-01-16
1094632 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-1000038: mupdf: stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c 2020-01-16
1094633 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-1000037: mupdf: multiple reachable assertions in the PDF parser 2020-01-16
1094634 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-1000036: mupdf: memory leaks in the PDF parser 2020-01-16
1096636 openSUSE Distribution Security security-team NEW --- tripwire looks for the configuration file in /etc instead of /etc/tripwire 2019-01-14
1097783 openSUSE Distribution Security darin REOP --- VUL-0: CVE-2018-12437: LibTomCrypt: a memory-cache side-channel attack on ECDSAsignatures, aka the Return Of the Hidden Number Problem or ROHNP. 2020-01-16
1098344 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-12096: liblnk: heap-based buffer over-read inside the liblnk_data_string_get_utf8_string_size function 2020-01-16
1098345 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-12097: liblnk: heap-based buffer over-read inside the liblnk_location_information_read_data function 2020-01-16
1098346 openSUSE Distribution Security Greg.Freemyer REOP --- VUL-0: CVE-2018-12098: liblnk: heap-based buffer over-read inside the liblnk_data_block_read function 2020-01-16
1098347 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11727: libfsntfs: heap-based buffer over-read inside the libfsntfs_attribute_read_from_mft function 2020-01-16
1098348 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11728: libfsntfs: heap-based buffer over-read inside the libfsntfs_reparse_point_values_read_data function 2020-01-16
1098349 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11729: libfsntfs: heap-based buffer over-read inside the libfsntfs_mft_entry_read_header function 2020-01-16
1098350 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11730: libfsntfs: double-free inside the libfsntfs_security_descriptor_values_free function 2020-01-16
1098351 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11731: libfsntfs: heap-based buffer over-read inside the libfsntfs_mft_entry_read_attributes function 2020-01-16
1098353 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2018-11723: libpff: heap-based buffer over-read inside the libpff_name_to_id_map_entry_read function 2020-01-16
1099249 openSUSE Distribution Security andrej.semen NEW --- VUL-0: CVE-2018-1000527: froxlor: PHP Object Injection vulnerability in Domain name form 2020-01-16
1102154 openSUSE Distribution Security hhetter REOP --- VUL-0: CVE-2018-1999023: wesnoth: Arbitrary code execution/sandbox escape via untrusted lua code 2020-01-16
1102164 openSUSE Distribution Security edogawa IN_P --- VUL-1: CVE-2018-14459: libgig: There is an out-of-bounds write inpData[0] access in the function store16 in helper.h. 2020-01-16
1102165 openSUSE Distribution Security edogawa NEW --- VUL-0: CVE-2018-14458: libgig: There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h. 2020-01-16
1102167 openSUSE Distribution Security edogawa NEW --- VUL-1: CVE-2018-14457: libgig: There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp. 2020-01-16
1102168 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14456: libgig: There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. 2020-01-16
1102169 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14455: libgig: There is an out-of-bounds write inpData[0] access in the function store32 in helper.h. 2020-01-16
1102170 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14454: libgig: An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in thefunction RIFF::Chunk::Read in RIFF.cpp. 2019-07-12
1102172 openSUSE Distribution Security edogawa REOP --- VUL-0: CVE-2018-14453: libgig: There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h. 2020-01-16
1102173 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14452: libgig: There is an out-of-bounds read in the"always assign the sample of the first dimension region of this region" featureof the function gig::Region::UpdateChunks in gig.cpp. 2024-01-03
1102174 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14451: libgig: There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp. 2020-01-16
1102176 openSUSE Distribution Security edogawa REOP --- VUL-1: CVE-2018-14450: libgig: There is an out-of-bounds read in the"update dimension region's chunks" feature of the functiongig::Region::UpdateChunks in gig.cpp. 2020-01-16
1102177 openSUSE Distribution Security edogawa NEW --- VUL-1: CVE-2018-14449: libgig: There is an out of bounds read ingig::File::UpdateChunks in gig.cpp. 2020-01-16
1102338 openSUSE Distribution Security p.drouand REOP --- VUL-0: CVE-2018-1999024: mathjax: XSS in the \unicode{} macro 2020-01-16
1102916 openSUSE Distribution Security security-team REOP --- VUL-1: CVE-2018-14444: libdxfrw: Integer Overflow in dwgCompressor::decompress18 indwgutil.cpp 2020-01-16
1107593 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-16648: mupdf: fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) 2020-01-16
1107595 openSUSE Distribution Security ismail REOP --- VUL-1: CVE-2018-16647: mupdf: pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault infz_write_data in fitz/output.c) 2020-01-16
1108595 openSUSE Distribution Security mpluskal REOP --- VUL-1: CVE-2018-17093: An issue has been discovered in mackyle xar 1.6.1. There is a NULL pointerdereference in xar_get_path in lib/util.c. 2020-01-16
1108596 openSUSE Distribution Security mpluskal REOP --- VUL-1: CVE-2018-17094: xar: An issue has been discovered in mackyle xar 1.6.1. There is a NULL pointerdereference in xar_unserialize in lib/archive.c. 2020-01-16
1109179 openSUSE Distribution Security dmueller NEW --- VUL-1: CVE-2018-17175: python-marshmallow: Information leak due to invalid usage of the schema "only" option 2020-01-16
1110786 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2018-17974: tcpreplay: heap-based buffer over-read was triggered in the function dlt_en10mb_encode() 2020-01-16
1112999 openSUSE Distribution Security security-team NEW --- User Password Not getting Stored in MD5 Hash 2018-11-05
1113670 openSUSE Distribution Security ismail NEW --- VUL-1: CVE-2018-18662: mupdf: out-of-bounds read in fz_run_t3_glyph in fitz/font.c 2020-01-16
1117641 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2018-16477: rubygem-activestorage-5.2: Bypass vulnerability 2023-09-21
1118927 openSUSE Distribution Security mrueckert NEW --- VUL-0: CVE-2018-20005: mxml: use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc. 2020-10-21
1118928 openSUSE Distribution Security mrueckert NEW --- VUL-1: CVE-2018-20004: mxml: stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="rea 2020-10-21
1119786 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-1: CVE-2018-19974: yara: specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c 2021-01-28
1119787 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-1: CVE-2018-19975: yara: compiled rule can read data from any arbitrary address in memory, in libyara/exec.c 2020-01-16
1119788 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-1: CVE-2018-19976: yara: specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c 2020-01-16
1120626 openSUSE Distribution Security mrueckert NEW --- VUL-1: CVE-2018-20593: mxml: stack-based buffer overflow in the scan_file function in mxmldoc.c 2020-10-21
1120627 openSUSE Distribution Security mrueckert NEW --- VUL-1: CVE-2018-20592: mxml: use-after-free in the mxmlAdd function of the mxml-node.c 2021-01-27
1120886 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2018-20553: tcpreplay: heap-based buffer over-read in get_l2len in common/get.c 2020-01-16
1120887 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2018-20552: tcpreplay: heap-based buffer over-read in packet2tree in tree.c 2020-01-16
1121032 openSUSE Distribution Security meissner CONF --- VUL-0: CVE-2015-9275: arc: directory traversal 2020-01-25
1121601 openSUSE Distribution Security forgotten_cAXlJ_FoSf REOP --- VUL-1: CVE-2019-6131: mupdf: svg-run.c has infinite recursion with stack consumption 2020-01-16
1121603 openSUSE Distribution Security forgotten_cAXlJ_FoSf REOP --- VUL-1: CVE-2019-6130: mupdf: SEGV in fitz/document.c file 2020-01-16
1122491 openSUSE Distribution Security meissner CONF --- openSUSE:Leap:15.1:Staging:E/hmaccalc failed 2019-03-27
1123273 openSUSE Distribution Security dmitry REOP --- VUL-1: CVE-2019-6976: vips: vips writes to uninitialized memory locations 2020-01-16
1124198 openSUSE Distribution Security meissner NEW --- ca-certificates-mozilla fail at update 2021-10-21
1124647 openSUSE Distribution Security security-team IN_P --- fwbuilder segfaults when adding new address object from menu 2019-02-15
1124941 openSUSE Distribution Security jengelh IN_P --- VUL-1: CVE-2019-7659: gsoap: denial of service or possibly unspecified other impact if a server application is built with the -DWITH_COOKIES flag 2020-05-23
1125753 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2019-8381: tcpreplay: invalid memory access in do_checksum in checksum.c 2020-01-16
1125754 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2019-8377: tcpreplay: NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c 2020-01-16
1125755 openSUSE Distribution Security mkubecek REOP --- VUL-1: CVE-2019-8376: tcpreplay: NULL pointer dereference in the function get_layer4_v6() located at get.c 2020-01-16
1125798 openSUSE Distribution Security forgotten_GfSLLQGSl_ REOP --- VUL-1: CVE-2019-8354: sox: integer overflow in function lsx_make_lpf in effect_i_dsp.c 2020-01-16
1125801 openSUSE Distribution Security forgotten_GfSLLQGSl_ REOP --- VUL-1: CVE-2019-8355: sox: integer overflow in xmalloc.h 2020-01-16
1125802 openSUSE Distribution Security forgotten_GfSLLQGSl_ REOP --- VUL-1: CVE-2019-8356: sox: stack-based buffer overflow in bitrv2 in fft4g.c 2020-01-16
1125804 openSUSE Distribution Security forgotten_GfSLLQGSl_ REOP --- VUL-1: CVE-2019-8357: sox: null pointer dereference in function lsx_make_lpf in effect_i_dsp.c 2020-01-16
1126226 openSUSE Distribution Security aj NEW --- VUL-0: CVE-2019-8979: koseven: SQL Injection when the order_by() parameter can be controlled 2019-02-23
1126313 openSUSE Distribution Security mstopka NEW --- VUL-1: CVE-2018-1002161: koji: SQL injections have been found in multiple call handlers 2019-02-23
1129854 openSUSE Distribution Security nirmoy.das REOP --- VUL-0: CVE-2019-9834: netdata: HTML injection of malicious code into an imported snapshot 2020-01-16
1131726 openSUSE Distribution Security forgotten_DV81ZEWZkN REOP --- VUL-1: CVE-2019-10873: poppler: null-pointer dereference in function SplashClip:clipAALine in splash/SplashClip.cc 2020-01-16
1131749 openSUSE Distribution Security security-team NEW --- apparmor prevents libvirt to attach-device 2019-04-08
1131883 openSUSE Distribution Security fvogt REOP --- VUL-1: CVE-2019-10734: trojita: attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email 2020-01-16
1132096 openSUSE Distribution Security lkundrak REOP --- VUL-1: CVE-2019-11065: gradle: gradle uses an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used 2020-01-16
1135416 openSUSE Distribution Security alarrosa REOP --- VUL-0: CVE-2019-11840: golang-org-x-crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter 2020-01-15
1135719 openSUSE Distribution Security nick.schrader REOP --- VUL-1: CVE-2019-12212: freeimage: Stack exhaustion due to improper process of a special crafted JXR file 2020-01-16
1135731 openSUSE Distribution Security nick.schrader REOP --- VUL-1: CVE-2019-12213: freeimage: reading a special crafted Tiff file leads to stack exhaustion 2023-10-05
1135736 openSUSE Distribution Security nick.schrader REOP --- VUL-0: CVE-2019-12211: freeimage: heap buffer overflow in Load function of the PluginTIFF.cpp 2023-10-05
1135739 openSUSE Distribution Security nick.schrader REOP --- VUL-1: CVE-2019-12214: freeimage: out-of-bounds access occurs due to mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c 2020-01-16
1135785 openSUSE Distribution Security jengelh REOP --- VUL-0: CVE-2019-12216: SDL_image, SDL2_image: a heap-based buffer overflow found in IMG_LoadPCX_RW in IMG_pcx.c 2020-01-16
1135807 openSUSE Distribution Security jengelh REOP --- VUL-1: CVE-2019-12219: SDL_image, SDL2_image: an invalid free error triggered by SDL2_image in SDL function SDL_SetError_REAL at SDL_error.c 2020-01-16
1138570 openSUSE Distribution Security forgotten_cAXlJ_FoSf REOP --- VUL-0: CVE-2019-7321: mupdf: heap overflow vulnerability that allows an attacker to execute arbitrary code 2021-01-28
1140462 openSUSE Distribution Security forgotten_cAXlJ_FoSf NEW --- VUL-0: CVE-2019-13290: mupdf: heap-based buffer overflow in fz_append_display_node allows remote arbitrary code execution via a crafted PDF file 2020-01-16
1142303 openSUSE Distribution Security dmitry NEW --- VUL-0: CVE-2019-13989: dpic: Stack-based Buffer Overflow in the wfloat() function in main.c. 2020-01-16
1143743 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2019-5020: yara: An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 2020-01-16
1143911 openSUSE Distribution Security mihailjp NEW --- VUL-0: CVE-2019-14486: gnu-cobol: a buffer overflow in cb_evaluate_expr in cobc/field.c via crafted COBOL source code 2019-08-02
1143917 openSUSE Distribution Security mihailjp NEW --- VUL-0: CVE-2019-14468: gnu-cobol: buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code 2019-08-02
1144269 openSUSE Distribution Security mihailjp NEW --- VUL-1: CVE-2019-14528: gnu-cobol: version 2.2 has a heap-based buffer overflow in read_literal in cobc/scanner.l via crafted COBOL source code. 2020-01-16
1144304 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2019-14531: sleuthkit: An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c. 2024-07-04
1144306 openSUSE Distribution Security Greg.Freemyer CONF --- VUL-1: CVE-2019-14532: sleuthkit: An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table. 2024-07-04
1144316 openSUSE Distribution Security security-team REOP --- VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead 2022-07-25
1144354 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2019-1010302: jhead: incorrect access control in iptc.c Line 122 show_IPTC() causing denial of service 2022-07-25
1144453 openSUSE Distribution Security security-team REOP --- VUL-0: CVE-2019-10217: ansible: gcp modules do not flag sensitive data fields properly 2021-05-11
1144517 openSUSE Distribution Security nirmoy.das NEW --- VUL-0: CVE-2018-18839: netdata: full path disclosure in api/v1/alarms 2020-01-16
1145572 openSUSE Distribution Security mrostecki IN_P --- VUL-1: CVE-2019-14993: istio-proxy: mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. 2019-09-23
1145709 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-15058: stb: stb_image.h has a heap-based buffer over-read in stbi__tga_load 2019-08-15
1145879 openSUSE Distribution Security forgotten_cAXlJ_FoSf NEW --- VUL-1: CVE-2019-14975: mupdf: heap-based buffer over-read due to a missing string check in fz_chartorune in fitz/string.c 2020-01-16
1145887 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-13222: stb: out-of-bounds read of a global buffer in the draw_line function in stb_vorbis 2019-08-20
1145889 openSUSE Distribution Security adrian.schroeter NEW --- VUL-0: CVE-2019-13221: stb: stack buffer overflow in the compute_codewords function in stb_vorbis 2019-08-20
1145890 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-13220: stb: Use of uninitialized stack variables in the start_decoder function in stb_vorbis 2019-08-20
1145891 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-13219: stb: A NULL pointer dereference in the get_window function in stb_vorbis 2019-08-20
1145892 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-13218: stb: Division by zero in the predict_point function in stb_vorbis 2019-08-20
1145894 openSUSE Distribution Security adrian.schroeter NEW --- VUL-0: CVE-2019-13217: stb: A heap buffer overflow in the start_decoder function in stb_vorbis 2019-08-16
1145899 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2019-13223: stb: reachable assertion in the lookup1_values function in stb_vorbis 2019-08-20
1145903 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2019-15052: gradle: authentication credentials are sent to all subsequent hosts that the request redirects to 2024-04-05
1146086 openSUSE Distribution Security boris IN_P --- VUL-1: CVE-2019-15132: zabbix: with login requests, it is possible to enumerate application usernames based on the variability of server responses 2019-08-19
1149711 openSUSE Distribution Security mpluskal NEW --- VUL-1: CVE-2019-15947: bitcoin: bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. 2020-01-16
1149919 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-16091: libmysofa: out-of-bounds read in directblockRead in hdf/fractalhead.c. 2024-01-31
1149920 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-16092: libmysofa: NULL pointer dereference in getHrtf in hrtf/reader.c 2024-01-31
1149922 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-16093: libmysofa invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c 2024-01-31
1149924 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-16094: libmysofa: invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c 2024-01-31
1149926 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-16095: libmysofa: invalid read in getDimension in hrtf/reader.c 2024-01-31
1150279 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2019-12105: supervisor: an unauthenticated user can read log files or restart a service 2019-09-21
1151472 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2019-9717: libav: a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format 2020-01-16
1151473 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2019-9719: libav: stack-based buffer overflow in the subtitle decoder allows attackers to corrupt the stack via a crafted video file in Matroska format 2020-01-16
1151478 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2019-9720: libav: stack-based buffer overflow in the subtitle decoder allows attackers to corrupt the stack via a crafted video file in Matroska format 2020-01-16
1152997 openSUSE Distribution Security rtorreromarijnissen NEW --- VUL-1: CVE-2019-16866: unbound: Accesses uninitialized memory, triggerd by crafted NOTIFY queries 2019-10-04
1153551 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-1: CVE-2019-17401: liblnk: heap-based buffer over-read in the network_share_name_offset>20 2019-10-10
1154818 openSUSE Distribution Security adam NEW --- VUL-1: CVE-2019-17400: unoconv: improper handling of untrusted pathnames lead to SSRF and local file inclusion 2020-01-16
1156445 openSUSE Distribution Security pth NEW --- VUL-1: CVE-2019-18849: tnef: an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read 2020-01-16
1156649 openSUSE Distribution Security security-team CONF --- VUL-1: CVE-2019-18848: rubygem-json-jwt: parser lacks an element count during the splitting of a JWE string 2024-07-04
1158629 openSUSE Distribution Security mardnh IN_P --- VUL-0: CVE-2019-19334: libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used 2020-01-12
1158631 openSUSE Distribution Security mardnh IN_P --- VUL-0: CVE-2019-19333: libyang: stack-based buffer overflow in make_canonical when bits leaf type is used 2020-01-12
1158783 openSUSE Distribution Security Greg.Freemyer NEW --- VUL-0: CVE-2019-19648: yara: In the macho_parse_file functionality in macho/macho.c, command_size may be inconsistent with the real size. A crafted MachO file can cause an out-of-bounds memory access, resulting in DoS or potential code execution 2020-01-16
1159187 openSUSE Distribution Security vbotka NEW --- VUL-0: CVE-2019-5062: hostap: denial-of-service vulnerability in the 802.11w security state handling 2020-01-16
1159188 openSUSE Distribution Security vbotka NEW --- VUL-0: CVE-2019-5061: hostapd: denial-of-service vulnerability by triggering AP to send IAPP location updates 2019-12-13
1159454 openSUSE Distribution Security lma NEW --- VUL-0: CVE-2019-18392: virglrenderer: double free in the vrend_renderer_transfer_write_iov function 2022-01-21
1159839 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2019-20016: libmysofa: improper restriction of recursive function calls in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c may lead to stack consumption 2024-01-31
1160544 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-6625: jhead: heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c 2022-07-25
1160547 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-6624: jhead: heap-based buffer over-read in process_DQT in jpgqguess.c 2022-07-25
1164576 openSUSE Distribution Security mrostecki NEW --- VUL-0: CVE-2019-19886: modsecurity: denial of service in Transaction:addRequestHeader in transaction.cc 2020-02-21
1165295 openSUSE Distribution Security vbotka NEW --- VUL-0: CVE-2019-10064: hostapd: Hostapd fails at seeding PRNGS, leading to insufficient entropy 2020-02-29
1170767 openSUSE Distribution Security jengelh IN_P --- VUL-0: CVE-2020-12284: ffmpeg-4: heap-based buffer overflow in cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c during JPEG_MARKER_SOS handling 2024-04-22
1170890 openSUSE Distribution Security peter.simons IN_P --- VUL-0: CVE-2018-21232: re2c: uncontrolled recursion causes stack consumption in find_fixed_tags 2023-08-18
1171379 openSUSE Distribution Security petr IN_P --- VUL-0: CVE-2020-11888: python-markdown2: Unsanitized input allows for cross-site scripting (XSS) 2021-03-20
1171425 openSUSE Distribution Security mia NEW --- VUL-1: CVE-2020-11054: qutebrowser: reloading a page with certificate errors shows a green URL 2021-09-13
1171427 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2020-12740: tcpreplay: heap-based buffer over-read during a get_c operation in get_ipv6_next() 2020-05-11
1171873 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-1: CVE-2018-10756: transmission: use-after-free in libtransmission/variant.c may allow remote attackers to cause a denial of service or execute arbitrary code via a crafted torrent 2020-05-19
1172162 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-13615: Qore: lack of hostname verification for X.509 certificates. 2021-01-28
1172959 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2020-14149: uftpd: handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference 2020-06-25
1173019 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-14212: ffmpeg: heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c 2024-03-01
1173388 openSUSE Distribution Security kde-maintainers NEW --- VUL-0: CVE-2020-15047: MSA/SMTP.cpp ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers. 2020-06-26
1173583 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2013-7489: python-Beaker: Deserialization of Untrusted Data which can lead to Arbitrary code execution 2021-12-01
1173597 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2020-15471,CVE-2020-15472,CVE-2020-15473,CVE-2020-15474,CVE-2020-15475,CVE-2020-15476: ndpi: multiple memory safety issues 2021-01-28
1173851 openSUSE Distribution Security kgronlund NEW --- VUL-1: CVE-2020-5238: cmark: Exponential time to parse certain inputs could lead to DoS. 2020-07-07
1174295 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-15807: libredwg: null pointer dereferences via crafted input files 2021-04-29
1174580 openSUSE Distribution Security opensuse-kde-bugs NEW --- VUL-0: CVE-2020-15954: kmail: engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use 2021-08-09
1174668 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-6070: f2fs-tools: specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations 2021-04-26
1175814 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2020-24661: geary: mishandling of pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates 2020-08-27
1177201 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-28049: sddm: race condition in setting up Xorg -auth file in conjunction with Xorg -displayfd parameter 2020-11-11
1177205 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-25626: python-djangorestframework: XSS Vulnerability in API viewer 2021-03-08
1177932 openSUSE Distribution Security lbeltrame IN_P --- VUL-0: CVE-2020-24972: kleopatra: potential arbitrary code execution due to openpgp4fpr: URLs are supported without safe handling of command-line options 2020-10-28
1178196 openSUSE Distribution Security maurizio.galli NEW --- VUL-0: CVE-2020-15238: blueman: local denial-of-service in org.blueman.Mechanism D-Bus interface 2020-11-26
1178744 openSUSE Distribution Security sbahling NEW --- VUL-0: CVE-2020-25074: moinmoin-wiki: remote code execution via cache action 2020-11-23
1178745 openSUSE Distribution Security sbahling NEW --- VUL-0: CVE-2020-15275: moinmoin-wiki: malicious SVG attachment causing stored XSS vulnerability 2020-11-23
1179005 openSUSE Distribution Security asarai NEW --- VUL-0: CVE-2020-28924: rclone: weak password generation due to limited entropy 2021-02-10
1179180 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-26890: synapse: DoS via NaN, Infinity, and -Infinity JSON values in fields of m.room.member events 2020-12-01
1179249 openSUSE Distribution Security pascal.bleser NEW --- VUL-0: CVE-2020-29074: x11vnc: inappropriate permission in in shmget calls 2020-11-26
1179449 openSUSE Distribution Security mseben IN_P --- VUL-1: CVE-2020-11867: audacity: saves temporary files to /var/tmp/audacity-$USER by default, which permissions are set to 755. 2020-12-15
1179913 openSUSE Distribution Security dmitry NEW --- VUL-1: CVE-2020-20739: vips: uninitialized variable in im_vips2dz function may leak remote server path or stack address 2020-12-10
1180458 openSUSE Distribution Security mmachova REOP --- VUL-0: CVE-2020-26215: python-notebook, python-jupyter_notebook: open redirect vulnerability 2024-07-10
1180524 openSUSE Distribution Security rbrown IN_P --- VUL-1: CVE-2020-35963: fluent-bit: flb_gzip_compress in flb_gzip.c has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion. 2021-04-29
1180648 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-21236: python-CairoSVG: regular expression denial of service (REDoS) when processing malicious SVG files 2023-09-26
1180868 openSUSE Distribution Security detlef.steuer NEW --- VUL-0: CVE-2020-27637: R-base: default package manager is affected by a path traversal vulnerability 2021-01-13
1181067 openSUSE Distribution Security i NEW --- VUL-0: cinnamon-screensaver: Screensaver lock by-pass via the virtual keyboard 2021-01-19
1181705 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2020-15690: nim: Standard library asyncftpclient lacks a check for newline character 2022-09-12
1181784 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-3195: bitcoin: creation of a new file in an arbitrary directory 2021-10-14
1181786 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2020-14198: bitcoin: remote denial of service. 2021-02-04
1181803 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-8294: nextcloud: A missing link validation 2021-07-21
1181804 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2020-8295: nextcloud: Denial of service attack when resetting the password for a user 2021-07-21
1181903 openSUSE Distribution Security mkubecek NEW --- manual page of twinkle has been powned 2021-02-19
1181977 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-36152: libmysofa: Buffer overflow in readDataVar in hdf/dataobject.c 2024-01-31
1181978 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-36151: libmysofa: Incorrect handling of input data in mysofa_resampler_reset_mem function 2024-01-31
1181979 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-36150: libmysofa: Incorrect handling of input data in loudness function 2024-01-31
1181980 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-36149: libmysofa: Incorrect handling of input data in changeAttribute function 2024-01-31
1181981 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-36148: libmysofa: Incorrect handling of input data in verifyAttribute function 2024-01-31
1182036 openSUSE Distribution Security aj NEW --- VUL-0: CVE-2021-26925: roundcubemail: Cross-site scripting via crafted Cascading Style Sheets 2021-02-10
1182158 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2019-19004: autotrace: integer overflow in input-bmp.c 2022-05-18
1182159 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2019-19005: autotrace: double free in main.c allows attackers to cause an unspecified impact via a malformed bitmap 2022-05-18
1182644 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-3407: A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences. 2021-03-04
1182657 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-21309: redis: Integer overflow on 32-bit systems 2023-01-25
1182883 openSUSE Distribution Security mia IN_P --- VUL-1: CVE-2020-6860: libmysofa: stack-based buffer overflow in readDataVar 2021-03-18
1183171 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-26813: python-markdown2: Regular expression denial of service 2021-03-20
1183728 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-27225: eclipse: Help Subsystem does not authenticate active help requests 2021-03-30
1184541 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-30184: gnuchess: allows to execute arbitrary code via crafted PGN data via cmd_pgnload() and cmd_pgnreplay() 2021-06-01
1184872 openSUSE Distribution Security okurz NEW --- VUL-0: CVE-2021-21333: matrix-synapse: HTML injection in email and account expiry notifications 2021-04-16
1184873 openSUSE Distribution Security okurz NEW --- VUL-0: CVE-2021-21332: matrix-synapse: password reset endpoint is vulnerable to XSS 2021-04-16
1184901 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2021-28994: kopano: Remote DoS by memory exhaustion 2021-04-16
1185083 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-21372: nim: doCmd can be leveraged to execute arbitrary commands 2022-09-12
1185084 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-21373: nim: "nimble refresh" falls back to a non-TLS URL in case of error 2022-09-12
1185085 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-21374: nim: Improper verification of the SSL/TLS certificate 2022-09-14
1185948 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-29495: nim: stdlib httpClient does not validate peer certificates by default 2022-09-12
1186052 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-33026: python-Flask-Caching: The Flask-Caching extension relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. 2021-10-21
1186170 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2020-21839: libredwg: Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. 2021-05-18
1186230 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-30145: mpv: format string vulnerability allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. 2021-05-27
1186334 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-33481: gocr: stack-based buffer overflow in try_to_divide_boxes() in pgm2asc.c 2021-10-14
1186335 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-33479: gocr: stack-based buffer overflow in measure_pitch() in pgm2asc.c 2021-10-14
1186337 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-33480: gocr: use-after-free in context_correction() in pgm2asc.c 2021-10-14
1186575 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-33038: python-HyperKitty: information disclosure when importing a private mailing list 2023-06-22
1186722 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32625: redis: integer overflow in STRALGO LCS 2023-01-25
1186848 openSUSE Distribution Security marix IN_P --- VUL-0: CVE-2020-27208: solo: downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface 2021-07-10
1186865 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2021-33815: ffmpeg: dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked. 2024-04-22
1187322 openSUSE Distribution Security bwiedemann NEW --- VUL-0: CVE-2021-34548: tor: RELAY_END or RELAY_RESOLVED spoofing 2021-07-08
1187324 openSUSE Distribution Security bwiedemann NEW --- VUL-0: CVE-2021-34549: tor: hashtable-based CPU denial-of-service attack against relays 2021-07-08
1187325 openSUSE Distribution Security bwiedemann NEW --- VUL-0: CVE-2021-34550: tor: out-of-bounds memory access in v3 onion service descriptor parsing 2021-07-08
1187607 openSUSE Distribution Security os.gnome.maintainers CONF --- pam-config: invalid option -- --pwquality 2023-10-11
1187706 openSUSE Distribution Security aj NEW --- VUL-0: CVE-2020-18671: roundcubemail: Cross Site Scripting (XSS) vulnerability via smtp config in /installer/test.php 2021-07-09
1187707 openSUSE Distribution Security aj NEW --- VUL-0: CVE-2020-18670: roundcubemail: Cross Site Scripting (XSS) vulneraibility via database host and user in /installer/test.php 2021-07-09
1187915 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2021-36082: ndpi: stack-based buffer overflow in processClientServerHello. 2021-11-04
1187988 openSUSE Distribution Security security-team IN_P --- VUL-0: fossil: client-side TLS hostname verification bug 2021-07-24
1188056 openSUSE Distribution Security security-team NEW --- Upgrade fetchmail to latest version as TLS v1.0 is deprecated. 2021-07-14
1188599 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-37220: mupdf: out-of-bounds write because cached color converter does not properly consider the maximum key size of a hash table 2021-07-25
1188730 openSUSE Distribution Security wolfgang.engel NEW --- VUL-1: CVE-2021-21440: otrs: Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden 2021-07-27
1188737 openSUSE Distribution Security wolfgang.engel NEW --- VUL-1: CVE-2021-21443: otrs: Agents are able to list customer user emails without required permissions in the bulk action screen 2021-07-27
1188739 openSUSE Distribution Security wolfgang.engel NEW --- VUL-1: CVE-2021-36091: otrs: Agents are able to list appointments in the calendars without required permissions 2021-07-27
1188740 openSUSE Distribution Security wolfgang.engel NEW --- VUL-1: CVE-2021-36092: otrs: It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack 2021-07-27
1188856 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2021-25803: vlc: buffer overflow in vlc_input_attachment_New component 2021-08-04
1188925 openSUSE Distribution Security wolfgang.engel NEW --- VUL-1: CVE-2021-23418: python-Glances: vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data 2021-07-30
1189423 openSUSE Distribution Security security-team NEW --- VUL-0: tensorflow2: update to 2.6.0, multiple CVEs 2022-06-18
1189489 openSUSE Distribution Security bwiedemann NEW --- VUL-0: CVE-2021-38385: tor: assertion failure in signature verification 2021-08-25
1189704 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2020-28589: tinyobjloader: An improper array index validation could lead to code execution. 2021-08-23
1189795 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2020-18775: Iibav: heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c 2021-08-25
1189796 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2020-18776: libav: segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c 2021-08-25
1189797 openSUSE Distribution Security alarrosa NEW --- VUL-1: CVE-2020-18778: libav: heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c 2021-08-25
1189887 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-38714: plib: integer overflow could lead to arbitrary code execution 2021-12-01
1189890 openSUSE Distribution Security Greg.Freemyer CONF --- VUL-1: CVE-2020-18897: libpff: An use-after-free vulnerability in the libpff_item_tree_create_node function of libyal Libpff before 20180623 allows attackers to cause a denial of service (DOS) or execute arbitrary code via a crafted pff file. 2021-08-31
1190048 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2021-34434: mosquitto: Existing subscriptions for that client are not revoked 2021-09-01
1190101 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2020-13849: mosquitto: The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service 2021-09-08
1190121 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2021-32732: gtkpod: Stack overflow in embedded AtomicParsley code APar_read64 2021-09-02
1190178 openSUSE Distribution Security gnome-bugs NEW --- VUL-1: CVE-2020-18971: podofo: stack-based buffer overflow in src/base/PdfDictionary.cpp 2021-09-07
1190179 openSUSE Distribution Security gnome-bugs NEW --- VUL-1: CVE-2020-18972: podofo: memory leak in IsNextToken() in src/base/PdfTokenizer.cpp 2024-06-19
1190244 openSUSE Distribution Security security-team CONF --- VUL-0: CVE-2021-40529: Botan,MozillaThunderbird: ElGamal implementation allows plaintext recovery 2022-09-08
1190246 openSUSE Distribution Security mardnh IN_P --- VUL-1: CVE-2021-40540: ulfius: missing initialization and NULL check for malformed HTTP requests 2021-09-07
1190391 openSUSE Distribution Security dmueller NEW --- VUL-1: CVE-2021-40839: python-rencode: infinite loop in typecode decoding (such as via ;\x2f\x7f) 2021-09-10
1190439 openSUSE Distribution Security asn NEW --- VUL-1: CVE-2021-40347: python-postorius: postorious -- security update 2021-09-13
1190593 openSUSE Distribution Security security-team NEW --- Installation of git pulls git-web and git-web is enabled in apache by default 2021-09-17
1190603 openSUSE Distribution Security mmachova IN_P --- VUL-1: CVE-2021-39214: python-mitmproxy: mitmproxy 7.0.2 and below allow HTTP smuggling attacks 2023-08-20
1190682 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-39521: libredwg: NULL pointer dereference in function bit_read_BB() 2021-09-27
1190683 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-39522: libredwg: heap-based buffer overflow in function bit_wcs2len() 2021-09-27
1190684 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-39523: libredwg: NULL pointer dereference in function check_POLYLINE_handles() 2021-09-27
1190686 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-39527: libredwg: heap-based buffer overflow in function appinfo_private() 2021-09-27
1190690 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-32294: libgig: heap-buffer-overflow in function RIFF:List:GetSubList 2021-09-27
1190852 openSUSE Distribution Security mrostecki NEW --- VUL-1: CVE-2021-38153: kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 2021-09-24
1190853 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-41581: libressl: stack-based buffer over-read in x509_constraints_parse_mailbox 2022-05-19
1190921 openSUSE Distribution Security asn NEW --- update tmate to 2.4 2021-10-04
1191030 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2021-3828: python-nltk: ReDOS vulnerability in Corpus Reader 2022-07-03
1191231 openSUSE Distribution Security bwiedemann NEW --- VUL-1: CVE-2021-39246: tor: allows a correlation attack excessive verbose logging 2021-10-01
1191299 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-41099: redis: Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value 2023-01-25
1191300 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32762: redis: Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on some older and less common platforms 2023-01-25
1191302 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32687: redis: Integer to heap buffer overflow with intsets, when set-max-intset-entries is manually configured to a non-default, very large value 2023-01-25
1191303 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32675: redis: Denial Of Service when processing RESP request payloads with a large number of elements on many connections 2023-01-25
1191304 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32672: redis: Random heap reading issue with Lua Debugger 2023-01-25
1191305 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32627,CVE-2021-32628: redis: Integer to heap buffer overflows 2023-01-25
1191306 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-32626: redis: Specially crafted Lua scripts may result with Heap buffer overflow 2023-01-25
1191311 openSUSE Distribution Security meissner IN_P --- VUL-0: CVE-2021-41867: python-onionshare: An information disclosure vulnerability allows remote unauthenticated attackers to retrieve the full list of participants of a non-public OnionShare node via the --chat feature 2021-10-23
1191834 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2021-34431: mosquitto: memory leak can lead to DoS 2021-10-19
1191895 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-41159, CVE-2021-41160: freerdp: Improper client input validation and Improper region checks 2024-06-26
1191942 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2021-42715: stb: denial of service in stb_image HDR loader when reading crafted HDR files 2023-05-08
1191944 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2021-42716: stb: buffer overflow in stb_image PNM loader 2023-05-08
1192072 openSUSE Distribution Security dmueller NEW --- VUL-1: CVE-2021-42343: python-dask: Dask workers can listen on external interfaces rather than only localhost 2021-10-27
1192257 openSUSE Distribution Security mia CONF --- VUL-0: CVE-2021-3756: libmysofa: heap-based buffer overflow in loudness(), mysofa_check() and readOHDRHeaderMessageDataLayout() 2024-01-31
1192262 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2021-41186: fluentd: ReDoS vulnerability in parser_apache2 in versions 0.14.14 to 1.14.1 2021-11-02
1192323 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-27836: libxls: possible NULL pointer dereference via crafted XLS file in version 1.6.2 and prior 2022-05-21
1192427 openSUSE Distribution Security security-team IN_P --- VUL-0: libarchive: Processing fixup entries may follow symbolic links 2023-04-12
1192441 openSUSE Distribution Security forgotten_mJouVTf9j4 NEW --- VUL-0: CVE-2021-35368: owasp-modsecurity-crs: request Body Bypass via a trailing pathname 2021-11-08
1192658 openSUSE Distribution Security bwiedemann NEW --- VUL-1: CVE-2021-22929: tor: v2 onion service metadata leak on disk (TROVE-2021-008) 2021-12-03
1192703 openSUSE Distribution Security gcomes.obs NEW --- VUL-1: CVE-2021-43610: belle-sip: before 5.0.20, an unauthenticated SIP message with an empty From header can crash the application 2021-11-15
1192705 openSUSE Distribution Security gcomes.obs NEW --- VUL-1: CVE-2021-43611: belle-sip: before 5.0.20 crash via " \ " in the display name of a From header. 2021-11-15
1192712 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2021-41259: nim: null byte accepted in getContent function, leading to URI validation bypass 2022-09-12
1192865 openSUSE Distribution Security aj NEW --- VUL-1: CVE-2021-44025: roundcubemail: XSS in handling an attachment's filename extension 2021-11-19
1192870 openSUSE Distribution Security aj NEW --- VUL-0: CVE-2021-44026: roundcubemail: potential SQL injection via search or search_params. 2021-11-19
1192937 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-21899: libdxfrw: heap out-of-bounds write in dwgCompressor:copyCompBytes21 2022-03-03
1192938 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-21900: libdxfrw: use-after-free in dxfRW:processLType() 2022-03-03
1192949 openSUSE Distribution Security forgotten_xdG2V-P5g9 NEW --- VUL-0: CVE-2021-40391: gerbv: out-of-bounds write in the drill format T-code tool number functionality 2022-05-04
1192985 openSUSE Distribution Security sleep_walker REOP --- VUL-0: CVE-2021-44143: isync: heap overflow in in mbsync while dealing with a mail message without header 2022-01-05
1193005 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-41281: synapse: Path traversal when downloading remote media 2022-11-24
1193102 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2020-27545: libdwarf: carefully corrupted line table can crash calling app 2023-07-05
1193109 openSUSE Distribution Security forgotten_erNuRw7uhu NEW --- VUL-1: CVE-2021-4021: radare2: uncontrolled resource consumption via specially crafted ELF64 binary for MIPS architecture 2021-12-07
1193122 openSUSE Distribution Security security-team NEW --- SSL protocol errors on my Subsonic server 2021-11-27
1193156 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-4020: janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 2021-12-17
1193273 openSUSE Distribution Security containers-bugowner NEW --- VUL-1: CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion 2023-11-03
1193322 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2021-41039: In versions 1.6 to 2.0.11 of Eclipse Mosquitto, a client connecting with a large number of user-property properties could cause DoS 2021-12-02
1193333 openSUSE Distribution Security thomasbechtold NEW --- VUL-0: CVE-2021-4041: ansible-runner: Improper shell escaping 2021-12-02
1193371 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-28236: libredwg: NULL pointer dereference via out_dxfb.c. 2022-05-16
1193376 openSUSE Distribution Security sleep_walker NEW --- VUL-1: CVE-2021-3657: multiple buffer overflows in isync/mbsync 2021-12-03
1193756 openSUSE Distribution Security rsalevsky NEW --- VUL-0: CVE-2021-43820: seafile: misuse of cached token leading to access to unauthorized library data 2021-12-15
1193827 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2021-45085: epiphany: XSS in about page 2021-12-16
1193828 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2021-45086: epiphany: XSS in pdf.js 2021-12-16
1193829 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-1: CVE-2021-45087: epiphany: XSS in view source mode or reader mode 2021-12-16
1193830 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2021-45088: epiphany: XSS via an error page 2021-12-16
1193831 openSUSE Distribution Security forgotten_GfSLLQGSl_ NEW --- VUL-0: CVE-2021-43518: teeworlds: buffer overflow in map parser 2021-12-16
1193877 openSUSE Distribution Security moonsolo NEW --- VUL-0: CVE-2021-32773: racket: incorrect code evaluation may lead to privileges escalation 2022-01-21
1193980 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-45451: mbedtls: policy bypass/oracle-based decryption in psa_aead_generate_nonce 2021-12-22
1194020 openSUSE Distribution Security security-team REOP --- VUL-0: CVE-2021-44538: element-web,element-desktop: buffer overflow in olm_session_describe() via a crafted sequence of messages 2022-03-01
1194059 openSUSE Distribution Security dmueller NEW --- VUL-1: CVE-2021-43854: python-nltk: ReDoS in *_tokenize 2021-12-24
1194246 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2021-45927: mdbtools: stack-based buffer overflow in mdb_numeric_to_string 2022-02-09
1194275 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-45950: libredwg: out-of-bounds write in dwg_free_BLOCK_private 2022-01-13
1194330 openSUSE Distribution Security dmueller NEW --- VUL-1: CVE-2021-3842: python-nltk: ReDoS in some RegexpTaggers throughout NLTK 2022-01-05
1194358 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2022-21653: jawn: DoS caused by a hash collision in org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade 2022-02-21
1194361 openSUSE Distribution Security aj NEW --- VUL-1: CVE-2021-46144: roundcubemail: XSS via an HTML e-mail message with crafted CSS token sequences 2022-01-06
1194364 openSUSE Distribution Security amajer NEW --- VUL-1: CVE-2021-46142: uriparser: invalid free operations in uriNormalizeSyntax 2024-05-14
1194365 openSUSE Distribution Security amajer NEW --- VUL-1: CVE-2021-46141: uriparser: invalid free operations in uriFreeUriMembers and uriMakeOwner 2024-05-14
1194367 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-23727: python-celery: stored command injection vulnerability may allow privileges escalation 2023-08-15
1194406 openSUSE Distribution Security security-team NEW --- systemd: service unit warnings in journal 2022-01-10
1194515 openSUSE Distribution Security mpluskal NEW --- VUL-1: CVE-2022-0157: phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 2022-01-11
1194662 openSUSE Distribution Security security-team NEW --- susefirewall2-to-firewalld script failed trying to restore iptables 2022-01-15
1194683 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2021-43612: lldpd: heap-based buffer overflow 2022-01-14
1194747 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2022-0238: phoronix-test-suite: CSRF in the phoromatic component 2022-01-17
1194753 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2022-0197: phoronix-test-suite: CSRF in the phoromatic component 2022-02-01
1194781 openSUSE Distribution Security opensuse NEW --- VUL-1: CVE-2021-44537: owncloud-client: resource Injection by a server into the desktop client 2022-01-17
1194921 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-33912: libspf2: four-byte heap-based buffer overflow in SPF_record_expand_data in spf_expand.c 2022-01-28
1194922 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-33913: libspf2: heap-based buffer overflow in SPF_record_expand_data in spf_expand.c 2022-01-28
1194987 openSUSE Distribution Security avvissu NEW --- VUL-1: CVE-2021-46322: duktape: SEGV via the component duk_push_tval in duktape/duk_api_stack.c. 2023-11-28
1195000 openSUSE Distribution Security jayvdb NEW --- VUL-0: CVE-2022-0329: python-loguru: insecure deserialization in loguru 2022-01-21
1195119 openSUSE Distribution Security adrian.schroeter NEW --- VUL-0: CVE-2021-45844: FreeCAD: Improper sanitization in the invocation of ODA File Converter allows an attacker to inject OS commands via a crafted filename. 2022-01-26
1195120 openSUSE Distribution Security adrian.schroeter NEW --- VUL-0: CVE-2021-45845: FreeCAD: The Path Sanity Check script is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. 2022-01-26
1195121 openSUSE Distribution Security jayvdb NEW --- VUL-1: CVE-2022-0338: python-loguru: Improper Privilege Management in Conda loguru prior to 0.5.3. 2022-01-26
1195323 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-20323: keycloak: POST based reflected Cross Site Scripting vulnerability 2022-05-24
1195432 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2022-23607: python-treq: treq's request methods and `treq.client.HTTPClient` constructor do not bind cookies to a domain 2022-08-24
1195493 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2020-26208: jhead: heap-buffer-overflow in ReadJpegSections 2022-07-25
1195545 openSUSE Distribution Security cgoll IN_P --- VUL-0: tensorflow2: update to version 2.8.0, multiple CVEs 2022-05-24
1195567 openSUSE Distribution Security smar IN_P --- VUL-0: CVE-2022-0497: openscad: Out-of-bounds memory access in comment parser 2022-02-07
1195568 openSUSE Distribution Security smar IN_P --- VUL-0: CVE-2022-0496: openscad: Out-of-bounds memory access in DXF loader 2022-02-07
1195629 openSUSE Distribution Security Greg.Freemyer REOP --- VUL-0: CVE-2021-45429: yara: Buffer Overflow vulnerability 2022-02-09
1195671 openSUSE Distribution Security dmitry NEW --- VUL-0: CVE-2021-40401: gerbv: use-after-free vulnerability in the RS-274X aperture definition tokenization functionality 2022-02-08
1195673 openSUSE Distribution Security dmitry NEW --- VUL-0: CVE-2021-40403: gerbv: pick-and-place rotation parsing use of uninitialized variable vulnerability 2022-02-08
1195760 openSUSE Distribution Security daniel NEW --- VUL-0: CVE-2022-0521: radare2: Access of Memory Location After End of Buffer prior to 5.6.2. 2022-02-10
1195761 openSUSE Distribution Security daniel NEW --- VUL-0: CVE-2022-0519: radare2: Buffer Access with Incorrect Length Value prior to 5.6.2. 2022-02-10
1195969 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2021-45386: tcpreplay: Reachable Assertion in add_tree_ipv6() at tree.c 2022-02-15
1195970 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2021-45387: tcpreplay: Reachable Assertion in add_tree_ipv4() at tree.c 2022-02-15
1195989 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-24976: atheme: General authentication bypass in Atheme IRC services with InspIRCd 3 2022-06-20
1196052 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-0559: radare2: Use After Free in radare2 2022-02-16
1196069 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2022-0571: phoronix-test-suite: reflected XSS 2022-02-17
1196160 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-23804: kicad: Stack-based buffer overflow in ReadIJCoord 2022-02-18
1196161 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-23803: kicad: Stack-based buffer overflow in ReadXYCoord 2022-02-18
1196319 openSUSE Distribution Security daniel NEW --- VUL-0: CVE-2022-0713: radare2: Heap-based Buffer Overflow 2022-02-23
1196320 openSUSE Distribution Security daniel NEW --- VUL-0: CVE-2022-0712: radare2: null pointer dereference in bin_symbols.c 2022-02-23
1196323 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-23946: kicad: Stack-based buffer overflow in GCodeNumber parsing 2022-02-23
1196325 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-23947: kicad: Stack-based buffer overflow in DCodeNumber parsing 2022-02-23
1196345 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-0676: radare2: Heap-based Buffer Overflow 2022-02-23
1196418 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-43824: envoy-proxy: Null pointer dereference when using JWT filter safe_regex match 2022-08-01
1196419 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-43825: envoy-proxy: Use-after-free when response filters increase response data 2022-08-01
1196420 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-43826: envoy-proxy: Use-after-free when tunneling TCP over HTTP 2022-08-01
1196421 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-21654: envoy-proxy: Incorrect configuration handling allows mTLS session re-use without re-validation 2022-08-01
1196422 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-21655: envoy-proxy: Incorrect handling of internal redirects to routes with a direct response entry 2022-08-01
1196423 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-23606: envoy-proxy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service 2022-08-01
1196429 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-21657: envoy-proxy: X.509 Extended Key Usage and Trust Purposes bypass 2022-08-01
1196430 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-21656: envoy-proxy: X.509 subjectAltName matching (and nameConstraints) bypass 2022-08-01
1196466 openSUSE Distribution Security marix NEW --- VUL-1: CVE-2022-0725: keepass: logs plain text passwords in system log when clearing the clipboard 2022-02-24
1196540 openSUSE Distribution Security security-team IN_P --- VUL-1: CVE-2022-24710: weblate: XSS in weblate before 4.11 2022-03-02
1196659 openSUSE Distribution Security opensuse NEW --- VUL-0: CVE-2022-24300: minetest: ItemStack meta injection vulnerability in Minetest 2022-03-02
1196663 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-32797: python-jupyterlab: untrusted notebook can execute on load which could lead to an RCE 2022-08-02
1196742 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-24724: ghc-cmark-gfm: possible RCE due to integer overflow 2022-03-04
1196827 openSUSE Distribution Security ms NEW --- VUL-0: CVE-2022-26495: nbd: integer overflow with a resultant heap-based buffer overflow 2022-04-20
1196828 openSUSE Distribution Security ms NEW --- VUL-0: CVE-2022-26496: nbd: stack-based buffer overflow when parsing the name field by sending a crafted NBD_OPT_INFO 2022-04-20
1196856 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2022-24737: httpie: cookie exposure when redirecting 2023-05-25
1197011 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-33293: libpano: out-of-bounds read in the function panoParserFindOLine() in parser.c. 2022-11-20
1197166 openSUSE Distribution Security mardnh NEW --- VUL-1: CVE-2022-0430: httpie: exposure of sensitive Information to an unauthorized actor 2023-05-25
1197252 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2022-21831: rubygem-activestorage-5.2: Code injection vulnerability in ActiveStorage 2022-03-18
1197381 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-24766: python-mitmproxy: HTTP request smuggling with whitespace in HTTP/1 header name 2022-03-23
1197416 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2022-25484: tcpreplay: assertion fail in packet2tree() 2022-03-23
1197510 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-43666: mbedtls: Denial of Service in the mbedtls_pkcs12_derivation function when an input password's length is 0 2022-03-25
1197585 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2022-27939: tcpreplay: tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. 2022-03-28
1197586 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-27940: tcpreplay: tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. 2022-03-28
1197588 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-27941: tcpreplay: tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. 2022-03-28
1197589 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-27942: tcpreplay: tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. 2022-03-28
1197991 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1207: radare2: Out-of-bounds read allows reading sensitive information 2022-04-04
1198002 openSUSE Distribution Security rpm NEW --- VUL-1: CVE-2022-1201: mruby: NULL Pointer Dereference in mrb_vm_exec is capable of making the mruby interpreter crash 2022-04-06
1198132 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1244: radare2: heap-buffer-overflow might cause denial of service. 2022-04-06
1198185 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1237: radare2: Improper Validation of Array Index can lead to heap overflow 2022-04-07
1198186 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1238: radare2: Heap-based Buffer Overflow in libr/bin/format/ne/ne.c 2022-04-07
1198187 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1240: radare2: Heap buffer overflow in libr/bin/format/mach0/mach0.c 2022-04-07
1198203 openSUSE Distribution Security arun NEW --- VUL-1: CVE-2022-24758: python-noteboook: information leak in server logs before 6.4.9 2022-04-07
1198291 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1283: radare2: NULL Pointer Dereference in r_bin_ne_get_entrypoints function in radare2 prior to 5.6.8 2022-04-11
1198292 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1284: radare2: heap-use-after-free in radare2 prior to 5.6.8 2022-04-11
1198336 openSUSE Distribution Security meissner IN_P --- python-pykeepass: fails to build on python: command not found 2022-04-15
1198375 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1296: radare2: Out-of-bounds read in `r_bin_ne_get_relocs` function 2022-04-12
1198376 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1297: radare2: Out-of-bounds read in r_bin_ne_get_entrypoints function 2022-04-12
1198431 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2022-27416: tcpreplay: Double-free via __interceptor_free 2022-04-13
1198433 openSUSE Distribution Security mkubecek NEW --- VUL-1: CVE-2022-27418: tcpreplay: Heap-based buffer overflow in do_checksum_math 2022-04-13
1198434 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2022-27419: rtl_433: Stack overflow in the function acurite_00275rm_decode at /devices/acurite.c 2022-04-13
1198513 openSUSE Distribution Security dmitry NEW --- VUL-1: CVE-2021-40400: gerbv: out-of-bounds read in the RS-274X aperture macro outline primitive functionality 2022-04-15
1198514 openSUSE Distribution Security dmitry NEW --- VUL-1: CVE-2021-40402: gerbv: out-of-bounds read in the RS-274X aperture macro multiple outline primitives functionality 2022-04-15
1198582 openSUSE Distribution Security adrian.schroeter NEW --- VUL-1: CVE-2022-28041, CVE-2022-28042, CVE-2022-28048: stb: stb_image.h v2.27 multiple issues 2022-04-19
1198588 openSUSE Distribution Security simonf.lees NEW --- VUL-0: CVE-2022-24859: python-pypdf, python-PyPDF2: infinite loop vulnerability 2022-04-19
1198591 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2022-1231: plantuml: Stored XSS in the context of the diagram embedder 2022-04-19
1198592 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1382: radare2: NULL Pointer Dereference 2022-04-19
1198593 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1383: radare2: Heap-based Buffer Overflow 2022-04-19
1198683 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2022-1245: keycloak: Privilege escalation vulnerability on Token Exchange 2024-04-02
1198713 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2022-29536: epiphany: client buffer overflow via a long page title 2022-04-21
1198804 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1437: radare2: Heap-based Buffer Overflow 2022-04-25
1198805 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1444: radare2: heap-use-after-free capable of denial of service 2022-04-25
1198807 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1451: radare2: Out-of-bounds Read 2022-04-25
1198808 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1452: radare2: Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function 2022-04-25
1198920 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-1466: keycloak: Improper authorization for master realm 2024-04-02
1199025 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-26491: pidgin: MITM when used without DNSSEC 2022-05-17
1199226 openSUSE Distribution Security pth NEW --- VUL-1: CVE-2022-30292: squirrel: thread_call in sqbaselib.cpp lacks a certain sq_reservestack call 2022-05-05
1199227 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-28487: tcpreplay: memory leak in fix_ipv6_checksums() function 2022-05-05
1199253 openSUSE Distribution Security aplanas IN_P --- VUL-0: CVE-2022-1053: keylime: Tenant and Verifier might not use the same registrar data 2022-08-03
1199288 openSUSE Distribution Security security-team NEW --- VUL-1: CVE-2022-30295: klee-uclibc: uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs 2022-06-07
1199418 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1649: radare2: null pointer deference 2022-05-11
1199555 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-1714: radare2: Heap-based Buffer Overflow 4 byte oob read in msp430 disassembler 2022-05-16
1199557 openSUSE Distribution Security mardnh NEW --- VUL-0: CVE-2022-1379: plantuml: URL Restriction Bypass 2022-05-16
1199806 openSUSE Distribution Security stefan.bruens NEW --- VUL-1: CVE-2022-1809: radare2: Access of Uninitialized Pointer 2022-05-23
1199861 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-42586: libredwg: Heap buffer overflow in dwgread via crafted dwg file 2022-05-24
1199863 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-42585: libredwg: Heap buffer overflow in dwgread via crafted dwg file 2022-05-24
1199892 openSUSE Distribution Security uncomfy+openbuildservice NEW --- VUL-1: CVE-2022-29358: epub2txt2: integer overflow via the function bug in _parse_special_tag at sxmlc.c 2022-05-26
1199946 openSUSE Distribution Security forgotten_GfSLLQGSl_ NEW --- VUL-1: CVE-2022-31650: sox: floating point exception in aiff.c 2022-05-26
1199947 openSUSE Distribution Security forgotten_GfSLLQGSl_ NEW --- VUL-1: CVE-2022-31651: sox: assertion failure in rate.c 2022-05-26
1199972 openSUSE Distribution Security daniel NEW --- VUL-1: CVE-2022-1899: radare2: out of bounds read prior to version 5.7.0. 2022-05-27
1200033 openSUSE Distribution Security mrueckert NEW --- VUL-1: CVE-2021-42859: mxml: memory leak could lead to denial of service 2022-05-30
1200034 openSUSE Distribution Security mrueckert NEW --- VUL-1: CVE-2021-42860: mxml: heap buffer overflow in mxml_string_getc 2022-05-30
1200051 openSUSE Distribution Security security-team NEW --- firmware_security, issues reported 2022-06-27
1200056 openSUSE Distribution Security forgotten_GfSLLQGSl_ NEW --- VUL-0: CVE-2021-40426: sox: heap-based buffer overflow vulnerability exists in the sphere.c start_read() function 2022-05-31
1200078 openSUSE Distribution Security rpm NEW --- VUL-0: CVE-2022-1934: Use After Free in mruby prior to 3.2 2022-05-31
1200116 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2022-31001: sofia-sip: out of bounds read can lead to remote DoS 2022-06-01
1200117 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2022-31002: sofia-sip: out of bounds read via malformed URL 2022-06-01
1200118 openSUSE Distribution Security os.gnome.maintainers NEW --- VUL-0: CVE-2022-31003: sofia-sip: out of bounds write via malformed sdp message 2022-06-01
1200238 openSUSE Distribution Security meissner NEW --- cacert certificates don't work 2022-06-13
1200277 openSUSE Distribution Security jayvdb NEW --- VUL-0: CVE-2022-30034: python-flower: OAuth authentication bypass 2022-06-07
1200279 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-29718: caddy: unauthenticated open redirect vulnerability 2024-05-22
1200332 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-31212: dbus-broker: a stack buffer over-read if a malicious Exec line is supplied 2022-06-25
1200333 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-31213: dbus-broker: null pointer reference when supplying a malformed XML config file 2022-06-25
1200374 openSUSE Distribution Security security-team NEW --- firewalld: direct.xml is causing iptables-restore failures (ip6tables-restore, "firewall-cmd --state" and "yast firewall" fail too) 2022-07-23
1200400 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2022-29225: envoy-proxy: Decompressors can be zip bombed 2022-06-10
1200401 openSUSE Distribution Security wolfgang.engel NEW --- VUL-0: CVE-2022-29224: envoy-proxy: Segfault in GrpcHealthCheckerImpl 2022-06-10
1200410 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-29227: envoy-proxy: Internal redirect crash for requests with body/trailers 2022-06-10
1200473 openSUSE Distribution Security jayvdb NEW --- VUL-1: CVE-2022-2054: python-Nuitka: Command Injection via environment variable 2022-06-13
1200518 openSUSE Distribution Security maurizio.galli NEW --- VUL-0: CVE-2022-32278: exo: xdg-open can execute a .desktop file on a server 2022-06-14
1200896 openSUSE Distribution Security machinery-maintainers NEW --- VUL-0: CVE-2022-33127: rubygem-diffy: Remote code execution from user controlled diff file paths 2022-06-24
1201178 openSUSE Distribution Security kde-maintainers NEW --- VUL-0: CVE-2021-41687: dcmtk: the program malloc a heap memory for parsing data, but does not free it when error in parsing 2023-01-04
1201179 openSUSE Distribution Security kde-maintainers NEW --- VUL-0: CVE-2021-41688: dcmtk: object in the program is free but its address is still used in other locations 2023-01-04
1201180 openSUSE Distribution Security kde-maintainers NEW --- VUL-0: CVE-2021-41689: dcmtk: sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null 2023-01-04
1201181 openSUSE Distribution Security kde-maintainers NEW --- VUL-0: CVE-2021-41690: dcmtk: malloced memory for storing all file information are recorded in a global variable LST and are not freed properly 2023-01-04
1201212 openSUSE Distribution Security avvissu NEW --- VUL-1: CVE-2022-32325: jpegoptim: JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c. 2022-07-05
1201229 openSUSE Distribution Security asarai NEW --- VUL-0: CVE-2022-31052,CVE-2022-31052: synapse: DoS due to unbounded recusion 2022-11-24
1201494 openSUSE Distribution Security adrian.glaubitz IN_P --- VUL-0: CVE-2019-10800: python-codecov: codecov does not sanitize gcov arguments before being being provided to the popen method 2022-08-10
1201581 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2022-35409: mbedtls: Buffer overread in DTLS ClientHello parsing 2022-12-22
1201765 openSUSE Distribution Security security-team NEW --- distribute US FPKI Federal Common Policy CA 2022-07-23
1201770 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2014-9862: libostree: bundled bsdiff Improper checking of input allows arbitrary write on heap 2022-10-20
1201820 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-34502: radare2: Heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c 2022-07-25
1201821 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2022-34520: radare2: NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c 2022-07-25
1201822 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-34037: caddy: oob read allows for DoS 2024-05-22
1202316 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33643: libtar: out-of-bounds read with a size in header struct being 0 2022-08-11
1202317 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33644: libtar: out-of-bounds read with a size in header struct being 0 2022-08-11
1202319 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33645: libtar: memory leak in th_read() 2022-12-20
1202320 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33646: libtar: memory leak in th_read() 2022-12-20
1202350 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-38150: varnish: denial of service via colon-starting reason phrase 2022-08-27
1202407 openSUSE Distribution Security jengelh NEW --- VUL-0: CVE-2020-21365: wkhtmltopdf: Directory traversal vulnerability in wkhtmltopdf 2023-09-25
1202408 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33235: htmldoc: Buffer overflow vulnerability in write_node in htmldoc through 1.9.11 2022-08-16
1202409 openSUSE Distribution Security mpluskal NEW --- VUL-0: CVE-2021-33236: htmldoc: Buffer Overflow vulnerability in write_header in htmldoc through 1.9.11 2022-08-16
1202423 openSUSE Distribution Security dap.darkness NEW --- VUL-0: CVE-2022-35978: minetest: Mod scripts can escape sandbox in single player 2023-01-03
1202428 openSUSE Distribution Security hpj NEW --- VUL-0: CVE-2022-2831: blender: Integer Overflow in blender thumbnail extractor 2022-08-16
1202429 openSUSE Distribution Security hpj NEW --- VUL-0: CVE-2022-2832: blender: Null pointer reference in blender thumbnail extractor 2022-08-16
1202430 openSUSE Distribution Security hpj NEW --- VUL-0: CVE-2022-2833: blender: Eternal loop in blender thumbnail extractor 2022-08-16
1202432 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2022-24952: EternalTerminal: DoS triggered remotely by invalid sequence numbers 2022-11-02
1202433 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2022-24951: EternalTerminal: race condition allows local attacker to hijack IPC socket 2022-11-02
1202434 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2022-24950: EternalTerminal: race condition allows authenticated attacker to hijack other users' SSH authorization socket 2022-11-02
1202435 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2022-24949: EternalTerminal: privilege escalation to root 2022-11-02
1202441 openSUSE Distribution Security rbrown NEW --- VUL-0: CVE-2022-2837: coredns: DNS Redirection of Top-Level Domains 2022-08-16
1202442 openSUSE Distribution Security rbrown NEW --- VUL-0: CVE-2022-2835: coredns: DNS Redirection of Internal Services 2022-08-16
1202513 openSUSE Distribution Security malcolmlewis NEW --- VUL-0: CVE-2022-35133: cherrytree: cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 2022-12-04
1202543 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-37049: tcpreplay: heap-based buffer overflow in parse_mpls at common/get.c 2022-08-19
1202544 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-37048: tcpreplay: heap-based buffer overflow in get_l2len_protocol at common/get.c 2022-08-19
1202545 openSUSE Distribution Security mkubecek NEW --- VUL-0: CVE-2022-37047: tcpreplay: heap-based buffer overflow in get_ipv6_next at common/get.c 2022-08-19
1202547 openSUSE Distribution Security toddrme2178 NEW --- VUL-0: CVE-2021-32862: python-nbconvert: Cross-site scripting vulnerabilities in nbconvert 2023-09-25
1202556 openSUSE Distribution Security aduffeck NEW --- VUL-0: CVE-2020-36599: rubygem-omniauth: lib/omniauth/failure_endpoint.rb in OmniAuth before 2.0 does not escape the message_key value 2022-08-19
1202801 openSUSE Distribution Security stefan.bruens NEW --- VUL-0: CVE-2021-42521: vtk: NULL pointer dereference vulnerability in IO/Infovis/vtkXMLTreeReader.cxx 2023-05-02
1202858 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2021-4216: mupdf: division by zero for zero width pages in muraster 2022-09-17
1202859 openSUSE Distribution Security andrej.semen NEW --- VUL-0: CVE-2022-3017: froxlor: Cross-Site Request Forgery (CSRF) froxlor prior to 0.10.38 2022-08-29
1203104 openSUSE Distribution Security Thomas.Worm NEW --- VUL-0: CVE-2020-22669: owasp-modsecurity-crs: SQL injection bypass 2022-09-05
1203105 openSUSE Distribution Security asarai NEW --- VUL-0: CVE-2022-31152: matrix-synapse: denial of service due to incorrect application of event authorization rules 2022-09-05
1203127 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-39832: pspp: heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c 2024-05-20
1203128 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2022-39831: pspp: heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c 2024-05-20
1203162 openSUSE Distribution Security security-team NEW --- VUL-0: CVE-2021-3427: deluge: XSS in webui via crafted torrent file 2022-11-06
1203335 openSUSE Distribution Security info NEW --- VUL-0: CVE-2022-38266: tesseract-ocr: arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file in Leptonica linked lib 2022-09-12
1203507 openSUSE Distribution Security guillaume.gardet NEW --- VUL-0: tensorflow-lite: multiple security fixes in tensorflow 2.10.0 2022-09-21
1203553 openSUSE Distribution Security jengelh NEW --- VUL-0: CVE-2022-40468: tinyproxy: information leak related to process_request() 2024-05-10
1203631 openSUSE Distribution Security simonf.lees NEW --- VUL-0: CVE-2022-37706: enlightenment: privilege escalation via command injection 2022-10-19
1203821 openSUSE Distribution Security sor.alexei NEW --- VUL-0: CVE-2022-39835: gajim: attackers may forge message correction stanzas for other users 2022-11-12
1204169 openSUSE Distribution Security mimi.vx NEW --- VUL-0: CVE-2022-3433: ghc-aeson: untrusted JSON input leads to hash collisions and DoS 2022-10-10
1204309 openSUSE Distribution Security meissner NEW --- YubiKey Manager installed from security repo segfaults on start 2022-10-16
1204310 openSUSE Distribution Security meissner NEW --- YubiKey Manager throw python exception when invoked in terminal 2022-10-16
1204409 openSUSE Distribution Security security-team IN_P --- VUL-0: CVE-2022-41751: jhead: arbitrary OS commands by placing them in a JPEG filename 2023-02-10
1204535 openSUSE Distribution Security security-team NEW --- python3-Django 2.2 has reached end-of-life 2022-10-20
1204571 openSUSE Distribution Security forgotten_4yKfwBnymp NEW --- VUL-0: CVE-2022-3620: exim: UAF in dmarc_dns_lookup 2022-10-21
1204784 openSUSE Distribution Security mrostecki NEW --- VUL-0: CVE-2022-3474: bazel, bazel3.4, bazel3.7: GrpcRemoteDownloader sends credentials of all domains to remote assets API 2022-10-27
1204800 openSUSE Distribution Security hpj NEW --- openssh Can Not Generate a SSH key using '-t' 2022-10-28
This result was limited to 500 bugs. See all search results for this query.
CSV Feed iCal
as

File a new bug in the "Security" component of the "openSUSE Distribution" product