Vulnerabilities > Opensuse > Opensuse > 13.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-06 | CVE-2014-2030 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. | 6.8 |
2020-02-06 | CVE-2014-1958 | Classic Buffer Overflow vulnerability in Imagemagick Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | 6.8 |
2020-01-31 | CVE-2013-3565 | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. | 6.1 |
2020-01-14 | CVE-2015-2326 | Out-of-bounds Read vulnerability in multiple products The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". | 5.5 |
2020-01-14 | CVE-2015-2325 | Out-of-bounds Write vulnerability in multiple products The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. | 6.8 |
2019-12-13 | CVE-2014-3495 | Improper Certificate Validation vulnerability in multiple products duplicity 0.6.24 has improper verification of SSL certificates | 5.0 |
2019-12-13 | CVE-2014-2387 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | 4.6 |
2019-12-11 | CVE-2013-7370 | Cross-site Scripting vulnerability in multiple products node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | 4.3 |
2019-11-27 | CVE-2012-6655 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. | 2.1 |
2019-11-05 | CVE-2013-6365 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions | 2.6 |