Vulnerabilities > Opensuse > Opensuse > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-23 | CVE-2015-5334 | Out-of-bounds Write vulnerability in multiple products Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. | 7.5 |
2019-12-17 | CVE-2014-8179 | Improper Input Validation vulnerability in multiple products Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation. | 7.5 |
2018-06-08 | CVE-2014-5220 | Command Injection vulnerability in multiple products The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. | 7.8 |
2017-12-05 | CVE-2016-1254 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. | 7.5 |
2017-05-23 | CVE-2016-9842 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | 8.8 |
2017-05-23 | CVE-2016-9840 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 8.8 |
2017-05-23 | CVE-2016-5177 | Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | 8.8 |
2017-04-12 | CVE-2016-9959 | Out-of-bounds Write vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. | 7.8 |
2017-04-12 | CVE-2016-9958 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. | 7.8 |
2017-04-12 | CVE-2016-9957 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in game-music-emu before 0.6.1. | 7.8 |