Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-14806 Insufficient Entropy vulnerability in multiple products
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
network
low complexity
palletsprojects opensuse CWE-331
7.5
7.5
2019-08-07 CVE-2019-14744 OS Command Injection vulnerability in multiple products
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. 		7.8
7.8
2019-08-06 CVE-2019-13106 Out-of-bounds Write vulnerability in multiple products
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
local
low complexity
denx opensuse CWE-787
7.8
7.8
2019-08-06 CVE-2019-13104 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
local
low complexity
denx opensuse CWE-191
7.8
7.8
2019-08-02 CVE-2019-14235 Uncontrolled Recursion vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject opensuse CWE-674
7.5
7.5
2019-08-02 CVE-2019-14233 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject opensuse CWE-400
7.5
7.5
2019-08-02 CVE-2019-14232 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject opensuse CWE-400
7.5
7.5
2019-08-02 CVE-2019-14524 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Schism Tracker through 20190722.
local
low complexity
schismtracker opensuse CWE-787
7.8
7.8
2019-08-01 CVE-2019-14492 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1.
network
low complexity
opencv opensuse CWE-787
7.5
7.5
2019-07-31 CVE-2019-10185 It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file.
network
low complexity
icedtea-web-project debian opensuse
8.6
8.6