Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2019-02-18 CVE-2019-8912 Use After Free vulnerability in multiple products
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
local
low complexity
linux redhat canonical opensuse CWE-416
7.8
2019-02-18 CVE-2019-8907 Out-of-bounds Write vulnerability in multiple products
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
network
low complexity
file-project debian opensuse canonical CWE-787
8.8
2019-02-18 CVE-2019-8906 Out-of-bounds Read vulnerability in multiple products
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
4.4
2019-02-18 CVE-2019-8905 Out-of-bounds Read vulnerability in multiple products
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
4.4
2019-02-15 CVE-2019-8341 Code Injection vulnerability in multiple products
An issue was discovered in Jinja2 2.10.
network
low complexity
pocoo opensuse CWE-94
critical
9.8
2019-02-11 CVE-2019-5736 OS Command Injection vulnerability in multiple products
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec.
8.6
2019-02-09 CVE-2019-7665 Out-of-bounds Read vulnerability in multiple products
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf.
5.5
2019-02-09 CVE-2019-7663 An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c.
network
low complexity
libtiff debian canonical opensuse
6.5
2019-02-08 CVE-2019-7638 Out-of-bounds Read vulnerability in multiple products
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
8.8
2019-02-08 CVE-2019-7637 Out-of-bounds Write vulnerability in multiple products
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
8.8