Vulnerabilities > Opensuse

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-04	CVE-2018-10923	It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. network low complexity gluster redhat debian opensuse	8.1
2018-09-04	CVE-2018-10914	It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. network low complexity gluster redhat debian opensuse	6.5
2018-09-04	CVE-2018-10913	An information disclosure vulnerability was discovered in glusterfs server. network low complexity gluster redhat debian opensuse	6.5
2018-09-04	CVE-2018-10911	A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. network low complexity gluster redhat debian opensuse	7.5
2018-09-04	CVE-2018-10907	It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. network low complexity gluster redhat debian opensuse	8.8
2018-09-04	CVE-2018-10904	It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. network low complexity gluster redhat debian opensuse	8.8
2018-09-03	CVE-2018-16412	Out-of-bounds Read vulnerability in multiple products ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. network low complexity imagemagick opensuse CWE-125	8.8
2018-09-03	CVE-2018-16402	Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. network low complexity elfutils-project debian redhat opensuse canonical CWE-415 critical	9.8
2018-08-31	CVE-2018-7685	Improper Verification of Cryptographic Signature vulnerability in Opensuse Libzypp The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download. local low complexity opensuse CWE-347	7.8
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5

Vulnerabilities > Opensuse {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Opensuse"}]}

Vulnerabilities > Opensuse