Vulnerabilities > Opensuse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-23 | CVE-2016-7787 | Code Injection vulnerability in multiple products A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | 4.9 |
| 2016-12-23 | CVE-2016-2312 | 7PK - Security Features vulnerability in multiple products Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again. | 6.8 |
| 2016-12-12 | CVE-2016-9427 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. | 9.8 |
| 2016-12-10 | CVE-2016-7995 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes. | 6.0 |
| 2016-12-10 | CVE-2016-7994 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands. | 6.0 |
| 2016-12-10 | CVE-2016-7466 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. | 6.0 |
| 2016-12-10 | CVE-2016-7422 | Classic Buffer Overflow vulnerability in multiple products The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | 6.0 |
| 2016-12-10 | CVE-2016-7170 | Improper Validation of Array Index vulnerability in multiple products The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command. | 4.4 |
| 2016-12-09 | CVE-2016-9106 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | 6.0 |
| 2016-12-09 | CVE-2016-9105 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | 6.0 |