Vulnerabilities > Opensuse > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-03-14 CVE-2019-9774 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645.
network
low complexity
gnu opensuse CWE-125
critical
 9.1
9.1
2019-03-09 CVE-2019-9641 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-908
critical
 9.8
9.8
2019-03-08 CVE-2019-9636 Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization.
network
low complexity
python fedoraproject opensuse debian canonical redhat oracle
critical
 9.8
9.8
2019-02-28 CVE-2019-9215 In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
network
low complexity
live555 opensuse debian
critical
 9.8
9.8
2019-02-24 CVE-2019-8375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany).
network
low complexity
webkitgtk opensuse canonical CWE-119
critical
 9.8
9.8
2019-02-22 CVE-2019-9023 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
critical
 9.8
9.8
2019-02-22 CVE-2019-9021 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
critical
 9.8
9.8
2019-02-22 CVE-2019-9020 Use After Free vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-416
critical
 9.8
9.8
2019-02-20 CVE-2019-7164 SQL Injection vulnerability in multiple products
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
network
low complexity
sqlalchemy debian opensuse redhat oracle CWE-89
critical
 9.8
9.8
2019-02-15 CVE-2019-8341 Code Injection vulnerability in multiple products
An issue was discovered in Jinja2 2.10.
network
low complexity
pocoo opensuse CWE-94
critical
 9.8
9.8