Vulnerabilities > Opensuse > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-08 CVE-2019-20367 Out-of-bounds Read vulnerability in multiple products
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
network
low complexity
freedesktop debian canonical opensuse CWE-125
critical
 9.1
9.1
2019-12-24 CVE-2019-19953 Out-of-bounds Read vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
network
low complexity
graphicsmagick debian opensuse CWE-125
critical
 9.1
9.1
2019-12-24 CVE-2019-19951 Out-of-bounds Write vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
network
low complexity
graphicsmagick debian opensuse CWE-787
critical
 9.8
9.8
2019-12-24 CVE-2019-19950 Use After Free vulnerability in multiple products
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
network
low complexity
graphicsmagick debian opensuse CWE-416
critical
 9.8
9.8
2019-12-24 CVE-2019-19949 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
network
low complexity
imagemagick debian opensuse canonical CWE-125
critical
 9.1
9.1
2019-12-24 CVE-2019-19948 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
network
low complexity
imagemagick debian opensuse canonical CWE-787
critical
 9.8
9.8
2019-12-20 CVE-2019-17571 Deserialization of Untrusted Data vulnerability in multiple products
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data.
network
low complexity
apache debian canonical opensuse netapp oracle CWE-502
critical
 9.8
9.8
2019-11-29 CVE-2019-14895 A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver.
network
low complexity
linux debian canonical fedoraproject opensuse
critical
 9.8
9.8
2019-11-26 CVE-2019-12526 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian CWE-787
critical
 9.8
9.8
2019-11-26 CVE-2019-12523 An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian
critical
 9.1
9.1