Vulnerabilities > Opensuse > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-17 CVE-2019-16239 Classic Buffer Overflow vulnerability in multiple products
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
network
low complexity
infradead fedoraproject debian canonical opensuse CWE-120
critical
 9.8
9.8
2019-09-16 CVE-2019-5482 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
network
low complexity
haxx fedoraproject opensuse netapp oracle debian CWE-787
critical
 9.8
9.8
2019-09-16 CVE-2019-5481 Double Free vulnerability in multiple products
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
network
low complexity
haxx fedoraproject netapp oracle debian opensuse CWE-415
critical
 9.8
9.8
2019-09-06 CVE-2019-9855 Channel and Path Errors vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
libreoffice opensuse CWE-417
critical
 9.8
9.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8
2019-08-15 CVE-2019-9851 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-08-15 CVE-2019-9850 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-07-29 CVE-2019-14271 Improper Initialization vulnerability in multiple products
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
network
low complexity
docker debian opensuse CWE-665
critical
 9.8
9.8
2019-07-23 CVE-2019-11710 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67.
network
low complexity
mozilla opensuse CWE-787
critical
 9.8
9.8
2019-07-23 CVE-2019-11709 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7.
network
low complexity
mozilla opensuse suse debian CWE-787
critical
 9.8
9.8