Vulnerabilities > Opensuse > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2019-14492 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1.
network
low complexity
opencv opensuse CWE-787
7.5
7.5
2019-07-31 CVE-2019-10185 It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file.
network
low complexity
icedtea-web-project debian opensuse
8.6
8.6
2019-07-31 CVE-2019-10181 It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification.
network
high complexity
icedtea-web-project debian opensuse
8.1
8.1
2019-07-31 CVE-2019-5060 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4.
network
low complexity
libsdl opensuse CWE-190
8.8
8.8
2019-07-31 CVE-2019-5059 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4.
network
low complexity
libsdl opensuse CWE-190
8.8
8.8
2019-07-31 CVE-2019-5058 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4.
network
low complexity
libsdl opensuse CWE-787
8.8
8.8
2019-07-31 CVE-2019-5057 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4.
network
low complexity
libsdl opensuse CWE-787
8.8
8.8
2019-07-30 CVE-2019-10162 A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control.
network
low complexity
powerdns opensuse
7.5
7.5
2019-07-30 CVE-2019-10152 Link Following vulnerability in multiple products
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers.
local
high complexity
libpod-project opensuse CWE-59
7.2
7.2
2019-07-30 CVE-2019-5459 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
local
low complexity
videolan opensuse CWE-191
7.1
7.1