Vulnerabilities > Opensuse > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-04 CVE-2018-11683 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
2018-05-31 CVE-2018-11577 Classic Buffer Overflow vulnerability in multiple products
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
network
low complexity
liblouis canonical opensuse CWE-120
8.8
2018-05-25 CVE-2018-11440 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
2018-05-23 CVE-2018-1125 Out-of-bounds Write vulnerability in multiple products
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep.
7.5
2018-05-23 CVE-2018-1124 Integer Overflow or Wraparound vulnerability in multiple products
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function.
7.8
2018-05-08 CVE-2018-10380 Link Following vulnerability in multiple products
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
local
low complexity
kde debian opensuse CWE-59
7.8
2018-04-18 CVE-2018-1088 A privilege escalation flaw was found in gluster 3.x snapshot scheduler.
network
high complexity
redhat opensuse debian
8.1
2018-04-10 CVE-2014-0158 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045.
network
low complexity
uclouvain opensuse CWE-119
8.8
2018-03-20 CVE-2011-3178 Code Injection vulnerability in Opensuse Open Build Service
In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode.
network
low complexity
opensuse CWE-94
8.8
2018-03-12 CVE-2016-5314 Out-of-bounds Write vulnerability in multiple products
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
network
low complexity
libtiff opensuse redhat debian CWE-787
8.8