Vulnerabilities > Opensuse > Low

DATE CVE VULNERABILITY TITLE RISK
2021-05-18 CVE-2021-3200 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
local
low complexity
opensuse oracle CWE-120
3.3
3.3
2020-10-22 CVE-2020-27560 Divide By Zero vulnerability in multiple products
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
local
low complexity
imagemagick debian opensuse CWE-369
3.3
3.3
2020-09-30 CVE-2020-14378 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop.
local
low complexity
dpdk opensuse canonical CWE-191
3.3
3.3
2020-09-02 CVE-2020-24654 Link Following vulnerability in multiple products
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. 		3.3
3.3
2020-08-11 CVE-2020-16092 Reachable Assertion vulnerability in multiple products
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing.
local
low complexity
qemu debian canonical opensuse CWE-617
3.8
3.8
2020-08-03 CVE-2020-16116 Path Traversal vulnerability in multiple products
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. 		3.3
3.3
2020-07-30 CVE-2020-16166 Use of Insufficiently Random Values vulnerability in multiple products
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. 		3.7
3.7
2020-07-27 CVE-2020-15103 In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel.
network
low complexity
freerdp fedoraproject opensuse canonical debian
3.5
3.5
2020-06-02 CVE-2020-13659 NULL Pointer Dereference vulnerability in multiple products
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
local
high complexity
qemu debian opensuse canonical CWE-476
2.5
2.5
2020-05-29 CVE-2020-11040 In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color.
network
low complexity
freerdp opensuse debian
2.7
2.7