Vulnerabilities > Suse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-26 | CVE-2018-19539 | Reachable Assertion vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 6.5 |
| 2018-11-12 | CVE-2018-19208 | NULL Pointer Dereference vulnerability in multiple products In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. | 6.5 |
| 2018-11-07 | CVE-2018-19052 | Path Traversal vulnerability in multiple products An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. | 7.5 |
| 2018-10-31 | CVE-2018-18873 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 5.5 |
| 2018-10-23 | CVE-2018-16837 | Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. | 7.8 |
| 2018-10-23 | CVE-2018-18585 | NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | 4.3 |
| 2018-10-23 | CVE-2018-18584 | Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787 | 6.5 |
| 2018-10-09 | CVE-2018-17962 | Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | 7.5 |
| 2018-10-04 | CVE-2018-12472 | Improper Authentication vulnerability in Suse Subscription Management Tool A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. | 9.1 |
| 2018-10-04 | CVE-2018-12471 | XXE vulnerability in Suse Subscription Management Tool A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. | 8.1 |