Filtered by vendor Opensuse
Subscribe
Total
3251 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14383 | 2 Openmpt, Opensuse | 2 Libopenmpt, Leap | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. | |||||
| CVE-2019-14524 | 2 Opensuse, Schismtracker | 3 Backports, Leap, Schism Tracker | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. | |||||
| CVE-2019-15141 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. | |||||
| CVE-2018-20860 | 2 Openmpt, Opensuse | 2 Libopenmpt, Leap | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| libopenmpt before 0.3.13 allows a crash with malformed MED files. | |||||
| CVE-2019-5460 | 2 Opensuse, Videolan | 3 Backports, Leap, Vlc Media Player | 2023-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Double Free in VLC versions <= 3.0.6 leads to a crash. | |||||
| CVE-2019-13106 | 2 Denx, Opensuse | 2 U-boot, Leap | 2023-03-03 | 8.3 HIGH | 7.8 HIGH |
| Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |||||
| CVE-2019-14980 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | |||||
| CVE-2019-11721 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2023-03-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68. | |||||
| CVE-2019-11720 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2023-03-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68. | |||||
| CVE-2019-13296 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. | |||||
| CVE-2019-13298 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error. | |||||
| CVE-2019-13299 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. | |||||
| CVE-2019-13302 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages. | |||||
| CVE-2019-13303 | 2 Imagemagick, Opensuse | 2 Imagemagick, Leap | 2023-03-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage. | |||||
| CVE-2019-13308 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-03-02 | 6.8 MEDIUM | 8.8 HIGH |
| ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | |||||
| CVE-2019-13310 | 3 Canonical, Imagemagick, Opensuse | 3 Ubuntu Linux, Imagemagick, Leap | 2023-03-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | |||||
| CVE-2019-6128 | 4 Canonical, Debian, Libtiff and 1 more | 4 Ubuntu Linux, Debian Linux, Libtiff and 1 more | 2023-03-01 | 6.8 MEDIUM | 8.8 HIGH |
| The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | |||||
| CVE-2019-1787 | 3 Clamav, Debian, Opensuse | 3 Clamav, Debian Linux, Leap | 2023-03-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. | |||||
| CVE-2019-14250 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-03-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | |||||
| CVE-2019-14275 | 3 Debian, Opensuse, Xfig Project | 3 Debian Linux, Leap, Fig2dev | 2023-03-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. | |||||