Filtered by vendor Opensuse
Subscriptions
Filtered by product Leap
Subscriptions
Total
1917 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20482 | 3 Debian, Gnu, Opensuse | 3 Debian Linux, Tar, Leap | 2024-08-05 | 4.7 Medium |
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root). | ||||
CVE-2018-20346 | 5 Debian, Google, Opensuse and 2 more | 5 Debian Linux, Chrome, Leap and 2 more | 2024-08-05 | N/A |
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. | ||||
CVE-2018-20177 | 3 Debian, Opensuse, Rdesktop | 4 Debian Linux, Backports, Leap and 1 more | 2024-08-05 | 9.8 Critical |
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. | ||||
CVE-2018-20126 | 3 Canonical, Opensuse, Qemu | 3 Ubuntu Linux, Leap, Qemu | 2024-08-05 | 5.5 Medium |
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | ||||
CVE-2018-19865 | 2 Opensuse, Qt | 2 Leap, Qt | 2024-08-05 | N/A |
A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | ||||
CVE-2018-19873 | 4 Debian, Opensuse, Qt and 1 more | 4 Debian Linux, Leap, Qt and 1 more | 2024-08-05 | N/A |
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. | ||||
CVE-2018-19872 | 4 Fedoraproject, Opensuse, Qt and 1 more | 4 Fedora, Leap, Qt and 1 more | 2024-08-05 | N/A |
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. | ||||
CVE-2018-19870 | 4 Debian, Opensuse, Qt and 1 more | 4 Debian Linux, Leap, Qt and 1 more | 2024-08-05 | N/A |
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. | ||||
CVE-2018-19871 | 3 Opensuse, Qt, Redhat | 3 Leap, Qt, Enterprise Linux | 2024-08-05 | N/A |
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. | ||||
CVE-2018-19869 | 3 Opensuse, Qt, Redhat | 3 Leap, Qt, Enterprise Linux | 2024-08-05 | N/A |
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. | ||||
CVE-2018-19840 | 5 Canonical, Fedoraproject, Opensuse and 2 more | 5 Ubuntu Linux, Fedora, Leap and 2 more | 2024-08-05 | N/A |
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. | ||||
CVE-2018-19841 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-05 | 5.5 Medium |
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. | ||||
CVE-2018-19665 | 2 Opensuse, Qemu | 2 Leap, Qemu | 2024-08-05 | 5.7 Medium |
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. | ||||
CVE-2018-19539 | 4 Debian, Jasper Project, Opensuse and 1 more | 5 Debian Linux, Jasper, Leap and 2 more | 2024-08-05 | N/A |
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. | ||||
CVE-2018-19542 | 5 Canonical, Debian, Jasper Project and 2 more | 6 Ubuntu Linux, Debian Linux, Jasper and 3 more | 2024-08-05 | N/A |
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. | ||||
CVE-2018-19492 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-08-05 | N/A |
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend. | ||||
CVE-2018-19490 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-08-05 | N/A |
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function. | ||||
CVE-2018-19491 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2024-08-05 | N/A |
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend. | ||||
CVE-2018-19489 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-08-05 | 4.7 Medium |
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | ||||
CVE-2018-19456 | 2 Opensuse, Wplaunchpad | 2 Leap, Wpbackupplus | 2024-08-05 | N/A |
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. |