| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of openSUSE
libjpeg-turbo: denial of service via Exif Marker
Synthesis of the vulnerability
An attacker can generate a fatal error via Exif Marker of libjpeg-turbo, in order to trigger a denial of service.
Impacted products: Fedora, openSUSE, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 10/07/2018.
Identifiers: CVE-2014-9092, FEDORA-2014-17543, FEDORA-2014-17561, FEDORA-2015-2580, FEDORA-2015-2615, MDVSA-2015:014, MDVSA-2015:152, openSUSE-SU-2014:1637-1, USN-3706-1, USN-3706-2, VIGILANCE-VUL-26665.
Description of the vulnerability
An attacker can generate a fatal error via Exif Marker of libjpeg-turbo, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
libmodplug: buffer overflow via abc_MIDI_drum/gchord
Synthesis of the vulnerability
An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, openSUSE, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 28/05/2018.
Identifiers: CVE-2013-4234, DSA-2751-1, FEDORA-2014-3791, FEDORA-2014-3795, MDVSA-2013:232, openSUSE-SU-2013:1635-1, openSUSE-SU-2013:1637-1, SUSE-SU-2018:1441-1, VIGILANCE-VUL-26243.
Description of the vulnerability
An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
rrdtool: vulnerability
Synthesis of the vulnerability
A vulnerability of rrdtool was announced.
Impacted products: Fedora, openSUSE, openSUSE Leap.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Creation date: 19/02/2018.
Identifiers: CVE-2013-2131, FEDORA-2013-10309, openSUSE-SU-2014:1646-1, openSUSE-SU-2018:0474-1, VIGILANCE-VUL-25327.
Description of the vulnerability
A vulnerability of rrdtool was announced.
Full Vigil@nce bulletin... (Free trial) |
Open Build Service: write access via cpio
Synthesis of the vulnerability
An attacker can bypass access restrictions via cpio of Open Build Service, in order to alter data.
Impacted products: openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data creation/edition, data deletion.
Provenance: user shell.
Creation date: 11/12/2017.
Identifiers: CVE-2010-4226, openSUSE-SU-2011:0174-1, openSUSE-SU-2017:3259-1, SUSE-SR:2011:005, SUSE-SU-2017:3253-1, VIGILANCE-VUL-24709.
Description of the vulnerability
An attacker can bypass access restrictions via cpio of Open Build Service, in order to alter data.
Full Vigil@nce bulletin... (Free trial) |
Snack Sound Toolkit: buffer overflow via GetWavHeader
Synthesis of the vulnerability
An attacker can generate a buffer overflow via GetWavHeader of Snack Sound Toolkit, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, openSUSE, openSUSE Leap.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 15/11/2017.
Identifiers: CVE-2012-6303, FEDORA-2013-0098, FEDORA-2013-0110, MDVSA-2013:126, openSUSE-SU-2015:0382-1, openSUSE-SU-2017:3016-1, VIGILANCE-VUL-24451.
Description of the vulnerability
An attacker can generate a buffer overflow via GetWavHeader of Snack Sound Toolkit, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
ImageMagick: denial of service via DDS
Synthesis of the vulnerability
An attacker can generate a fatal error via DDS of ImageMagick, in order to trigger a denial of service.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 20/09/2017.
Identifiers: CVE-2014-9907, DLA-731-1, DLA-731-2, FEDORA-2017-3a568adb31, FEDORA-2017-8f27031c8f, openSUSE-SU-2016:2671-1, openSUSE-SU-2016:2770-1, openSUSE-SU-2016:3091-1, SUSE-SU-2016:2964-1, VIGILANCE-VUL-23878.
Description of the vulnerability
An attacker can generate a fatal error via DDS of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
FreeRDP: buffer overflow via Width/Height
Synthesis of the vulnerability
An attacker can generate a buffer overflow via Width/Height of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Impacted products: openSUSE, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 08/08/2017.
Identifiers: CVE-2014-0250, MDVSA-2015:171, openSUSE-SU-2014:0862-1, USN-3380-1, VIGILANCE-VUL-23464.
Description of the vulnerability
An attacker can generate a buffer overflow via Width/Height of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
shim: memory corruption via MOK Lists
Synthesis of the vulnerability
An attacker can generate a memory corruption via MOK Lists of shim, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 27/07/2017.
Identifiers: CVE-2014-3677, FEDORA-2014-14058, FEDORA-2014-14059, openSUSE-SU-2017:1967-1, RHSA-2014:1801-01, SUSE-SU-2014:1619-1, VIGILANCE-VUL-23373.
Description of the vulnerability
An attacker can generate a memory corruption via MOK Lists of shim, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
shim: buffer overflow via DHCPv6 TFTP IPv6 Addresses
Synthesis of the vulnerability
An attacker can generate a buffer overflow via DHCPv6 TFTP IPv6 Addresses of shim, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: LAN.
Creation date: 27/07/2017.
Identifiers: CVE-2014-3676, FEDORA-2014-14058, FEDORA-2014-14059, openSUSE-SU-2017:1967-1, RHSA-2014:1801-01, SUSE-SU-2014:1619-1, VIGILANCE-VUL-23372.
Description of the vulnerability
An attacker can generate a buffer overflow via DHCPv6 TFTP IPv6 Addresses of shim, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
vorbis-tools: two vulnerabilities via oggenc
Synthesis of the vulnerability
An attacker can use several vulnerabilities via oggenc of vorbis-tools.
Impacted products: Debian, Fedora, openSUSE.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 03/07/2017.
Identifiers: CVE-2014-9638, CVE-2014-9639, DLA-1010-1, FEDORA-2015-2330, FEDORA-2015-2335, openSUSE-SU-2015:0522-1, VIGILANCE-VUL-23124.
Description of the vulnerability
An attacker can use several vulnerabilities via oggenc of vorbis-tools.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about openSUSE:
|