The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of openSUSE

threat alert CVE-2014-9092

libjpeg-turbo: denial of service via Exif Marker

Synthesis of the vulnerability

An attacker can generate a fatal error via Exif Marker of libjpeg-turbo, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 10/07/2018.
Identifiers: CVE-2014-9092, FEDORA-2014-17543, FEDORA-2014-17561, FEDORA-2015-2580, FEDORA-2015-2615, MDVSA-2015:014, MDVSA-2015:152, openSUSE-SU-2014:1637-1, USN-3706-1, USN-3706-2, VIGILANCE-VUL-26665.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via Exif Marker of libjpeg-turbo, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2013-4234

libmodplug: buffer overflow via abc_MIDI_drum/gchord

Synthesis of the vulnerability

An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 28/05/2018.
Identifiers: CVE-2013-4234, DSA-2751-1, FEDORA-2014-3791, FEDORA-2014-3795, MDVSA-2013:232, openSUSE-SU-2013:1635-1, openSUSE-SU-2013:1637-1, SUSE-SU-2018:1441-1, VIGILANCE-VUL-26243.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2013-2131

rrdtool: vulnerability

Synthesis of the vulnerability

A vulnerability of rrdtool was announced.
Severity: 2/4.
Creation date: 19/02/2018.
Identifiers: CVE-2013-2131, FEDORA-2013-10309, openSUSE-SU-2014:1646-1, openSUSE-SU-2018:0474-1, VIGILANCE-VUL-25327.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A vulnerability of rrdtool was announced.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2010-4226

Open Build Service: write access via cpio

Synthesis of the vulnerability

An attacker can bypass access restrictions via cpio of Open Build Service, in order to alter data.
Severity: 2/4.
Creation date: 11/12/2017.
Identifiers: CVE-2010-4226, openSUSE-SU-2011:0174-1, openSUSE-SU-2017:3259-1, SUSE-SR:2011:005, SUSE-SU-2017:3253-1, VIGILANCE-VUL-24709.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions via cpio of Open Build Service, in order to alter data.
Full Vigil@nce bulletin... (Free trial)

weakness alert CVE-2012-6303

Snack Sound Toolkit: buffer overflow via GetWavHeader

Synthesis of the vulnerability

An attacker can generate a buffer overflow via GetWavHeader of Snack Sound Toolkit, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 15/11/2017.
Identifiers: CVE-2012-6303, FEDORA-2013-0098, FEDORA-2013-0110, MDVSA-2013:126, openSUSE-SU-2015:0382-1, openSUSE-SU-2017:3016-1, VIGILANCE-VUL-24451.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via GetWavHeader of Snack Sound Toolkit, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2014-9907

ImageMagick: denial of service via DDS

Synthesis of the vulnerability

An attacker can generate a fatal error via DDS of ImageMagick, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 20/09/2017.
Identifiers: CVE-2014-9907, DLA-731-1, DLA-731-2, FEDORA-2017-3a568adb31, FEDORA-2017-8f27031c8f, openSUSE-SU-2016:2671-1, openSUSE-SU-2016:2770-1, openSUSE-SU-2016:3091-1, SUSE-SU-2016:2964-1, VIGILANCE-VUL-23878.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via DDS of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2014-0250

FreeRDP: buffer overflow via Width/Height

Synthesis of the vulnerability

An attacker can generate a buffer overflow via Width/Height of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 08/08/2017.
Identifiers: CVE-2014-0250, MDVSA-2015:171, openSUSE-SU-2014:0862-1, USN-3380-1, VIGILANCE-VUL-23464.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via Width/Height of FreeRDP, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

weakness note CVE-2014-3677

shim: memory corruption via MOK Lists

Synthesis of the vulnerability

An attacker can generate a memory corruption via MOK Lists of shim, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 27/07/2017.
Identifiers: CVE-2014-3677, FEDORA-2014-14058, FEDORA-2014-14059, openSUSE-SU-2017:1967-1, RHSA-2014:1801-01, SUSE-SU-2014:1619-1, VIGILANCE-VUL-23373.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via MOK Lists of shim, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2014-3676

shim: buffer overflow via DHCPv6 TFTP IPv6 Addresses

Synthesis of the vulnerability

An attacker can generate a buffer overflow via DHCPv6 TFTP IPv6 Addresses of shim, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 27/07/2017.
Identifiers: CVE-2014-3676, FEDORA-2014-14058, FEDORA-2014-14059, openSUSE-SU-2017:1967-1, RHSA-2014:1801-01, SUSE-SU-2014:1619-1, VIGILANCE-VUL-23372.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via DHCPv6 TFTP IPv6 Addresses of shim, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2014-9638 CVE-2014-9639

vorbis-tools: two vulnerabilities via oggenc

Synthesis of the vulnerability

An attacker can use several vulnerabilities via oggenc of vorbis-tools.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 03/07/2017.
Identifiers: CVE-2014-9638, CVE-2014-9639, DLA-1010-1, FEDORA-2015-2330, FEDORA-2015-2335, openSUSE-SU-2015:0522-1, VIGILANCE-VUL-23124.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities via oggenc of vorbis-tools.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about openSUSE: