Filtered by vendor Opensuse Subscriptions
Filtered by product Opensuse Subscriptions
Total 1465 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-5241 3 Debian, Graphicsmagick, Opensuse 4 Debian Linux, Graphicsmagick, Leap and 1 more 2024-11-21 N/A
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-5178 5 Debian, Fedoraproject, Google and 2 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-5177 5 Debian, Fedoraproject, Google and 2 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 N/A
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-5131 8 Apple, Canonical, Debian and 5 more 18 Iphone Os, Mac Os X, Tvos and 15 more 2024-11-21 N/A
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
CVE-2016-5118 8 Canonical, Debian, Graphicsmagick and 5 more 15 Ubuntu Linux, Debian Linux, Graphicsmagick and 12 more 2024-11-21 9.8 Critical
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVE-2016-5104 3 Canonical, Libimobiledevice, Opensuse 5 Ubuntu Linux, Libimobiledevice, Libusbmuxd and 2 more 2024-11-21 N/A
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
CVE-2016-5099 2 Opensuse, Phpmyadmin 2 Opensuse, Phpmyadmin 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
CVE-2016-5098 2 Opensuse, Phpmyadmin 2 Opensuse, Phpmyadmin 2024-11-21 N/A
Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error.
CVE-2016-5097 2 Opensuse, Phpmyadmin 2 Opensuse, Phpmyadmin 2024-11-21 N/A
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.
CVE-2016-4983 3 Dovecot, Opensuse, Redhat 4 Dovecot, Leap, Opensuse and 1 more 2024-11-21 3.3 Low
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
CVE-2016-4957 5 Novell, Ntp, Opensuse and 2 more 9 Suse Manager, Ntp, Leap and 6 more 2024-11-21 7.5 High
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
CVE-2016-4956 6 Novell, Ntp, Opensuse and 3 more 11 Suse Manager, Ntp, Leap and 8 more 2024-11-21 5.3 Medium
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
CVE-2016-4955 6 Novell, Ntp, Opensuse and 3 more 11 Suse Manager, Ntp, Leap and 8 more 2024-11-21 5.9 Medium
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
CVE-2016-4954 5 Ntp, Opensuse, Oracle and 2 more 15 Ntp, Leap, Opensuse and 12 more 2024-11-21 7.5 High
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
CVE-2016-4953 5 Ntp, Opensuse, Oracle and 2 more 15 Ntp, Leap, Opensuse and 12 more 2024-11-21 7.5 High
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
CVE-2016-4804 3 Canonical, Dosfstools Project, Opensuse 4 Ubuntu Linux, Dosfstools, Leap and 1 more 2024-11-21 N/A
The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.
CVE-2016-4578 5 Canonical, Debian, Linux and 2 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2024-11-21 N/A
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
CVE-2016-4574 3 Canonical, Gnupg, Opensuse 4 Ubuntu Linux, Libksba, Leap and 1 more 2024-11-21 N/A
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.
CVE-2016-4544 5 Debian, Fedoraproject, Opensuse and 2 more 6 Debian Linux, Fedora, Leap and 3 more 2024-11-21 9.8 Critical
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVE-2016-4478 3 Atheme, Debian, Opensuse 4 Atheme, Debian Linux, Leap and 1 more 2024-11-21 N/A
Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.