Filtered by vendor Opensuse Subscriptions
Total 3286 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-0502 3 Mariadb, Opensuse, Oracle 4 Mariadb, Leap, Opensuse and 1 more 2025-04-12 6.5 Medium
Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-4145 8 Adobe, Apple, Google and 5 more 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more 2025-04-12 8.8 High
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-2099 2 Apache, Opensuse 2 Xerces-c\+\+, Opensuse 2025-04-12 N/A
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
CVE-2015-8872 3 Canonical, Dosfstools Project, Opensuse 4 Ubuntu Linux, Dosfstools, Leap and 1 more 2025-04-12 N/A
The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."
CVE-2015-8869 4 Fedoraproject, Ocaml, Opensuse and 1 more 4 Fedora, Ocaml, Opensuse and 1 more 2025-04-12 N/A
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
CVE-2016-8667 3 Debian, Opensuse, Qemu 3 Debian Linux, Leap, Qemu 2025-04-12 6.0 Medium
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
CVE-2015-8842 1 Opensuse 1 Opensuse 2025-04-12 N/A
tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
CVE-2016-8909 4 Debian, Opensuse, Qemu and 1 more 6 Debian Linux, Leap, Qemu and 3 more 2025-04-12 6.0 Medium
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
CVE-2016-0609 6 Canonical, Debian, Mariadb and 3 more 17 Ubuntu Linux, Debian Linux, Mariadb and 14 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
CVE-2016-0610 6 Canonical, Debian, Mariadb and 3 more 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2016-0611 4 Canonical, Opensuse, Oracle and 1 more 6 Ubuntu Linux, Leap, Opensuse and 3 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0644 6 Debian, Ibm, Mariadb and 3 more 8 Debian Linux, Powerkvm, Mariadb and 5 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CVE-2015-3044 7 Adobe, Apple, Linux and 4 more 13 Flash Player, Mac Os X, Linux Kernel and 10 more 2025-04-12 N/A
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CVE-2016-0746 6 Apple, Canonical, Debian and 3 more 6 Xcode, Ubuntu Linux, Debian Linux and 3 more 2025-04-12 9.8 Critical
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
CVE-2016-0753 5 Debian, Fedoraproject, Opensuse and 2 more 5 Debian Linux, Fedora, Leap and 2 more 2025-04-12 5.3 Medium
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.
CVE-2016-0749 5 Debian, Microsoft, Opensuse and 2 more 12 Debian Linux, Windows, Leap and 9 more 2025-04-12 N/A
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
CVE-2015-8804 4 Canonical, Nettle Project, Opensuse and 1 more 5 Ubuntu Linux, Nettle, Leap and 2 more 2025-04-12 N/A
x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
CVE-2015-0251 5 Apache, Apple, Opensuse and 2 more 10 Subversion, Xcode, Opensuse and 7 more 2025-04-12 N/A
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
CVE-2015-8792 2 Matroska, Opensuse 3 Libmatroska, Leap, Opensuse 2025-04-12 N/A
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
CVE-2016-6261 3 Canonical, Gnu, Opensuse 3 Ubuntu Linux, Libidn, Leap 2025-04-12 N/A
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.