Opensuse Security Vulnerabilities and Issues — Opensuse CVE List

Lucene search

OpensuseOpensuse

6 matches found

CVE•added 2016/09/26 2:59 p.m.•194 views

CVE-2016-4303

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.

9.8CVSS9.5AI score0.05758EPSS

CVE•added 2016/09/07 8:59 p.m.•130 views

CVE-2016-6262

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.

7.5CVSS7.2AI score0.02613EPSS

CVE•added 2016/09/07 8:59 p.m.•127 views

CVE-2015-8948

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.

7.5CVSS7.1AI score0.02613EPSS

CVE•added 2016/09/07 6:59 p.m.•92 views

CVE-2016-6855

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.

7.5CVSS7.1AI score0.0255EPSS

CVE•added 2016/09/26 4:59 p.m.•56 views

CVE-2016-6172

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

7.1CVSS6.7AI score0.00014EPSS

CVE•added 2016/09/22 3:59 p.m.•53 views

CVE-2016-6265

Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

5.5CVSS5.2AI score0.00498EPSS