Vulnerabilities (CVE)

Filtered by vendor Opensuse Subscribe
Filtered by product Opensuse
Total 1381 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4836 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-09-29 2.8 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
CVE-2014-0207 5 Christos Zoulas, Debian, Opensuse and 2 more 5 File, Debian Linux, Opensuse and 2 more 2022-09-28 4.3 MEDIUM N/A
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.
CVE-2016-0668 6 Canonical, Debian, Mariadb and 3 more 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more 2022-09-21 1.7 LOW 4.1 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2015-4861 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-09-20 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-4807 4 Fedoraproject, Mariadb, Opensuse and 1 more 6 Fedora, Mariadb, Leap and 3 more 2022-09-20 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.
CVE-2015-4913 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-09-20 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
CVE-2015-4757 6 Canonical, Debian, Mariadb and 3 more 11 Ubuntu Linux, Debian Linux, Mariadb and 8 more 2022-09-20 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
CVE-2009-3095 6 Apache, Apple, Debian and 3 more 7 Http Server, Mac Os X, Debian Linux and 4 more 2022-09-19 5.0 MEDIUM N/A
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
CVE-2011-3192 4 Apache, Canonical, Opensuse and 1 more 5 Http Server, Ubuntu Linux, Opensuse and 2 more 2022-09-19 7.8 HIGH N/A
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CVE-2013-3812 6 Canonical, Debian, Mariadb and 3 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2022-09-16 3.5 LOW N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
CVE-2014-3470 6 Fedoraproject, Mariadb, Openssl and 3 more 11 Fedora, Mariadb, Openssl and 8 more 2022-09-16 4.3 MEDIUM N/A
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
CVE-2015-4792 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-09-15 1.7 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.
CVE-2012-0053 5 Apache, Debian, Opensuse and 2 more 12 Http Server, Debian Linux, Opensuse and 9 more 2022-09-14 4.3 MEDIUM N/A
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
CVE-2012-0031 5 Apache, Debian, Opensuse and 2 more 13 Http Server, Debian Linux, Opensuse and 10 more 2022-09-14 4.6 MEDIUM N/A
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
CVE-2012-0883 2 Apache, Opensuse 2 Http Server, Opensuse 2022-09-14 6.9 MEDIUM N/A
envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
CVE-2013-1862 5 Apache, Canonical, Opensuse and 2 more 11 Http Server, Ubuntu Linux, Opensuse and 8 more 2022-09-14 5.1 MEDIUM N/A
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
CVE-2013-1896 4 Apache, Canonical, Opensuse and 1 more 10 Http Server, Ubuntu Linux, Opensuse and 7 more 2022-09-14 4.3 MEDIUM N/A
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
CVE-2015-4802 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2022-09-08 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
CVE-2015-2648 6 Canonical, Debian, Mariadb and 3 more 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more 2022-09-08 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-4752 6 Canonical, Debian, Mariadb and 3 more 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more 2022-09-08 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.