Opensuse: >> Opensuse >> 11.4 Security Vulnerabilities
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
CVSS Score
8.8
EPSS Score
0.013
Published
2020-02-06
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
CVSS Score
8.8
EPSS Score
0.133
Published
2020-02-06
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-01-27
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-11-14
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-13
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
CVSS Score
8.6
EPSS Score
0.71
Published
2016-03-09
Page 1