Vulnerabilities
Vulnerable Software
Opensuse:  >> Opensuse  Security Vulnerabilities
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
CVSS Score
3.3
EPSS Score
0.0
Published
2019-11-27
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-11-14
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-13
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
CVSS Score
3.3
EPSS Score
0.001
Published
2019-11-05
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
CVSS Score
5.3
EPSS Score
0.002
Published
2019-11-05
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-04


Contact Us

Shodan ® - All rights reserved