Opensuse: Security Vulnerabilities
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-01-14
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-06
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-06
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-01-01
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-01-01
vim is vulnerable to Out-of-bounds Read
CVSS Score
7.1
EPSS Score
0.004
Published
2021-12-25
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-09-02
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-09-02