VYPR

openSUSE

by SUSE S.A.

Source repositories

CVEs (10)

  • CVE-2011-0469CriAug 17, 2017
    risk 0.57cvss 9.8epss 0.02

    Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.

  • CVE-2008-3188HigJul 22, 2008
    risk 0.49cvss 7.5epss 0.01

    libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.

  • CVE-2010-3087Sep 28, 2010
    risk 0.00cvss epss 0.03

    LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.

  • CVE-2010-0230Jan 22, 2010
    risk 0.00cvss epss 0.02

    SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.

  • CVE-2009-0310Feb 18, 2009
    risk 0.00cvss epss 0.00

    Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through 11.0 has unknown impact and attack vectors related to "incoming data and authentication-strings."

  • CVE-2008-3067Jul 7, 2008
    risk 0.00cvss epss 0.00

    sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

  • CVE-2008-2667Jul 7, 2008
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the…

  • CVE-2008-0731Feb 12, 2008
    risk 0.00cvss epss 0.01

    The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.

  • CVE-2007-5200Oct 14, 2007
    risk 0.00cvss epss 0.00

    hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.

  • CVE-2007-2654May 14, 2007
    risk 0.00cvss epss 0.00

    xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.