Product:

Suse_package_hub_for_suse_linux_enterprise

(Novell)
Repositories https://github.com/esnet/iperf
https://github.com/golang/go
#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2019-12-10 CVE-2019-13730 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Suse_package_hub_for_suse_linux_enterprise, Backports, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 8.8
2016-09-26 CVE-2016-4303 The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. Iperf, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse 9.8
2016-03-13 CVE-2016-1957 Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. Firefox, Firefox_esr, Thunderbird, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse, Linux 4.3
2016-03-13 CVE-2016-1954 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. Firefox, Firefox_esr, Thunderbird, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse, Linux 8.8
2016-03-13 CVE-2016-1952 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Firefox, Firefox_esr, Thunderbird, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse, Linux 8.8
2017-07-06 CVE-2017-8932 A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. Fedora, Go, Suse_package_hub_for_suse_linux_enterprise, Leap 5.9
2016-06-13 CVE-2016-2818 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation 8.8
2016-03-13 CVE-2016-1956 Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. Firefox, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse 6.5
2016-03-13 CVE-2016-1955 Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. Firefox, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse 4.3
2016-03-13 CVE-2016-1953 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors. Firefox, Firefox_esr, Thunderbird, Suse_package_hub_for_suse_linux_enterprise, Leap, Opensuse 8.8