Opensuse
(Opensuse)| Date | ID | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-03-08 | CVE-2015-0228 | The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. | Http_server, Mac_os_x, Mac_os_x_server, Ubuntu_linux, Opensuse | N/A | ||
| 2014-02-06 | CVE-2014-1483 | Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions. | Ubuntu_linux, Firefox, Seamonkey, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2013-02-08 | CVE-2013-0170 | Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue. | Ubuntu_linux, Fedora, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Libvirt, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2017-03-03 | CVE-2016-7969 | The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | Fedora, Libass, Leap, Opensuse | 7.5 | ||
| 2014-01-18 | CVE-2013-6425 | Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. | Ubuntu_linux, Debian_linux, Opensuse, Pixman, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2009-09-08 | CVE-2009-3095 | The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. | Http_server, Mac_os_x, Debian_linux, Fedora, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2016-04-08 | CVE-2016-2381 | Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. | Ubuntu_linux, Debian_linux, Opensuse, Communications_billing_and_revenue_management, Configuration_manager, Database_server, Enterprise_manager_base_platform, Solaris, Timesten_in\-Memory_database, Perl | N/A | ||
| 2017-04-13 | CVE-2015-8567 | Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | Ubuntu_linux, Debian_linux, Fedora, Leap, Opensuse, Qemu, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2018-04-10 | CVE-2014-0158 | Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045. NOTE: this is not a duplicate of CVE-2013-1447, because the scope of CVE-2013-1447 was specifically defined in... | Opensuse, Openjpeg | 8.8 | ||
| 2012-08-29 | CVE-2012-3972 | The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Seamonkey, Thunderbird, Thunderbird_esr, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A |