Opensuse - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Opensuse
(Opensuse)

Repositories

• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/krb5/krb5
• https://github.com/torvalds/linux
• https://github.com/file/file
• https://github.com/madler/zlib

• https://github.com/php/php-src
• https://github.com/quassel/quassel
• https://github.com/libarchive/libarchive
• https://github.com/mdadams/jasper
• https://github.com/git/git
• https://github.com/libgd/libgd
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/erikd/libsndfile
• https://github.com/dosfstools/dosfstools
• https://github.com/atheme/atheme
• https://github.com/roundcube/roundcubemail
• git://git.openssl.org/openssl.git
• https://github.com/apache/httpd
• https://github.com/systemd/systemd
• https://github.com/karelzak/util-linux
• https://github.com/mongodb/mongo-python-driver
• https://github.com/ibus/ibus-anthy
• https://github.com/phppgadmin/phppgadmin
• https://github.com/esnet/iperf
• https://github.com/ImageMagick/ImageMagick
• https://github.com/opencontainers/runc
• https://github.com/OpenVPN/openvpn
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mysql/mysql-server
• https://github.com/puppetlabs/puppet
• https://github.com/vadz/libtiff
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/fragglet/lhasa
• https://github.com/ocaml/ocaml
• https://github.com/stedolan/jq
• https://github.com/Matroska-Org/libmatroska
• https://github.com/ipython/ipython
• https://github.com/kerolasa/lelux-utiliteetit
• https://github.com/weidai11/cryptopp
• https://github.com/khaledhosny/ots
• https://github.com/jmacd/xdelta-devel
• https://github.com/libguestfs/hivex
• https://github.com/miniupnp/miniupnp
• https://github.com/python-pillow/Pillow
• https://github.com/django/django
• https://github.com/drk1wi/portspoof
• https://github.com/bagder/curl
• https://github.com/audreyt/module-signature
• https://github.com/LibRaw/LibRaw

#Vulnerabilities

1420

Date	Id	Summary	Products	Score	Patch	Annotated
2009-05-14	CVE-2009-1630	The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.	Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Esx	N/A
2019-11-05	CVE-2013-6365	Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions	Debian_linux, Groupware, Opensuse	N/A
2014-04-30	CVE-2014-1526	The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.	Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse	N/A
2014-04-30	CVE-2014-1525	The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.	Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse	N/A
2014-04-30	CVE-2014-1522	The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.	Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse	N/A
2014-04-30	CVE-2014-1519	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse	N/A
2014-03-19	CVE-2014-1502	The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.	Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2014-03-19	CVE-2014-1500	Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.	Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2014-03-19	CVE-2014-1499	Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.	Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2014-03-19	CVE-2014-1498	The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.	Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A