Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Opensuse
(Opensuse)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2009-05-14 | CVE-2009-1630 | The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. | Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Esx | N/A | ||
2019-11-05 | CVE-2013-6365 | Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions | Debian_linux, Groupware, Opensuse | N/A | ||
2014-04-30 | CVE-2014-1526 | The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
2014-04-30 | CVE-2014-1525 | The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
2014-04-30 | CVE-2014-1522 | The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
2014-04-30 | CVE-2014-1519 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
2014-03-19 | CVE-2014-1502 | The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. | Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2014-03-19 | CVE-2014-1500 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2014-03-19 | CVE-2014-1499 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. | Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
2014-03-19 | CVE-2014-1498 | The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. | Firefox, Seamonkey, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A |