Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_enterprise
(Suse)| Repositories | https://github.com/nodejs/node |
| #Vulnerabilities | 93 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-12-06 | CVE-2010-4180 | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | Ubuntu_linux, Debian_linux, Nginx, Fedora, Openssl, Opensuse, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2020-06-15 | CVE-2020-14147 | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. | Debian_linux, Communications_operations_monitor, Redis, Linux_enterprise | 7.7 | ||
| 2016-03-13 | CVE-2016-2802 | The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2801 | The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2800 | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2799 | Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2798 | The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2797 | The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2796 | Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
| 2016-03-13 | CVE-2016-2795 | The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 |