Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suse_linux_enterprise_server
(Suse)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/git/git • https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 129 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-06-15 | CVE-2010-2302 | Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. | Chrome, Opensuse, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2010-06-15 | CVE-2010-2301 | Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762. | Chrome, Opensuse, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2010-06-15 | CVE-2010-2297 | rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. | Chrome, Opensuse, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2014-03-19 | CVE-2014-1510 | The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2014-03-19 | CVE-2014-1509 | Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. | Ubuntu_linux, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2014-03-19 | CVE-2014-1508 | The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering. | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2010-12-07 | CVE-2010-4494 | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2010-11-17 | CVE-2010-4008 | libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2015-10-19 | CVE-2015-5707 | Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | Ubuntu_linux, Debian_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | N/A | ||
| 2012-02-16 | CVE-2011-3026 | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | Iphone_os, Mac_os_x, Mac_os_x_server, Chrome, Opensuse, Linux_enterprise_server, Suse_linux_enterprise_server | N/A |