Filtered by vendor Opensuse
Subscribe
Total
3283 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-3326 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2024-02-28 | 10.0 HIGH | N/A |
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | |||||
CVE-2013-0897 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2024-02-28 | 4.3 MEDIUM | N/A |
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document. | |||||
CVE-2013-5619 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | |||||
CVE-2012-3959 | 6 Canonical, Debian, Mozilla and 3 more | 16 Ubuntu Linux, Debian Linux, Firefox and 13 more | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
CVE-2013-4509 | 2 Ibus Project, Opensuse | 2 Ibus, Opensuse | 2024-02-28 | 1.9 LOW | N/A |
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen. | |||||
CVE-2012-5153 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 7.5 HIGH | N/A |
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. | |||||
CVE-2013-2088 | 3 Apache, Collabnet, Opensuse | 3 Subversion, Subversion, Opensuse | 2024-02-28 | 7.1 HIGH | N/A |
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename. | |||||
CVE-2013-2132 | 3 Canonical, Mongodb, Opensuse | 3 Ubuntu Linux, Mongodb, Opensuse | 2024-02-28 | 4.3 MEDIUM | N/A |
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef." | |||||
CVE-2012-5139 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. | |||||
CVE-2013-2168 | 2 Freedesktop, Opensuse | 2 Dbus, Opensuse | 2024-02-28 | 1.9 LOW | N/A |
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message. | |||||
CVE-2013-2061 | 2 Opensuse, Openvpn | 3 Opensuse, Openvpn, Openvpn Access Server | 2024-02-28 | 2.6 LOW | N/A |
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. | |||||
CVE-2012-5568 | 2 Apache, Opensuse | 2 Tomcat, Opensuse | 2024-02-28 | 5.0 MEDIUM | N/A |
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris. | |||||
CVE-2012-2876 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2013-4124 | 5 Canonical, Fedoraproject, Opensuse and 2 more | 5 Ubuntu Linux, Fedora, Opensuse and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | |||||
CVE-2013-4078 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
CVE-2013-2481 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2024-02-28 | 2.9 LOW | N/A |
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. | |||||
CVE-2013-4079 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. | |||||
CVE-2013-0770 | 4 Canonical, Mozilla, Opensuse and 1 more | 10 Ubuntu Linux, Firefox, Firefox Esr and 7 more | 2024-02-28 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2013-0755 | 4 Canonical, Mozilla, Opensuse and 1 more | 10 Ubuntu Linux, Firefox, Firefox Esr and 7 more | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer. | |||||
CVE-2012-2037 | 8 Adobe, Apple, Google and 5 more | 13 Air, Flash Player, Macos and 10 more | 2024-02-28 | 9.3 HIGH | N/A |
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. |