Vulnerabilities (CVE)

Filtered by vendor Opensuse Subscribe
Filtered by product Opensuse
Total 1465 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2879 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 4.3 MEDIUM N/A
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.
CVE-2012-2878 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
CVE-2012-2877 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 5.0 MEDIUM N/A
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2012-2876 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 7.5 HIGH N/A
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-2874 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 7.5 HIGH N/A
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.
CVE-2012-2872 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2869 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 7.5 HIGH N/A
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."
CVE-2012-2868 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 6.8 MEDIUM N/A
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.
CVE-2012-2867 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 5.0 MEDIUM N/A
The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2012-2866 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 7.5 HIGH N/A
Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
CVE-2012-2865 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 4.3 MEDIUM N/A
Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
CVE-2012-2751 4 Debian, Opensuse, Oracle and 1 more 4 Debian Linux, Opensuse, Http Server and 1 more 2024-11-21 4.3 MEDIUM N/A
ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.
CVE-2012-2736 4 Canonical, Debian, Gnome and 1 more 4 Ubuntu Linux, Debian Linux, Networkmanager and 1 more 2024-11-21 3.3 LOW 4.4 MEDIUM
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.
CVE-2012-2328 2 Opensuse, Standards Based Linux Instrumentation Project 2 Opensuse, Standards-based Linux Common Information Model Client 2024-11-21 5.0 MEDIUM N/A
internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.
CVE-2012-2142 4 Freedesktop, Opensuse, Redhat and 1 more 4 Poppler, Opensuse, Enterprise Linux and 1 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
CVE-2012-2040 7 Adobe, Apple, Google and 4 more 8 Air, Flash Player, Macos and 5 more 2024-11-21 9.3 HIGH N/A
Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
CVE-2012-2039 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2024-11-21 9.3 HIGH N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2012-2038 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2024-11-21 4.3 MEDIUM N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CVE-2012-2037 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2024-11-21 9.3 HIGH N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.
CVE-2012-2036 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2024-11-21 9.3 HIGH N/A
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.