Filtered by vendor Opensuse
Subscriptions
Filtered by product Opensuse
Subscriptions
Total
1465 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3636 | 3 D-bus Project, Freedesktop, Opensuse | 3 D-bus, Dbus, Opensuse | 2025-04-12 | N/A |
| D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call. | ||||
| CVE-2015-1241 | 6 Canonical, Debian, Google and 3 more | 12 Ubuntu Linux, Debian Linux, Chrome and 9 more | 2025-04-12 | N/A |
| Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. | ||||
| CVE-2014-3638 | 3 D-bus Project, Freedesktop, Opensuse | 3 D-bus, Dbus, Opensuse | 2025-04-12 | N/A |
| The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls. | ||||
| CVE-2016-3186 | 3 Libtiff, Opensuse, Redhat | 3 Libtiff, Opensuse, Enterprise Linux | 2025-04-12 | N/A |
| Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. | ||||
| CVE-2014-3968 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. | ||||
| CVE-2015-0410 | 6 Canonical, Debian, Novell and 3 more | 12 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 9 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. | ||||
| CVE-2015-7220 | 3 Fedoraproject, Mozilla, Opensuse | 4 Fedora, Firefox, Leap and 1 more | 2025-04-12 | N/A |
| Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. | ||||
| CVE-2014-0128 | 3 Opensuse, Redhat, Squid-cache | 3 Opensuse, Enterprise Linux, Squid | 2025-04-12 | N/A |
| Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management. | ||||
| CVE-2014-2525 | 3 Opensuse, Pyyaml, Redhat | 6 Leap, Opensuse, Libyaml and 3 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file. | ||||
| CVE-2016-5118 | 8 Canonical, Debian, Graphicsmagick and 5 more | 15 Ubuntu Linux, Debian Linux, Graphicsmagick and 12 more | 2025-04-12 | 9.8 Critical |
| The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | ||||
| CVE-2014-0198 | 7 Debian, Fedoraproject, Mariadb and 4 more | 11 Debian Linux, Fedora, Mariadb and 8 more | 2025-04-12 | N/A |
| The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. | ||||
| CVE-2014-7939 | 4 Chromium, Google, Opensuse and 1 more | 8 Chromium, Chrome, Opensuse and 5 more | 2025-04-12 | N/A |
| Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header. | ||||
| CVE-2014-4943 | 5 Debian, Linux, Opensuse and 2 more | 9 Debian Linux, Linux Kernel, Opensuse and 6 more | 2025-04-12 | N/A |
| The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | ||||
| CVE-2014-9638 | 3 Fedoraproject, Opensuse, Xiph | 3 Fedora, Opensuse, Vorbis-tools | 2025-04-12 | N/A |
| oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. | ||||
| CVE-2015-0848 | 4 Fedoraproject, Opensuse, Redhat and 1 more | 4 Fedora, Opensuse, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image. | ||||
| CVE-2015-1196 | 3 Gnu, Opensuse, Oracle | 3 Patch, Opensuse, Solaris | 2025-04-12 | N/A |
| GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. | ||||
| CVE-2015-5185 | 2 Opensuse, Standards Based Linux Instrumentation | 2 Opensuse, Sblim-sfcb | 2025-04-12 | N/A |
| The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet. | ||||
| CVE-2014-5146 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149. | ||||
| CVE-2016-3679 | 4 Canonical, Google, Opensuse and 1 more | 5 Ubuntu Linux, Chrome, V8 and 2 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-7787 | 2 Kde, Opensuse | 3 Kde-cli-tools, Leap, Opensuse | 2025-04-12 | N/A |
| A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | ||||