Filtered by vendor Opensuse
Subscriptions
Total
3286 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8157 | 4 Debian, Jasper Project, Opensuse and 1 more | 5 Debian Linux, Jasper, Opensuse and 2 more | 2025-04-12 | N/A |
| Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow. | ||||
| CVE-2014-8158 | 4 Debian, Jasper Project, Opensuse and 1 more | 5 Debian Linux, Jasper, Opensuse and 2 more | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image. | ||||
| CVE-2016-4348 | 3 Debian, Gnome, Opensuse | 4 Debian Linux, Librsvg, Leap and 1 more | 2025-04-12 | N/A |
| The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document. | ||||
| CVE-2014-8483 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Opensuse and 1 more | 2025-04-12 | N/A |
| The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. | ||||
| CVE-2014-8594 | 3 Debian, Opensuse, Xen | 3 Debian Linux, Opensuse, Xen | 2025-04-12 | N/A |
| The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP). | ||||
| CVE-2014-8595 | 3 Debian, Opensuse, Xen | 3 Debian Linux, Opensuse, Xen | 2025-04-12 | N/A |
| arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction. | ||||
| CVE-2016-1945 | 2 Mozilla, Opensuse | 3 Firefox, Leap, Opensuse | 2025-04-12 | N/A |
| The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive. | ||||
| CVE-2016-4146 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2014-8643 | 3 Microsoft, Mozilla, Opensuse | 3 Windows, Firefox, Opensuse | 2025-04-12 | N/A |
| Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process. | ||||
| CVE-2016-1866 | 2 Opensuse, Saltstack | 2 Leap, Salt | 2025-04-12 | N/A |
| Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream. | ||||
| CVE-2014-8767 | 2 Opensuse, Redhat | 2 Opensuse, Tcpdump | 2025-04-12 | N/A |
| Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. | ||||
| CVE-2014-8959 | 2 Opensuse, Phpmyadmin | 2 Opensuse, Phpmyadmin | 2025-04-12 | N/A |
| Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter. | ||||
| CVE-2014-8961 | 2 Opensuse, Phpmyadmin | 2 Opensuse, Phpmyadmin | 2025-04-12 | N/A |
| Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter. | ||||
| CVE-2014-9030 | 3 Debian, Opensuse, Xen | 3 Debian Linux, Opensuse, Xen | 2025-04-12 | N/A |
| The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. | ||||
| CVE-2016-1624 | 4 Debian, Google, Opensuse and 1 more | 4 Debian Linux, Chrome, Opensuse and 1 more | 2025-04-12 | N/A |
| Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression. | ||||
| CVE-2014-9066 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065. | ||||
| CVE-2015-3336 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-12 | N/A |
| Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruption) by constructing a crafted HTML document containing JavaScript code with requestFullScreen and requestPointerLock calls, and arranging for the user to access this document with a file: URL. | ||||
| CVE-2014-9273 | 3 Debian, Opensuse, Redhat | 7 Hivex, Opensuse, Enterprise Linux and 4 more | 2025-04-12 | N/A |
| lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write. | ||||
| CVE-2016-2822 | 5 Canonical, Debian, Mozilla and 2 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2025-04-12 | N/A |
| Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu. | ||||
| CVE-2016-1626 | 4 Debian, Google, Opensuse and 1 more | 4 Debian Linux, Chrome, Opensuse and 1 more | 2025-04-12 | N/A |
| The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | ||||