ReportizFlow
Filtered by vendor Opensuse
Subscriptions
Filtered by product Opensuse
Subscriptions
Total
1465 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4124 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2016-4125 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2016-4130 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2015-2187 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-12 | N/A |
| The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet. | ||||
| CVE-2012-1600 | 2 Opensuse, Phppgadmin Project | 2 Opensuse, Phppgadmin | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a function. | ||||
| CVE-2015-5228 | 2 Criu, Opensuse | 2 Checkpoint\/restore In Userspace, Opensuse | 2025-04-12 | N/A |
| The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path. | ||||
| CVE-2016-4150 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2015-0228 | 5 Apache, Apple, Canonical and 2 more | 6 Http Server, Mac Os X, Mac Os X Server and 3 more | 2025-04-12 | N/A |
| The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. | ||||
| CVE-2016-2313 | 2 Cacti, Opensuse | 3 Cacti, Leap, Opensuse | 2025-04-12 | N/A |
| auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database. | ||||
| CVE-2014-1839 | 2 Logilab, Opensuse | 2 Logilab-common, Opensuse | 2025-04-12 | N/A |
| The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file. | ||||
| CVE-2014-9668 | 4 Canonical, Fedoraproject, Freetype and 1 more | 4 Ubuntu Linux, Fedora, Freetype and 1 more | 2025-04-12 | N/A |
| The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file. | ||||
| CVE-2015-7208 | 3 Fedoraproject, Mozilla, Opensuse | 4 Fedora, Firefox, Leap and 1 more | 2025-04-12 | N/A |
| Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. | ||||
| CVE-2014-1934 | 2 Opensuse, Travis Shirk | 2 Opensuse, Eyed3 | 2025-04-12 | N/A |
| tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2016-3075 | 5 Canonical, Fedoraproject, Gnu and 2 more | 5 Ubuntu Linux, Fedora, Glibc and 2 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. | ||||
| CVE-2016-4303 | 4 Debian, Es, Novell and 1 more | 5 Debian Linux, Iperf3, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-04-12 | 9.8 Critical |
| The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | ||||
| CVE-2015-4489 | 5 Canonical, Mozilla, Opensuse and 2 more | 6 Ubuntu Linux, Firefox, Firefox Os and 3 more | 2025-04-12 | N/A |
| The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment. | ||||
| CVE-2015-4493 | 5 Canonical, Mozilla, Opensuse and 2 more | 5 Ubuntu Linux, Firefox, Opensuse and 2 more | 2025-04-12 | N/A |
| Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539. | ||||
| CVE-2016-4578 | 5 Canonical, Debian, Linux and 2 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2025-04-12 | N/A |
| sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. | ||||
| CVE-2014-8158 | 4 Debian, Jasper Project, Opensuse and 1 more | 5 Debian Linux, Jasper, Opensuse and 2 more | 2025-04-12 | N/A |
| Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image. | ||||
| CVE-2016-1944 | 2 Mozilla, Opensuse | 3 Firefox, Leap, Opensuse | 2025-04-12 | N/A |
| The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||