Opensuse

opensuse

Vendor: Opensuse • 1,454 CVEs

CVEs (1,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-4195 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 29, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine...Show more The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.Show less
CVE-2012-4194 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 29, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location...Show more Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.Show less
CVE-2012-4183 5Canonical MozillaOpensuse+2 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Oct 10, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey bef...Show more Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.Show less
CVE-2012-3489 6Apple CanonicalDebian+3 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+6 more Apr 29, 2026 Oct 3, 2012 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the exi...Show more The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.Show less
CVE-2012-2888 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.
CVE-2012-2887 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.
CVE-2012-2886 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."
CVE-2012-2885 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.
CVE-2012-2884 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2012-2883 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vu...Show more Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874.Show less
CVE-2012-2882 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, rel...Show more FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.Show less
CVE-2012-2881 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2012-2880 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.
CVE-2012-2879 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.
CVE-2012-2878 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
CVE-2012-2877 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2012-2876 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-2874 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Sep 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vu...Show more Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.Show less
CVE-2012-3534 2Gnugk Opensuse 3Gnu Gatekeeper LeapOpensuse Apr 29, 2026 Aug 31, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections.
CVE-2012-2872 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Aug 31, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Previous 1...606162...73 Next