Opensuse

opensuse

Vendor: Opensuse • 1,454 CVEs

CVEs (1,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-2036 4Adobe OpensuseRedhat+1 more 9Air Enterprise Linux DesktopEnterprise Linux Eus+6 more Apr 29, 2026 Jun 9, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and bef...Show more Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2012-2035 4Adobe OpensuseRedhat+1 more 9Air Enterprise Linux DesktopEnterprise Linux Eus+6 more Apr 29, 2026 Jun 9, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3...Show more Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2012-2034 4Adobe OpensuseRedhat+1 more 9Air Enterprise Linux DesktopEnterprise Linux Eus+6 more Apr 21, 2026 Jun 9, 2012 N/A· v4 7.5 HIGH· v3 9.3 HIGH· v2 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on An...Show more Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.Show less
CVE-2012-1938 4Mozilla OpensuseRedhat+1 more 13Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+10 more Apr 29, 2026 Jun 5, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and app...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.Show less
CVE-2012-1798 4Debian ImagemagickOpensuse+1 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Apr 29, 2026 Jun 5, 2012 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2012-1610 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickOpensuse+1 more Apr 29, 2026 Jun 5, 2012 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF t...Show more Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.Show less
CVE-2012-1186 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickOpensuse+1 more Apr 29, 2026 Jun 5, 2012 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image....Show more Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.Show less
CVE-2012-1185 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickOpensuse+1 more Apr 29, 2026 Jun 5, 2012 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via...Show more Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.Show less
CVE-2012-0260 5Canonical DebianImagemagick+2 more 11Debian Linux Enterprise Linux AusEnterprise Linux Desktop+8 more Apr 29, 2026 Jun 5, 2012 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
CVE-2012-0259 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickOpensuse+1 more Apr 29, 2026 Jun 5, 2012 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG fi...Show more The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.Show less
CVE-2011-3098 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 May 16, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory.
CVE-2012-1823 8Apple DebianFedoraproject+5 more 17Application Stack Debian LinuxEnterprise Linux Desktop+14 more Apr 21, 2026 May 11, 2012 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers...Show more sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.Show less
CVE-2011-3079 3Google MozillaOpensuse 5Chrome FirefoxOpensuse+2 more Apr 29, 2026 May 1, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and...Show more The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.Show less
CVE-2012-0883 2Apache Opensuse 2Http Server Opensuse Apr 29, 2026 Apr 18, 2012 N/A· v4 N/A· v3 6.9 MEDIUM· v2 envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working direc...Show more envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.Show less
CVE-2011-3049 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Mar 23, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
CVE-2011-3056 3Apple GoogleOpensuse 4Chrome Iphone OsOpensuse+1 more Apr 29, 2026 Mar 22, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
CVE-2011-3055 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Mar 22, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a craf...Show more The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.Show less
CVE-2011-3054 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Mar 22, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2011-3053 3Apple GoogleOpensuse 5Chrome Iphone OsItunes+2 more Apr 29, 2026 Mar 22, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
CVE-2011-3052 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Mar 22, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp...Show more The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.Show less

Previous 1...636465...73 Next