Opensuse

opensuse

Vendor: Opensuse • 1,454 CVEs

CVEs (1,454)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-1382 3Debian OpensusePrivoxy 3Debian Linux OpensusePrivoxy May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
CVE-2015-1381 3Debian OpensusePrivoxy 3Debian Linux OpensusePrivoxy May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.
CVE-2015-1380 3Opensuse OraclePrivoxy 3Opensuse PrivoxySolaris May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.
CVE-2015-0313 4Adobe MicrosoftOpensuse+1 more 7Edge EvergreenFlash Player+4 more Apr 21, 2026 Feb 2, 2015 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unsp...Show more Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.Show less
CVE-2015-1419 2Opensuse Vsftpd Project 2Opensuse Vsftpd May 6, 2026 Jan 28, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
CVE-2015-1182 2Opensuse Polarssl 2Opensuse Polarssl May 6, 2026 Jan 27, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to ca...Show more The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ASN.1 sequence in a certificate.Show less
CVE-2014-8154 2Gnome Opensuse 2Opensuse Vala May 6, 2026 Jan 27, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute...Show more The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow.Show less
CVE-2014-8158 4Debian Jasper ProjectOpensuse+1 more 4Debian Linux Enterprise LinuxJasper+1 more May 6, 2026 Jan 26, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
CVE-2014-8157 4Debian Jasper ProjectOpensuse+1 more 4Debian Linux Enterprise LinuxJasper+1 more May 6, 2026 Jan 26, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which trig...Show more Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.Show less
CVE-2014-8148 2Midgard Project Opensuse 2Midgard2 Opensuse May 6, 2026 Jan 26, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
CVE-2014-9640 2Opensuse Xiph 2Opensuse Vorbis Tools May 6, 2026 Jan 23, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
CVE-2014-9639 3Fedoraproject OpensuseXiph 3Fedora OpensuseVorbis Tools May 6, 2026 Jan 23, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
CVE-2014-9638 3Fedoraproject OpensuseXiph 3Fedora OpensuseVorbis Tools May 6, 2026 Jan 23, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
CVE-2014-7943 5Canonical ChromiumGoogle+2 more 8Chrome ChromiumEnterprise Linux Desktop Supplementary+5 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2014-7942 5Canonical ChromiumGoogle+2 more 8Chrome ChromiumEnterprise Linux Desktop Supplementary+5 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unkn...Show more The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.Show less
CVE-2014-7941 4Chromium GoogleOpensuse+1 more 7Chrome ChromiumEnterprise Linux Desktop Supplementary+4 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attacke...Show more The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.Show less
CVE-2014-7939 4Chromium GoogleOpensuse+1 more 7Chrome ChromiumEnterprise Linux Desktop Supplementary+4 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to...Show more Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header.Show less
CVE-2014-7926 6Canonical GoogleIcu Project+3 more 9Chrome Communications Messaging ServerEnterprise Linux Desktop Supplementary+6 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corr...Show more The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.Show less
CVE-2014-7923 6Canonical GoogleIcu Project+3 more 9Chrome Communications Messaging ServerEnterprise Linux Desktop Supplementary+6 more May 6, 2026 Jan 22, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corr...Show more The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.Show less
CVE-2015-0427 2Opensuse Oracle 2Opensuse Vm Virtualbox May 6, 2026 Jan 21, 2015 N/A· v4 N/A· v3 3.2 LOW· v2 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics d...Show more Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2014-6595.Show less

Previous 1...333435...73 Next