Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-1500 5Mozilla OpensuseOpensuse Project+2 more 8Firefox Linux Enterprise DesktopLinux Enterprise Server+5 more May 6, 2026 Mar 19, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution...Show more Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.Show less
CVE-2014-1499 5Mozilla OpensuseOpensuse Project+2 more 8Firefox Linux Enterprise DesktopLinux Enterprise Server+5 more May 6, 2026 Mar 19, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generat...Show more Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.Show less
CVE-2014-1498 5Mozilla OpensuseOpensuse Project+2 more 8Firefox Linux Enterprise DesktopLinux Enterprise Server+5 more May 6, 2026 Mar 19, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash)...Show more The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.Show less
CVE-2014-1497 6Canonical DebianMozilla+3 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Mar 19, 2014 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information f...Show more The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.Show less
CVE-2014-1494 5Mozilla OpensuseOpensuse Project+2 more 8Firefox Linux Enterprise DesktopLinux Enterprise Server+5 more May 6, 2026 Mar 19, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibl...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2014-1493 6Canonical DebianMozilla+3 more 16Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+13 more May 6, 2026 Mar 19, 2014 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of serv...Show more Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2014-1705 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse May 6, 2026 Mar 16, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other...Show more Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.Show less
CVE-2014-2324 5Contec DebianLighttpd+2 more 6Debian Linux LighttpdLinux Enterprise High Availability Extension+3 more May 6, 2026 Mar 14, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_che...Show more Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.Show less
CVE-2014-2323 4Debian LighttpdOpensuse+1 more 5Debian Linux LighttpdLinux Enterprise High Availability Extension+2 more May 6, 2026 Mar 14, 2014 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
CVE-2014-2270 5Canonical DebianFile Project+2 more 5Debian Linux FileOpensuse+2 more May 6, 2026 Mar 14, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
CVE-2014-0467 2Mutt Opensuse 2Mutt Opensuse May 6, 2026 Mar 14, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.
CVE-2014-1839 2Logilab Opensuse 2Logilab Common Opensuse May 6, 2026 Mar 11, 2014 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
CVE-2014-1838 2Logilab Opensuse 2Logilab Common Opensuse May 6, 2026 Mar 11, 2014 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /...Show more The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /tmp/toto.fdf.Show less
CVE-2014-2309 3Linux OpensuseSuse 3Linux Enterprise Server Linux KernelOpensuse May 6, 2026 Mar 11, 2014 N/A· v4 N/A· v3 6.1 MEDIUM· v2 The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a floo...Show more The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.Show less
CVE-2014-0502 4Adobe OpensuseRedhat+1 more 10Adobe Air Adobe Air SdkEnterprise Linux Desktop+7 more Apr 21, 2026 Feb 21, 2014 N/A· v4 8.8 HIGH· v3 10.0 HIGH· v2 Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR S...Show more Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014.Show less
CVE-2014-0081 4Opensuse Opensuse ProjectRedhat+1 more 6Cloudforms Enterprise LinuxOpensuse+3 more Apr 29, 2026 Feb 20, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject...Show more Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper.Show less
CVE-2012-2328 2Opensuse Standards Based Linux Instrumentation Project 2Opensuse Standards Based Linux Common Information Model Client Apr 29, 2026 Feb 10, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting...Show more internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.Show less
CVE-2011-4093 4Armin Burgmeier OpensuseOpensuse Project+1 more 4Net6 OpensuseOpensuse+1 more Apr 29, 2026 Feb 10, 2014 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occu...Show more Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.Show less
CVE-2011-4091 3Armin Burgmeier OpensuseOracle 3Net6 OpensuseSolaris Apr 29, 2026 Feb 10, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage p...Show more The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences.Show less
CVE-2013-2191 3Fedoraproject OpensusePython Bugzilla Project 3Fedora OpensusePython Bugzilla Apr 29, 2026 Feb 8, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.

Previous 1...134135136...164 Next