Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-0497 5Adobe GoogleOpensuse+2 more 9Chrome Enterprise Linux DesktopEnterprise Linux Eus+6 more Apr 21, 2026 Feb 5, 2014 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unsp...Show more Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2011-2725 3Canonical KdeOpensuse 4Ark Kde ScOpensuse+1 more Apr 29, 2026 Feb 4, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
CVE-2014-0019 3Dest Unreach FedoraprojectOpensuse 3Fedora OpensuseSocat Apr 29, 2026 Feb 4, 2014 N/A· v4 N/A· v3 1.9 LOW· v2 Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the c...Show more Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.Show less
CVE-2013-6650 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 28, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or p...Show more The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."Show less
CVE-2013-6649 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 28, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or...Show more Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.Show less
CVE-2014-0979 2Lightdm Gtk+ Greeter Project Opensuse 2Lightdm Gtk+ Greeter Opensuse Apr 29, 2026 Jan 23, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local user...Show more The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username.Show less
CVE-2013-6425 5Canonical DebianOpensuse+2 more 10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 more Apr 29, 2026 Jan 18, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom...Show more Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.Show less
CVE-2013-6424 4Canonical DebianOpensuse+1 more 4Debian Linux OpensusePixman+1 more Apr 29, 2026 Jan 18, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
CVE-2013-6646 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibl...Show more Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process.Show less
CVE-2013-6645 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X an...Show more Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element.Show less
CVE-2013-6644 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown ve...Show more Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.Show less
CVE-2013-6643 3Debian GoogleOpensuse 3Chrome Debian LinuxOpensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers...Show more The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.Show less
CVE-2013-6641 2Google Opensuse 2Chrome Opensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on...Show more Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of the past names map of a FORM element.Show less
CVE-2013-2139 3Cisco FedoraprojectOpensuse 3Fedora LibsrtpOpensuse Apr 29, 2026 Jan 16, 2014 N/A· v4 N/A· v3 2.6 LOW· v2 Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and...Show more Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.Show less
CVE-2013-3713 1Opensuse 1Opensuse Apr 29, 2026 Jan 11, 2014 N/A· v4 N/A· v3 4.4 MEDIUM· v2 The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and po...Show more The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow.Show less
CVE-2013-5211 3Ntp OpensuseOracle 3Linux NtpOpensuse Apr 29, 2026 Jan 2, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploi...Show more The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.Show less
CVE-2013-6420 3Apple OpensusePhp 3Mac Os X OpensusePhp Apr 29, 2026 Dec 17, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which a...Show more The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.Show less
CVE-2013-4587 2Linux Opensuse 2Linux Kernel Opensuse Apr 29, 2026 Dec 14, 2013 N/A· v4 N/A· v3 7.2 HIGH· v2 Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.
CVE-2013-6394 2Opensuse Percona 2Opensuse Xtrabackup Apr 29, 2026 Dec 13, 2013 N/A· v4 N/A· v3 2.1 LOW· v2 Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.
CVE-2013-0348 5Acme FedoraprojectGentoo+2 more 5Fedora LinuxOpensuse+2 more Apr 29, 2026 Dec 13, 2013 N/A· v4 N/A· v3 2.1 LOW· v2 thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

Previous 1...136137138...164 Next