Vulnerabilities > Novell > Suse Package HUB FOR Suse Linux Enterprise > High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13730	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject novell opensuse redhat CWE-843	8.8
2019-07-23	CVE-2019-9811	Injection vulnerability in multiple products As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. network high complexity mozilla debian novell opensuse CWE-74	8.3
2019-04-19	CVE-2019-11338	NULL Pointer Dereference vulnerability in multiple products libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. network low complexity ffmpeg debian novell canonical CWE-476	8.8
2016-09-26	CVE-2016-4303	Classic Buffer Overflow vulnerability in multiple products The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. network low complexity iperf3-project novell opensuse debian CWE-120	7.5
2016-07-03	CVE-2016-1704	Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. network low complexity google canonical redhat novell opensuse	8.8
2016-06-13	CVE-2016-2818	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network low complexity mozilla debian redhat novell opensuse canonical CWE-119	8.8
2016-03-13	CVE-2016-1956	Resource Management Errors vulnerability in multiple products Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. network mozilla linux novell opensuse CWE-399	7.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.