Vulnerabilities > Opensuse > Opensuse > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-03-05 | CVE-2011-3035 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | 6.8 |
2012-03-05 | CVE-2011-3034 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. | 6.8 |
2012-03-05 | CVE-2011-3032 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. | 6.8 |
2012-03-05 | CVE-2011-3031 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
2012-02-16 | CVE-2011-3026 | Integer Overflow OR Wraparound vulnerability in Google Chrome Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | 6.8 |
2011-07-11 | CVE-2011-1526 | Improper Privilege Management vulnerability in multiple products ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. | 6.5 |
2011-04-04 | CVE-2011-0468 | Permissions, Privileges, and Access Controls vulnerability in Opensuse 11.3/11.4 The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion. | 6.9 |
2011-04-04 | CVE-2011-0461 | Link Following vulnerability in Opensuse 11.2/11.3 /etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab. | 6.3 |
2011-03-02 | CVE-2011-0762 | Resource Exhaustion vulnerability in multiple products The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | 4.0 |
2010-12-06 | CVE-2010-4180 | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. | 4.3 |