Vulnerabilities > Opensuse

DATE	CVE	VULNERABILITY TITLE	RISK
2014-03-19	CVE-2014-1509	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. network low complexity mozilla redhat canonical opensuse suse CWE-120	8.8
2014-03-19	CVE-2014-1508	Out-of-bounds Read vulnerability in multiple products The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering. network low complexity mozilla redhat debian canonical opensuse suse CWE-125 critical	9.1
2014-03-19	CVE-2014-1505	Information Exposure vulnerability in multiple products The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. network low complexity mozilla canonical debian redhat opensuse suse novell CWE-200	7.5
2014-03-19	CVE-2014-1497	Out-of-bounds Read vulnerability in multiple products The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. network low complexity mozilla debian opensuse suse canonical redhat CWE-125	8.8
2014-03-19	CVE-2014-1493	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network low complexity mozilla canonical debian redhat opensuse suse CWE-119 critical	9.8
2014-03-14	CVE-2014-2323	SQL Injection vulnerability in multiple products SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. network low complexity lighttpd debian opensuse suse CWE-89 critical	9.8
2014-02-21	CVE-2014-0502	Double Free vulnerability in multiple products Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. network low complexity adobe suse opensuse redhat CWE-415	8.8
2014-02-06	CVE-2014-1487	Origin Validation Error vulnerability in multiple products The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. network low complexity mozilla fedoraproject opensuse suse canonical debian redhat CWE-346	7.5
2014-02-06	CVE-2014-1486	Use After Free vulnerability in multiple products Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. network low complexity mozilla fedoraproject opensuse suse debian canonical redhat CWE-416 critical	9.8
2014-02-06	CVE-2014-1482	Out-of-bounds Write vulnerability in multiple products RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create. network low complexity mozilla canonical debian redhat fedoraproject opensuse suse CWE-787	8.8

Vulnerabilities > Opensuse {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Opensuse"}]}

Vulnerabilities > Opensuse