Filtered by vendor Suse
Subscriptions
Total
1217 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1652 | 5 Debian, Google, Opensuse and 2 more | 5 Debian Linux, Chrome, Leap and 2 more | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." | ||||
| CVE-2014-4207 | 5 Debian, Mariadb, Oracle and 2 more | 10 Debian Linux, Mariadb, Mysql and 7 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. | ||||
| CVE-2015-2571 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. | ||||
| CVE-2014-4214 | 2 Oracle, Suse | 3 Mysql, Linux Enterprise Desktop, Linux Enterprise Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP. | ||||
| CVE-2014-2323 | 4 Debian, Lighttpd, Opensuse and 1 more | 5 Debian Linux, Lighttpd, Opensuse and 2 more | 2025-04-12 | 9.8 Critical |
| SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. | ||||
| CVE-2014-9116 | 4 Debian, Mageia, Mutt and 1 more | 5 Debian Linux, Mageia, Mutt and 2 more | 2025-04-12 | N/A |
| The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function. | ||||
| CVE-2016-2782 | 2 Linux, Suse | 8 Linux Kernel, Linux Enterprise Debuginfo, Linux Enterprise Desktop and 5 more | 2025-04-12 | 4.6 Medium |
| The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint. | ||||
| CVE-2015-0272 | 5 Canonical, Gnome, Oracle and 2 more | 10 Ubuntu Linux, Networkmanager, Linux and 7 more | 2025-04-12 | N/A |
| GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. | ||||
| CVE-2014-2324 | 5 Contec, Debian, Lighttpd and 2 more | 7 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Debian Linux and 4 more | 2025-04-12 | N/A |
| Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. | ||||
| CVE-2016-2806 | 5 Debian, Mozilla, Opensuse and 2 more | 6 Debian Linux, Firefox, Leap and 3 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2016-2795 | 6 Mozilla, Opensuse, Oracle and 3 more | 7 Firefox, Leap, Opensuse and 4 more | 2025-04-12 | N/A |
| The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. | ||||
| CVE-2015-5707 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-12 | N/A |
| Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | ||||
| CVE-2016-2807 | 4 Mozilla, Opensuse, Redhat and 1 more | 5 Firefox, Leap, Opensuse and 2 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2014-2497 | 6 Canonical, Debian, Oracle and 3 more | 14 Ubuntu Linux, Debian Linux, Solaris and 11 more | 2025-04-12 | N/A |
| The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. | ||||
| CVE-2014-0069 | 3 Linux, Redhat, Suse | 11 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2025-04-12 | N/A |
| The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. | ||||
| CVE-2013-1864 | 3 Ekiga, Opalvoip, Suse | 4 Ekiga, Portable Tool Library, Suse Linux Enterprise Desktop and 1 more | 2025-04-12 | N/A |
| The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack." | ||||
| CVE-2016-4152 | 8 Adobe, Apple, Google and 5 more | 15 Flash Player, Flash Player Desktop Runtime, Mac Os X and 12 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2014-3646 | 6 Canonical, Debian, Linux and 3 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-04-12 | 5.5 Medium |
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | ||||
| CVE-2014-3647 | 7 Canonical, Debian, Linux and 4 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-04-12 | 5.5 Medium |
| arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. | ||||
| CVE-2016-1961 | 5 Mozilla, Opensuse, Oracle and 2 more | 7 Firefox, Thunderbird, Leap and 4 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | ||||