Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-2821

  • EPSS 2.86%
  • Veröffentlicht 13.06.2016 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (hea...

8.8

CVE-2016-2819

  • EPSS 66.64%
  • Veröffentlicht 13.06.2016 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.

8.8

CVE-2016-2818

  • EPSS 0.59%
  • Veröffentlicht 13.06.2016 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

8.8

CVE-2016-2815

  • EPSS 0.36%
  • Veröffentlicht 13.06.2016 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10

CVE-2016-5118

  • EPSS 35.42%
  • Veröffentlicht 10.06.2016 15:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

5.9

CVE-2016-4429

  • EPSS 2.14%
  • Veröffentlicht 10.06.2016 15:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UD...

7.1

CVE-2016-2150

  • EPSS 0.07%
  • Veröffentlicht 09.06.2016 16:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

10

CVE-2016-0749

  • EPSS 16.15%
  • Veröffentlicht 09.06.2016 16:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

8.8

CVE-2016-1703

  • EPSS 1%
  • Veröffentlicht 05.06.2016 23:59:33
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

6.5

CVE-2016-1702

  • EPSS 1.42%
  • Veröffentlicht 05.06.2016 23:59:32
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serial...