Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-8547

  • EPSS 2.36%
  • Veröffentlicht 08.01.2016 19:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.

3.3

CVE-2015-7758

  • EPSS 0.05%
  • Veröffentlicht 08.01.2016 19:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by ....

4

CVE-2015-7223

  • EPSS 0.74%
  • Veröffentlicht 16.12.2015 11:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.

6.8

CVE-2015-7222

  • EPSS 3.35%
  • Veröffentlicht 16.12.2015 11:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory all...

10

CVE-2015-7221

  • EPSS 1.48%
  • Veröffentlicht 16.12.2015 11:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.

10

CVE-2015-7220

  • EPSS 1.48%
  • Veröffentlicht 16.12.2015 11:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

5

CVE-2015-7219

  • EPSS 1.26%
  • Veröffentlicht 16.12.2015 11:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length misc...

5

CVE-2015-7218

  • EPSS 1.26%
  • Veröffentlicht 16.12.2015 11:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.

4.3

CVE-2015-7217

  • EPSS 1.3%
  • Veröffentlicht 16.12.2015 11:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.

6.8

CVE-2015-7216

  • EPSS 0.89%
  • Veröffentlicht 16.12.2015 11:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 ...