Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-5153

  • EPSS 1.83%
  • Published 11.09.2016 10:59:08
  • Last modified 12.04.2025 10:46:40

The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-...

8.8

CVE-2016-5152

  • EPSS 1%
  • Published 11.09.2016 10:59:07
  • Last modified 12.04.2025 10:46:40

Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (he...

8.8

CVE-2016-5151

  • EPSS 1.04%
  • Published 11.09.2016 10:59:06
  • Last modified 12.04.2025 10:46:40

PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PD...

8.8

CVE-2016-5150

  • EPSS 1.55%
  • Published 11.09.2016 10:59:05
  • Last modified 12.04.2025 10:46:40

WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly r...

8.8

CVE-2016-5149

  • EPSS 1.31%
  • Published 11.09.2016 10:59:04
  • Last modified 12.04.2025 10:46:40

The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injecti...

7.5

CVE-2016-6262

  • EPSS 6.27%
  • Published 07.09.2016 20:59:05
  • Last modified 12.04.2025 10:46:40

idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.

7.5

CVE-2016-6261

  • EPSS 4.3%
  • Published 07.09.2016 20:59:04
  • Last modified 12.04.2025 10:46:40

The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.

7.5

CVE-2015-8948

  • EPSS 7.11%
  • Published 07.09.2016 20:59:00
  • Last modified 12.04.2025 10:46:40

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.

7.8

CVE-2016-6318

  • EPSS 3.52%
  • Published 07.09.2016 19:28:12
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.

7.5

CVE-2016-6855

Exploit
  • EPSS 3.02%
  • Published 07.09.2016 18:59:05
  • Last modified 12.04.2025 10:46:40

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invali...