Opensuse

Leap

1898 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2016-2822

  • EPSS 0.67%
  • Veröffentlicht 13.06.2016 10:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.

7.5

CVE-2016-2821

  • EPSS 2.76%
  • Veröffentlicht 13.06.2016 10:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (hea...

8.8

CVE-2016-2819

  • EPSS 64.66%
  • Veröffentlicht 13.06.2016 10:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.

8.8

CVE-2016-2818

  • EPSS 0.29%
  • Veröffentlicht 13.06.2016 10:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

8.8

CVE-2016-2815

  • EPSS 0.26%
  • Veröffentlicht 13.06.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10

CVE-2016-5118

  • EPSS 31.78%
  • Veröffentlicht 10.06.2016 15:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

5.9

CVE-2016-4429

  • EPSS 1.27%
  • Veröffentlicht 10.06.2016 15:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UD...

7.1

CVE-2016-2150

  • EPSS 0.07%
  • Veröffentlicht 09.06.2016 16:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.

10

CVE-2016-0749

  • EPSS 15.98%
  • Veröffentlicht 09.06.2016 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.

8.8

CVE-2016-1703

  • EPSS 0.94%
  • Veröffentlicht 05.06.2016 23:59:33
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.