Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-7220

  • EPSS 1.48%
  • Veröffentlicht 16.12.2015 11:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

5

CVE-2015-7219

  • EPSS 1.26%
  • Veröffentlicht 16.12.2015 11:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length misc...

5

CVE-2015-7218

  • EPSS 1.26%
  • Veröffentlicht 16.12.2015 11:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.

4.3

CVE-2015-7217

  • EPSS 1.3%
  • Veröffentlicht 16.12.2015 11:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.

6.8

CVE-2015-7216

  • EPSS 0.89%
  • Veröffentlicht 16.12.2015 11:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 ...

5

CVE-2015-7215

  • EPSS 0.44%
  • Veröffentlicht 16.12.2015 11:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an ...

5

CVE-2015-7214

  • EPSS 15.48%
  • Veröffentlicht 16.12.2015 11:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.

6.8

CVE-2015-7213

  • EPSS 2.44%
  • Veröffentlicht 16.12.2015 11:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted ...

7.5

CVE-2015-7212

  • EPSS 2.31%
  • Veröffentlicht 16.12.2015 11:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requir...

5

CVE-2015-7211

  • EPSS 0.68%
  • Veröffentlicht 16.12.2015 11:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.