Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2014-1514

Exploit
  • EPSS 4.17%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to ex...

7.5

CVE-2014-1705

  • EPSS 2.37%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

5

CVE-2014-0467

  • EPSS 1.41%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.

4.3

CVE-2014-2270

  • EPSS 43.46%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

9.8

CVE-2014-2323

Exploit
  • EPSS 92.39%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.

5

CVE-2014-2324

Exploit
  • EPSS 73.45%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

4.4

CVE-2014-1838

  • EPSS 0.05%
  • Veröffentlicht 11.03.2014 19:37:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /tmp/toto.fdf.

4.4

CVE-2014-1839

  • EPSS 0.06%
  • Veröffentlicht 11.03.2014 19:37:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.

6.1

CVE-2014-2309

Exploit
  • EPSS 0.91%
  • Veröffentlicht 11.03.2014 13:01:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertiseme...

10

CVE-2014-0502

Warnung Exploit
  • EPSS 85.67%
  • Veröffentlicht 21.02.2014 05:07:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adob...