Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-9745

  • EPSS 2.36%
  • Published 14.09.2015 20:59:00
  • Last modified 12.04.2025 10:46:40

The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.

7.8

CVE-2014-9744

  • EPSS 0.49%
  • Published 24.08.2015 15:59:03
  • Last modified 12.04.2025 10:46:40

Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of ClientHello messages. NOTE: this identifier was SPLIT from CVE-2014-8628 per ADT3 due to different affected versions...

9.3

CVE-2015-4493

  • EPSS 10.19%
  • Published 16.08.2015 01:59:21
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds c...

7.5

CVE-2015-4492

  • EPSS 3.54%
  • Published 16.08.2015 01:59:20
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the...

6.8

CVE-2015-4491

  • EPSS 8.08%
  • Published 16.08.2015 01:59:19
  • Last modified 12.04.2025 10:46:40

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers t...

4.3

CVE-2015-4490

  • EPSS 0.74%
  • Published 16.08.2015 01:59:18
  • Last modified 12.04.2025 10:46:40

The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matchi...

7.5

CVE-2015-4489

  • EPSS 3.09%
  • Published 16.08.2015 01:59:17
  • Last modified 12.04.2025 10:46:40

The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a se...

7.5

CVE-2015-4488

  • EPSS 2.67%
  • Published 16.08.2015 01:59:16
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator ...

7.5

CVE-2015-4487

  • EPSS 3.74%
  • Published 16.08.2015 01:59:15
  • Last modified 12.04.2025 10:46:40

The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via...

10

CVE-2015-4486

  • EPSS 2.19%
  • Published 16.08.2015 01:59:14
  • Last modified 12.04.2025 10:46:40

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.