Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2013-5211

  • EPSS 91.73%
  • Published 02.01.2014 14:59:03
  • Last modified 11.04.2025 00:51:21

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 20...

7.5

CVE-2013-6420

Exploit
  • EPSS 47.2%
  • Published 17.12.2013 04:46:45
  • Last modified 11.04.2025 00:51:21

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to exec...

7.2

CVE-2013-4587

  • EPSS 0.05%
  • Published 14.12.2013 18:08:45
  • Last modified 11.04.2025 00:51:21

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

2.1

CVE-2013-0348

  • EPSS 0.04%
  • Published 13.12.2013 18:07:54
  • Last modified 11.04.2025 00:51:21

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

2.1

CVE-2013-6394

  • EPSS 0.06%
  • Published 13.12.2013 18:07:54
  • Last modified 11.04.2025 00:51:21

Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.

10

CVE-2013-5618

Exploit
  • EPSS 10.38%
  • Published 11.12.2013 15:55:13
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows ...

7.5

CVE-2013-5619

  • EPSS 1.73%
  • Published 11.12.2013 15:55:13
  • Last modified 11.04.2025 00:51:21

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecifie...

10

CVE-2013-6671

Exploit
  • EPSS 10.4%
  • Published 11.12.2013 15:55:13
  • Last modified 11.04.2025 00:51:21

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordere...

4.3

CVE-2013-6672

  • EPSS 0.93%
  • Published 11.12.2013 15:55:13
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

5.9

CVE-2013-6673

Exploit
  • EPSS 0.55%
  • Published 11.12.2013 15:55:13
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL ...