Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-4574

  • EPSS 0.96%
  • Veröffentlicht 13.06.2016 19:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of a...

7.5

CVE-2016-4414

  • EPSS 2.9%
  • Veröffentlicht 13.06.2016 19:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

9.1

CVE-2015-8869

  • EPSS 2.81%
  • Veröffentlicht 13.06.2016 19:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.

7.5

CVE-2014-9773

  • EPSS 0.41%
  • Veröffentlicht 13.06.2016 19:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.

5.3

CVE-2016-5104

  • EPSS 0.91%
  • Veröffentlicht 13.06.2016 14:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.

9.3

CVE-2016-2834

  • EPSS 1.55%
  • Veröffentlicht 13.06.2016 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

6.1

CVE-2016-2833

  • EPSS 0.26%
  • Veröffentlicht 13.06.2016 10:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.

4.3

CVE-2016-2832

  • EPSS 0.43%
  • Veröffentlicht 13.06.2016 10:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.

8.8

CVE-2016-2831

  • EPSS 0.67%
  • Veröffentlicht 13.06.2016 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing att...

6.5

CVE-2016-2829

  • EPSS 0.37%
  • Veröffentlicht 13.06.2016 10:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.