Opensuse

Opensuse

1454 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.99%
  • Veröffentlicht 16.05.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as de...

Exploit
  • EPSS 0.78%
  • Veröffentlicht 14.05.2014 00:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparis...

  • EPSS 0.55%
  • Veröffentlicht 14.05.2014 00:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a function.

  • EPSS 0.05%
  • Veröffentlicht 08.05.2014 14:29:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.

  • EPSS 2.8%
  • Veröffentlicht 08.05.2014 14:29:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

Exploit
  • EPSS 18.54%
  • Veröffentlicht 07.05.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed ...

  • EPSS 0.07%
  • Veröffentlicht 07.05.2014 10:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and li...

  • EPSS 30.89%
  • Veröffentlicht 06.05.2014 10:44:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL...

  • EPSS 0.87%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...