Suse

Linux Enterprise Software Development Kit

296 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2014-1494

  • EPSS 0.49%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...

5

CVE-2014-1498

  • EPSS 0.55%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger gene...

4.3

CVE-2014-1499

  • EPSS 0.61%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

5

CVE-2014-1500

  • EPSS 2.26%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

5.8

CVE-2014-1501

  • EPSS 0.23%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

6.8

CVE-2014-1502

  • EPSS 0.28%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecifi...

9.8

CVE-2014-2323

Exploit
  • EPSS 92.39%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.

5

CVE-2014-2324

Exploit
  • EPSS 73.45%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

10

CVE-2014-1488

  • EPSS 1.09%
  • Veröffentlicht 06.02.2014 05:44:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation...

4.3

CVE-2014-1489

  • EPSS 1.25%
  • Veröffentlicht 06.02.2014 05:44:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.