Suse

Linux Enterprise Software Development Kit

296 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2015-4495

Warning Exploit
  • EPSS 69.92%
  • Published 08.08.2015 00:59:04
  • Last modified 30.07.2025 03:15:45

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript...

6.8

CVE-2015-1283

  • EPSS 0.63%
  • Published 23.07.2015 00:59:12
  • Last modified 12.04.2025 10:46:40

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec...

10

CVE-2015-2738

  • EPSS 0.95%
  • Published 06.07.2015 02:01:07
  • Last modified 12.04.2025 10:46:40

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh...

10

CVE-2015-2737

  • EPSS 0.95%
  • Published 06.07.2015 02:01:06
  • Last modified 12.04.2025 10:46:40

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi...

10

CVE-2015-2734

  • EPSS 0.95%
  • Published 06.07.2015 02:01:03
  • Last modified 12.04.2025 10:46:40

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic...

7.5

CVE-2015-0192

  • EPSS 2.5%
  • Published 02.07.2015 21:59:00
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machin...

7.5

CVE-2015-3209

  • EPSS 5.35%
  • Published 15.06.2015 15:59:00
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

4.6

CVE-2015-4106

  • EPSS 0.09%
  • Published 03.06.2015 20:59:09
  • Last modified 12.04.2025 10:46:40

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly ha...

4.3

CVE-2015-4000

  • EPSS 94.03%
  • Published 21.05.2015 00:59:00
  • Last modified 12.04.2025 10:46:40

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

6.8

CVE-2015-0797

  • EPSS 7.61%
  • Published 14.05.2015 10:59:00
  • Last modified 12.04.2025 10:46:40

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbi...