Filtered by vendor Suse
Subscriptions
Total
1185 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3467 | 5 Debian, F5, Gnu and 2 more | 17 Debian Linux, Arx, Arx Firmware and 14 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. | ||||
| CVE-2015-2695 | 6 Canonical, Debian, Mit and 3 more | 9 Ubuntu Linux, Debian Linux, Kerberos 5 and 6 more | 2025-04-12 | N/A |
| lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. | ||||
| CVE-2014-3468 | 5 Debian, F5, Gnu and 2 more | 17 Debian Linux, Arx, Arx Firmware and 14 more | 2025-04-12 | N/A |
| The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. | ||||
| CVE-2014-4943 | 5 Debian, Linux, Opensuse and 2 more | 9 Debian Linux, Linux Kernel, Opensuse and 6 more | 2025-04-12 | N/A |
| The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | ||||
| CVE-2014-0569 | 8 Adobe, Apple, Google and 5 more | 15 Air Desktop Runtime, Air Sdk, Flash Player and 12 more | 2025-04-12 | N/A |
| Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-2590 | 6 Canonical, Debian, Opensuse and 3 more | 25 Ubuntu Linux, Debian Linux, Opensuse and 22 more | 2025-04-12 | 9.8 Critical |
| Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. | ||||
| CVE-2014-2977 | 3 Directfb, Opensuse, Suse | 6 Directfb, Opensuse, Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. | ||||
| CVE-2014-2978 | 3 Directfb, Opensuse, Suse | 6 Directfb, Opensuse, Linux Enterprise Desktop and 3 more | 2025-04-12 | N/A |
| The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. | ||||
| CVE-2015-2573 | 6 Canonical, Debian, Mariadb and 3 more | 17 Ubuntu Linux, Debian Linux, Mariadb and 14 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. | ||||
| CVE-2015-2571 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. | ||||
| CVE-2015-2575 | 3 Debian, Mysql, Suse | 5 Debian Linux, Mysql, Linux Enterprise Desktop and 2 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J. | ||||
| CVE-2014-0222 | 3 Qemu, Redhat, Suse | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2025-04-12 | N/A |
| Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. | ||||
| CVE-2014-1504 | 4 Mozilla, Opensuse, Oracle and 1 more | 7 Firefox, Seamonkey, Opensuse and 4 more | 2025-04-12 | N/A |
| The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. | ||||
| CVE-2014-1502 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. | ||||
| CVE-2014-2484 | 2 Oracle, Suse | 3 Mysql, Linux Enterprise Desktop, Linux Enterprise Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS. | ||||
| CVE-2014-1499 | 5 Mozilla, Opensuse, Opensuse Project and 2 more | 8 Firefox, Seamonkey, Opensuse and 5 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. | ||||
| CVE-2014-1497 | 6 Canonical, Debian, Mozilla and 3 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-04-12 | 8.8 High |
| The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. | ||||
| CVE-2014-2494 | 5 Debian, Mariadb, Oracle and 2 more | 10 Debian Linux, Mariadb, Mysql and 7 more | 2025-04-12 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC. | ||||
| CVE-2014-1505 | 7 Canonical, Debian, Mozilla and 4 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-04-12 | 7.5 High |
| The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. | ||||
| CVE-2014-0131 | 3 Linux, Opensuse, Suse | 3 Linux Kernel, Evergreen, Linux Enterprise Server | 2025-04-12 | N/A |
| Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. | ||||