Filtered by vendor Opensuse
Subscriptions
Total
3291 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0913 | 3 Linux, Opensuse, Redhat | 4 Linux Kernel, Opensuse, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition. | ||||
| CVE-2013-0800 | 6 Canonical, Debian, Mozilla and 3 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2025-04-11 | N/A |
| Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. | ||||
| CVE-2012-0420 | 1 Opensuse | 1 Zypper | 2025-04-11 | N/A |
| zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPP_LOCKFILE_ROOT environment variable. | ||||
| CVE-2012-0427 | 1 Opensuse | 1 Opensuse | 2025-04-11 | N/A |
| yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name. | ||||
| CVE-2012-1095 | 1 Opensuse | 2 Opensuse, Osc | 2025-04-11 | N/A |
| osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. | ||||
| CVE-2013-3324 | 8 Adobe, Apple, Google and 5 more | 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | ||||
| CVE-2013-0211 | 5 Canonical, Fedoraproject, Freebsd and 2 more | 5 Ubuntu Linux, Fedora, Freebsd and 2 more | 2025-04-11 | N/A |
| Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. | ||||
| CVE-2012-2037 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. | ||||
| CVE-2012-2038 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | ||||
| CVE-2012-2039 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. | ||||
| CVE-2012-2865 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||||
| CVE-2012-2866 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | ||||
| CVE-2012-2867 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2012-2868 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. | ||||
| CVE-2012-2872 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2874 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. | ||||
| CVE-2012-2876 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2012-2877 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2012-2879 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document. | ||||
| CVE-2012-2883 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874. | ||||