Filtered by vendor Opensuse
Subscriptions
Total
3286 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9756 | 3 Canonical, Libsndfile Project, Opensuse | 4 Ubuntu Linux, Libsndfile, Leap and 1 more | 2025-04-12 | N/A |
| The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. | ||||
| CVE-2014-3168 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-12 | N/A |
| Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation. | ||||
| CVE-2014-3169 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-12 | N/A |
| Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. | ||||
| CVE-2014-3474 | 3 Openstack, Opensuse, Redhat | 3 Horizon, Opensuse, Openstack | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name. | ||||
| CVE-2014-3475 | 3 Openstack, Opensuse, Redhat | 3 Horizon, Opensuse, Openstack | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578. | ||||
| CVE-2014-7942 | 5 Canonical, Chromium, Google and 2 more | 9 Ubuntu Linux, Chromium, Chrome and 6 more | 2025-04-12 | N/A |
| The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2014-3532 | 6 Debian, Freedesktop, Linux and 3 more | 6 Debian Linux, Dbus, Linux Kernel and 3 more | 2025-04-12 | N/A |
| dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded. | ||||
| CVE-2014-3594 | 3 Openstack, Opensuse, Redhat | 3 Horizon, Opensuse, Openstack | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name. | ||||
| CVE-2014-3615 | 5 Canonical, Debian, Opensuse and 2 more | 13 Ubuntu Linux, Debian Linux, Opensuse and 10 more | 2025-04-12 | N/A |
| The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution. | ||||
| CVE-2014-3619 | 3 Gluster, Opensuse, Redhat | 4 Glusterfs, Opensuse, Rhel Common and 1 more | 2025-04-12 | N/A |
| The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header. | ||||
| CVE-2014-3636 | 3 D-bus Project, Freedesktop, Opensuse | 3 D-bus, Dbus, Opensuse | 2025-04-12 | N/A |
| D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call. | ||||
| CVE-2014-3638 | 3 D-bus Project, Freedesktop, Opensuse | 3 D-bus, Dbus, Opensuse | 2025-04-12 | N/A |
| The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls. | ||||
| CVE-2014-9666 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | N/A |
| The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap. | ||||
| CVE-2014-3693 | 4 Canonical, Libreoffice, Opensuse and 1 more | 7 Ubuntu Linux, Libreoffice, Opensuse and 4 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. | ||||
| CVE-2016-1626 | 4 Debian, Google, Opensuse and 1 more | 4 Debian Linux, Chrome, Opensuse and 1 more | 2025-04-12 | N/A |
| The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | ||||
| CVE-2014-3967 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. | ||||
| CVE-2014-3968 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-12 | N/A |
| The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. | ||||
| CVE-2014-3985 | 2 Miniupnp Project, Opensuse | 2 Miniupnp, Opensuse | 2025-04-12 | N/A |
| The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. | ||||
| CVE-2016-1656 | 4 Google, Opensuse, Redhat and 1 more | 5 Android, Chrome, Leap and 2 more | 2025-04-12 | N/A |
| The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors. | ||||
| CVE-2016-1674 | 5 Debian, Google, Opensuse and 2 more | 9 Debian Linux, Chrome, Leap and 6 more | 2025-04-12 | N/A |
| The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||||