Opensuse_project Opensuse
16 CVEs affecting Opensuse_project Opensuse. Latest disclosed: 2017-08-24. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-4616 | Medium | 5.9 | 2017-08-24 | Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to re… |
CVE-2014-0481 | | 2014-08-26 | The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate… | |
CVE-2014-3004 | | 2014-06-11 | The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via… | |
CVE-2014-1542 | | 2014-06-11 | Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors… | |
CVE-2014-1528 | | 2014-04-30 | The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute… | |
CVE-2014-1502 | | 2014-03-19 | The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attack… | |
CVE-2014-1500 | | 2014-03-19 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbef… | |
CVE-2014-1499 | | 2014-03-19 | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission pro… | |
CVE-2014-1498 | | 2014-03-19 | The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remo… | |
CVE-2014-1494 | | 2014-03-19 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of… | |
CVE-2014-0081 | | 2014-02-20 | Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3… | |
CVE-2011-4093 | | 2014-02-10 | Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by… | |
CVE-2014-1489 | | 2014-02-06 | Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to ca… | |
CVE-2014-1484 | | 2014-02-06 | Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive informat… | |
CVE-2013-5611 | | 2013-12-11 | Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App ins… | |
CVE-2012-0867 | | 2012-07-18 | PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, whi… |