Filtered by vendor Opensuse Subscriptions
Total 3284 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-0031 5 Apache, Debian, Opensuse and 2 more 13 Http Server, Debian Linux, Opensuse and 10 more 2024-11-21 N/A
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
CVE-2011-4862 9 Debian, Fedoraproject, Freebsd and 6 more 14 Debian Linux, Fedora, Freebsd and 11 more 2024-11-21 N/A
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
CVE-2011-4183 1 Opensuse 1 Open Build Service 2024-11-21 N/A
A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.
CVE-2011-4182 1 Opensuse 1 Sysconfig 2024-11-21 N/A
Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. Affected releases are sysconfig prior to 0.83.7-2.1.
CVE-2011-4181 1 Opensuse 1 Open Build Service 2024-11-21 7.5 High
A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
CVE-2011-4093 4 Armin Burgmeier, Opensuse, Opensuse Project and 1 more 4 Net6, Opensuse, Opensuse and 1 more 2024-11-21 N/A
Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.
CVE-2011-4091 3 Armin Burgmeier, Opensuse, Oracle 3 Net6, Opensuse, Solaris 2024-11-21 N/A
The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences.
CVE-2011-3659 4 Mozilla, Opensuse, Redhat and 1 more 8 Firefox, Seamonkey, Thunderbird and 5 more 2024-11-21 N/A
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
CVE-2011-3377 3 Canonical, Opensuse, Redhat 4 Ubuntu Linux, Opensuse, Enterprise Linux and 1 more 2024-11-21 N/A
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.
CVE-2011-3193 5 Canonical, Gnome, Opensuse and 2 more 9 Ubuntu Linux, Pango, Opensuse and 6 more 2024-11-21 N/A
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
CVE-2011-3192 5 Apache, Canonical, Opensuse and 2 more 10 Http Server, Ubuntu Linux, Opensuse and 7 more 2024-11-21 N/A
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CVE-2011-3178 1 Opensuse 1 Open Build Service 2024-11-21 N/A
In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode.
CVE-2011-3098 3 Google, Microsoft, Opensuse 3 Chrome, Windows, Opensuse 2024-11-21 N/A
Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory.
CVE-2011-3079 3 Google, Mozilla, Opensuse 6 Chrome, Firefox, Firefox Esr and 3 more 2024-11-21 N/A
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
CVE-2011-3056 3 Apple, Google, Opensuse 4 Iphone Os, Safari, Chrome and 1 more 2024-11-21 N/A
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
CVE-2011-3055 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 N/A
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.
CVE-2011-3054 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 N/A
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2011-3053 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2024-11-21 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
CVE-2011-3052 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 N/A
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2011-3051 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 N/A
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function.