Filtered by vendor Opensuse Subscriptions
Filtered by product Opensuse Subscriptions
Total 1465 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-0802 3 Canonical, Mozilla, Opensuse 3 Ubuntu Linux, Firefox, Opensuse 2024-11-21 N/A
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.
CVE-2015-0799 3 Canonical, Mozilla, Opensuse 3 Ubuntu Linux, Firefox, Opensuse 2024-11-21 N/A
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
CVE-2015-0794 2 Dracut Project, Opensuse 2 Dracut, Opensuse 2024-11-21 N/A
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.
CVE-2015-0778 3 Fedoraproject, Opensuse, Suse 3 Fedora, Opensuse, Opensuse Osc 2024-11-21 N/A
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
CVE-2015-0564 5 Debian, Opensuse, Oracle and 2 more 6 Debian Linux, Opensuse, Linux and 3 more 2024-11-21 N/A
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
CVE-2015-0563 3 Opensuse, Redhat, Wireshark 3 Opensuse, Enterprise Linux, Wireshark 2024-11-21 N/A
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-0561 3 Opensuse, Oracle, Wireshark 3 Opensuse, Solaris, Wireshark 2024-11-21 N/A
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
CVE-2015-0560 2 Opensuse, Wireshark 2 Opensuse, Wireshark 2024-11-21 N/A
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-0559 2 Opensuse, Wireshark 2 Opensuse, Wireshark 2024-11-21 N/A
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
CVE-2015-0552 2 Gnome, Opensuse 2 Gcab, Opensuse 2024-11-21 N/A
Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."
CVE-2015-0492 4 Opensuse, Oracle, Redhat and 1 more 6 Opensuse, Javafx, Jdk and 3 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.
CVE-2015-0491 4 Opensuse, Oracle, Redhat and 1 more 8 Opensuse, Javafx, Jdk and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
CVE-2015-0486 3 Opensuse, Oracle, Redhat 4 Opensuse, Jdk, Jre and 1 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
CVE-2015-0484 4 Opensuse, Oracle, Redhat and 1 more 6 Opensuse, Javafx, Jdk and 3 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.
CVE-2015-0459 4 Novell, Opensuse, Oracle and 1 more 8 Suse Linux Enterprise Desktop, Opensuse, Javafx and 5 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
CVE-2015-0458 4 Novell, Opensuse, Oracle and 1 more 7 Suse Linux Enterprise Desktop, Opensuse, Jdk and 4 more 2024-11-21 N/A
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
CVE-2015-0427 2 Opensuse, Oracle 2 Opensuse, Vm Virtualbox 2024-11-21 N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2014-6595.
CVE-2015-0418 3 Debian, Opensuse, Oracle 3 Debian Linux, Opensuse, Vm Virtualbox 2024-11-21 N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
CVE-2015-0412 6 Canonical, Debian, Novell and 3 more 11 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 8 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.
CVE-2015-0410 6 Canonical, Debian, Novell and 3 more 12 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 9 more 2024-11-21 N/A
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.