Filtered by vendor Opensuse Subscriptions
Filtered by product Opensuse Subscriptions
Total 1465 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-3032 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2024-11-21 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
CVE-2011-3031 2 Google, Opensuse 2 Chrome, Opensuse 2024-11-21 N/A
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-3026 5 Apple, Google, Opensuse and 2 more 8 Iphone Os, Mac Os X, Mac Os X Server and 5 more 2024-11-21 N/A
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
CVE-2011-2725 3 Canonical, Kde, Opensuse 4 Ubuntu Linux, Ark, Kde Sc and 1 more 2024-11-21 N/A
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
CVE-2011-2198 3 Gnome, Opensuse, Oracle 3 Gnome-terminal, Opensuse, Solaris 2024-11-21 N/A
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@".
CVE-2011-1588 3 Debian, Opensuse, Xfce 3 Debian Linux, Opensuse, Thunar 2024-11-21 7.8 High
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
CVE-2011-1526 6 Debian, Fedoraproject, Mit and 3 more 8 Debian Linux, Fedora, Krb5-appl and 5 more 2024-11-21 N/A
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script.
CVE-2011-1490 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
CVE-2011-1489 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.
CVE-2011-1488 3 Debian, Opensuse, Rsyslog 3 Debian Linux, Opensuse, Rsyslog 2024-11-21 5.5 Medium
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time.
CVE-2011-1145 4 Debian, Opensuse, Redhat and 1 more 4 Debian Linux, Opensuse, Enterprise Linux and 1 more 2024-11-21 7.8 High
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2011-0762 7 Canonical, Debian, Fedoraproject and 4 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2024-11-21 N/A
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
CVE-2011-0611 9 Adobe, Apple, Google and 6 more 14 Acrobat, Acrobat Reader, Adobe Air and 11 more 2024-11-21 8.8 High
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
CVE-2011-0609 9 Adobe, Apple, Google and 6 more 15 Acrobat, Acrobat Reader, Air and 12 more 2024-11-21 7.8 High
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
CVE-2011-0468 1 Opensuse 1 Opensuse 2024-11-21 N/A
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.
CVE-2011-0461 1 Opensuse 1 Opensuse 2024-11-21 N/A
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
CVE-2011-0460 2 Kbd-project, Opensuse 2 Kbd, Opensuse 2024-11-21 N/A
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.
CVE-2010-4661 5 Debian, Fedoraproject, Opensuse and 2 more 5 Debian Linux, Fedora, Opensuse and 2 more 2024-11-21 7.8 High
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
CVE-2010-4494 10 Apache, Apple, Debian and 7 more 18 Openoffice, Iphone Os, Itunes and 15 more 2024-11-21 N/A
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVE-2010-4347 4 Linux, Opensuse, Redhat and 1 more 4 Linux Kernel, Opensuse, Enterprise Mrg and 1 more 2024-11-21 N/A
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.