Opensuse Opensuseproject Opensuse

Do you want an email whenever new security vulnerabilities are reported in Opensuseproject Opensuse?

By the Year

In 2022 there have been 0 vulnerabilities in Opensuseproject Opensuse . Opensuse did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Opensuse vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Opensuseproject Opensuse Security Vulnerabilities

Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1

CVE-2014-4616 5.9 - Medium - August 24, 2017

Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.

out-of-bounds array index

The default configuration for the Xerces SAX Parser in Castor before 1.3.3

CVE-2014-3004 - June 11, 2014

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.

XXE

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25

CVE-2014-1494 - March 19, 2014

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors

CVE-2014-1498 - March 19, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

Improper Verification of Cryptographic Signature

Mozilla Firefox before 28.0 and SeaMonkey before 2.25

CVE-2014-1499 - March 19, 2014

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events

CVE-2014-1500 - March 19, 2014

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

Resource Exhaustion

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25

CVE-2014-1502 - March 19, 2014

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

Origin Validation Error

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Suse Linux Enterprise Software Development Kit or by Opensuseproject? Click the Watch button to subscribe.

subscribe