Marcus Updateinfo to OVAL Converter5.52018-05-02T04:13:55CVE-2002-2443openSUSE Leap 42.1
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
CriticalCVE-2002-2443SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 825985SUSE bug 871411SUSE bug 871411SUSE bug 871411SUSE bug 871411SUSE bug 871411SUSE bug 825985SUSE bug 871411SUSE bug 887734SUSE bug 825985SUSE bug 871411SUSE bug 871411SUSE bug 871411SUSE bug 825985SUSE bug 871411SUSE bug 825985SUSE bug 871411CVE-2004-0801openSUSE Leap 42.1
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
ImportantCVE-2004-0801SUSE bug 59233SUSE bug 59233SUSE bug 59233SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 852368SUSE bug 957531SUSE bug 59233CVE-2004-1377openSUSE Leap 42.1
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
LowCVE-2004-1377CVE-2004-2771openSUSE Leap 42.1
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
ModerateCVE-2004-2771SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208CVE-2006-0743openSUSE Leap 42.1
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
ModerateCVE-2006-0743SUSE bug 148685SUSE bug 148685CVE-2006-0855openSUSE Leap 42.1
Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.
ModerateCVE-2006-0855SUSE bug 153057SUSE bug 153057CVE-2006-2607openSUSE Leap 42.1
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf.
ImportantCVE-2006-2607SUSE bug 178863SUSE bug 537178SUSE bug 537178SUSE bug 537178CVE-2006-4197openSUSE Leap 42.1
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
ImportantCVE-2006-4197SUSE bug 199134SUSE bug 199134SUSE bug 199134CVE-2006-7234openSUSE Leap 42.1
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
ImportantCVE-2006-7234SUSE bug 439427SUSE bug 439427CVE-2006-7243openSUSE Leap 42.1
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
ImportantCVE-2006-7243SUSE bug 654853SUSE bug 654853SUSE bug 893855SUSE bug 654853SUSE bug 924970SUSE bug 992991SUSE bug 1067090CVE-2006-7250openSUSE Leap 42.1
The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message.
ModerateCVE-2006-7250SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 748738SUSE bug 883307SUSE bug 748738CVE-2007-1669openSUSE Leap 42.1
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
ImportantCVE-2007-1669SUSE bug 271781CVE-2007-4460openSUSE Leap 42.1
The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged.
ImportantCVE-2007-4460SUSE bug 307073SUSE bug 307073CVE-2007-4772openSUSE Leap 42.1
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
CriticalCVE-2007-4772SUSE bug 329282SUSE bug 329282SUSE bug 329282SUSE bug 329282SUSE bug 329282CVE-2007-5970openSUSE Leap 42.1
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
ModerateCVE-2007-5970SUSE bug 348307SUSE bug 348307SUSE bug 348307CVE-2007-6600openSUSE Leap 42.1
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.
ImportantCVE-2007-6600SUSE bug 329282SUSE bug 537706SUSE bug 537706CVE-2007-6720openSUSE Leap 42.1
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
LowCVE-2007-6720SUSE bug 468760SUSE bug 468760SUSE bug 468760SUSE bug 468760CVE-2007-6746openSUSE Leap 42.1
telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
ModerateCVE-2007-6746SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120SUSE bug 817120CVE-2008-0928openSUSE Leap 42.1
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
ModerateCVE-2008-0928SUSE bug 362956CVE-2008-1142openSUSE Leap 42.1
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
ImportantCVE-2008-1142SUSE bug 415661SUSE bug 415661SUSE bug 415661CVE-2008-1420openSUSE Leap 42.1
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
ImportantCVE-2008-1420SUSE bug 372246SUSE bug 372246CVE-2008-1686openSUSE Leap 42.1
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
CriticalCVE-2008-1686SUSE bug 377602SUSE bug 377602SUSE bug 377602SUSE bug 379098CVE-2008-1945openSUSE Leap 42.1
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
ModerateCVE-2008-1945SUSE bug 362956SUSE bug 362956CVE-2008-2109openSUSE Leap 42.1
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
ModerateCVE-2008-2109SUSE bug 387731SUSE bug 387731SUSE bug 387731CVE-2008-2382openSUSE Leap 42.1
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
ModerateCVE-2008-2382SUSE bug 461565SUSE bug 464142SUSE bug 464142SUSE bug 464142CVE-2008-3522openSUSE Leap 42.1
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
ImportantCVE-2008-3522SUSE bug 392410SUSE bug 392410SUSE bug 392410CVE-2008-3825openSUSE Leap 42.1
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
ImportantCVE-2008-3825SUSE bug 425861SUSE bug 425861CVE-2008-4225openSUSE Leap 42.1
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
ImportantCVE-2008-4225SUSE bug 445677SUSE bug 445677CVE-2008-4226openSUSE Leap 42.1
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
CriticalCVE-2008-4226SUSE bug 441368SUSE bug 441368CVE-2008-4316openSUSE Leap 42.1
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.
ModerateCVE-2008-4316SUSE bug 449927SUSE bug 449927SUSE bug 449927SUSE bug 475541SUSE bug 382708CVE-2008-4409openSUSE Leap 42.1
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.
ModerateCVE-2008-4409SUSE bug 432486CVE-2008-4539openSUSE Leap 42.1
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
ImportantCVE-2008-4539SUSE bug 435135SUSE bug 448551SUSE bug 448551CVE-2008-4575openSUSE Leap 42.1
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
ImportantCVE-2008-4575SUSE bug 435979SUSE bug 435979CVE-2008-4641openSUSE Leap 42.1
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
CriticalCVE-2008-4641SUSE bug 435979SUSE bug 435979SUSE bug 435979CVE-2008-4690openSUSE Leap 42.1
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
ImportantCVE-2008-4690SUSE bug 439149SUSE bug 439149CVE-2008-4989openSUSE Leap 42.1
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
ImportantCVE-2008-4989SUSE bug 441856SUSE bug 467911SUSE bug 467911SUSE bug 467911SUSE bug 467911SUSE bug 467911SUSE bug 467911SUSE bug 467911SUSE bug 392947CVE-2008-5077openSUSE Leap 42.1
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
ModerateCVE-2008-5077SUSE bug 459468SUSE bug 465675SUSE bug 465676SUSE bug 465675SUSE bug 465676SUSE bug 459468SUSE bug 468866SUSE bug 470968SUSE bug 475108SUSE bug 552497SUSE bug 459468SUSE bug 629905SUSE bug 708266SUSE bug 459468CVE-2008-5913openSUSE Leap 42.1
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack."
LowCVE-2008-5913SUSE bug 468762SUSE bug 468762SUSE bug 603356CVE-2008-5984openSUSE Leap 42.1
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
ImportantCVE-2008-5984SUSE bug 470096SUSE bug 470096SUSE bug 470096CVE-2008-7247openSUSE Leap 42.1
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
ModerateCVE-2008-7247SUSE bug 557669SUSE bug 604528CVE-2009-0023openSUSE Leap 42.1
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
ModerateCVE-2009-0023SUSE bug 510301CVE-2009-0035openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2009-0035SUSE bug 533396CVE-2009-0037openSUSE Leap 42.1
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
CriticalCVE-2009-0037SUSE bug 475103SUSE bug 475103SUSE bug 475103SUSE bug 527990CVE-2009-0040openSUSE Leap 42.1
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
CriticalCVE-2009-0040SUSE bug 472745SUSE bug 472745SUSE bug 478625SUSE bug 478625SUSE bug 608040CVE-2009-0159openSUSE Leap 42.1
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
ImportantCVE-2009-0159SUSE bug 484653SUSE bug 501632SUSE bug 484653CVE-2009-0163openSUSE Leap 42.1
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.
ModerateCVE-2009-0163SUSE bug 485895SUSE bug 485895SUSE bug 485895SUSE bug 485895SUSE bug 485895SUSE bug 485895SUSE bug 485895CVE-2009-0179openSUSE Leap 42.1
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
ImportantCVE-2009-0179SUSE bug 468760SUSE bug 468760SUSE bug 468760SUSE bug 468760SUSE bug 468760CVE-2009-0186openSUSE Leap 42.1
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
CriticalCVE-2009-0186SUSE bug 481769SUSE bug 481769SUSE bug 481769CVE-2009-0316openSUSE Leap 42.1
Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.
ImportantCVE-2009-0316SUSE bug 470100SUSE bug 470100SUSE bug 470100SUSE bug 470100CVE-2009-0590openSUSE Leap 42.1
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
ModerateCVE-2009-0590SUSE bug 489641SUSE bug 489641SUSE bug 489641SUSE bug 489641SUSE bug 459468SUSE bug 629905CVE-2009-0591openSUSE Leap 42.1
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
LowCVE-2009-0591SUSE bug 489641SUSE bug 489641SUSE bug 629905CVE-2009-0652openSUSE Leap 42.1
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.
CriticalCVE-2009-0652SUSE bug 495473CVE-2009-0688openSUSE Leap 42.1
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
ImportantCVE-2009-0688SUSE bug 499104SUSE bug 499104SUSE bug 499104CVE-2009-0696openSUSE Leap 42.1
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
CriticalCVE-2009-0696SUSE bug 526185SUSE bug 526185SUSE bug 526185SUSE bug 526185SUSE bug 526185CVE-2009-0758openSUSE Leap 42.1
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.
ImportantCVE-2009-0758SUSE bug 480865SUSE bug 480865SUSE bug 480865CVE-2009-0771openSUSE Leap 42.1
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.
ImportantCVE-2009-0771SUSE bug 478625CVE-2009-0772openSUSE Leap 42.1
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.
ImportantCVE-2009-0772SUSE bug 478625CVE-2009-0773openSUSE Leap 42.1
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.
ImportantCVE-2009-0773SUSE bug 478625CVE-2009-0774openSUSE Leap 42.1
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.
ImportantCVE-2009-0774SUSE bug 478625CVE-2009-0775openSUSE Leap 42.1
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
ImportantCVE-2009-0775SUSE bug 478625CVE-2009-0776openSUSE Leap 42.1
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
CriticalCVE-2009-0776SUSE bug 478625SUSE bug 465291CVE-2009-0777openSUSE Leap 42.1
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.
ModerateCVE-2009-0777SUSE bug 478625SUSE bug 478625CVE-2009-0789openSUSE Leap 42.1
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
CriticalCVE-2009-0789SUSE bug 489641SUSE bug 489641SUSE bug 489641SUSE bug 459468SUSE bug 629905SUSE bug 489641CVE-2009-0793openSUSE Leap 42.1
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
ModerateCVE-2009-0793SUSE bug 490610SUSE bug 490610SUSE bug 490610SUSE bug 490610SUSE bug 490610SUSE bug 490610SUSE bug 490610SUSE bug 521512SUSE bug 490610SUSE bug 490610SUSE bug 521512SUSE bug 521512SUSE bug 490610SUSE bug 521513SUSE bug 521513SUSE bug 521513CVE-2009-0799openSUSE Leap 42.1
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
ModerateCVE-2009-0799SUSE bug 487100CVE-2009-0800openSUSE Leap 42.1
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-0800SUSE bug 487100CVE-2009-0844openSUSE Leap 42.1
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.
ImportantCVE-2009-0844SUSE bug 486722CVE-2009-0845openSUSE Leap 42.1
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.
ModerateCVE-2009-0845SUSE bug 485894SUSE bug 486722CVE-2009-0846openSUSE Leap 42.1
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
CriticalCVE-2009-0846SUSE bug 486723SUSE bug 486723CVE-2009-0847openSUSE Leap 42.1
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
ImportantCVE-2009-0847SUSE bug 486722SUSE bug 486722CVE-2009-0945openSUSE Leap 42.1
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption.
ImportantCVE-2009-0945SUSE bug 512559SUSE bug 512559SUSE bug 515124SUSE bug 515124SUSE bug 541632SUSE bug 515124SUSE bug 515124SUSE bug 515124SUSE bug 512559SUSE bug 601349SUSE bug 512559SUSE bug 644114SUSE bug 512559CVE-2009-0946openSUSE Leap 42.1
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
CriticalCVE-2009-0946SUSE bug 485889SUSE bug 496289SUSE bug 485889SUSE bug 541626SUSE bug 541626CVE-2009-1044openSUSE Leap 42.1
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
CriticalCVE-2009-1044SUSE bug 488955SUSE bug 488955SUSE bug 465291SUSE bug 488955CVE-2009-1169openSUSE Leap 42.1
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
ImportantCVE-2009-1169SUSE bug 488955SUSE bug 488955SUSE bug 509766SUSE bug 509766SUSE bug 509766SUSE bug 509766SUSE bug 509766CVE-2009-1179openSUSE Leap 42.1
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-1179SUSE bug 487100CVE-2009-1180openSUSE Leap 42.1
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
ImportantCVE-2009-1180SUSE bug 487100CVE-2009-1181openSUSE Leap 42.1
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
ModerateCVE-2009-1181SUSE bug 487100CVE-2009-1182openSUSE Leap 42.1
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
ImportantCVE-2009-1182SUSE bug 487100CVE-2009-1183openSUSE Leap 42.1
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
ModerateCVE-2009-1183SUSE bug 487100SUSE bug 487100CVE-2009-1187openSUSE Leap 42.1
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
CriticalCVE-2009-1187SUSE bug 487100SUSE bug 487100SUSE bug 508153SUSE bug 508154SUSE bug 539875SUSE bug 566697CVE-2009-1188openSUSE Leap 42.1
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.
ImportantCVE-2009-1188SUSE bug 487100SUSE bug 487100SUSE bug 508153SUSE bug 508154SUSE bug 508154SUSE bug 508153SUSE bug 508154SUSE bug 508154SUSE bug 539875SUSE bug 539875SUSE bug 546400SUSE bug 539875SUSE bug 539875SUSE bug 539875SUSE bug 539875SUSE bug 566697CVE-2009-1191openSUSE Leap 42.1
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
CriticalCVE-2009-1191SUSE bug 521943SUSE bug 539571SUSE bug 521943CVE-2009-1195openSUSE Leap 42.1
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file.
ModerateCVE-2009-1195SUSE bug 512583SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 513080SUSE bug 512583SUSE bug 539571SUSE bug 513080SUSE bug 539571SUSE bug 513080SUSE bug 512583SUSE bug 513080SUSE bug 539571SUSE bug 513080SUSE bug 539571SUSE bug 513080CVE-2009-1210openSUSE Leap 42.1
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
ImportantCVE-2009-1210SUSE bug 491449SUSE bug 493584CVE-2009-1252openSUSE Leap 42.1
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
ImportantCVE-2009-1252SUSE bug 501632SUSE bug 501632SUSE bug 501632SUSE bug 501632CVE-2009-1267openSUSE Leap 42.1
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
ModerateCVE-2009-1267SUSE bug 493584CVE-2009-1268openSUSE Leap 42.1
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
LowCVE-2009-1268SUSE bug 493584CVE-2009-1269openSUSE Leap 42.1
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
LowCVE-2009-1269SUSE bug 493584SUSE bug 493584SUSE bug 493584CVE-2009-1273openSUSE Leap 42.1
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
ImportantCVE-2009-1273SUSE bug 492764SUSE bug 507729SUSE bug 507729SUSE bug 507729CVE-2009-1302openSUSE Leap 42.1
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
ImportantCVE-2009-1302SUSE bug 495473CVE-2009-1303openSUSE Leap 42.1
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
ImportantCVE-2009-1303SUSE bug 495473CVE-2009-1304openSUSE Leap 42.1
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
ImportantCVE-2009-1304SUSE bug 495473CVE-2009-1305openSUSE Leap 42.1
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
ImportantCVE-2009-1305SUSE bug 495473CVE-2009-1306openSUSE Leap 42.1
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
ModerateCVE-2009-1306SUSE bug 495473CVE-2009-1307openSUSE Leap 42.1
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
ModerateCVE-2009-1307SUSE bug 495473SUSE bug 515951CVE-2009-1308openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
ModerateCVE-2009-1308SUSE bug 495473CVE-2009-1309openSUSE Leap 42.1
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
ModerateCVE-2009-1309SUSE bug 495473CVE-2009-1310openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
LowCVE-2009-1310SUSE bug 495473CVE-2009-1311openSUSE Leap 42.1
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
ModerateCVE-2009-1311SUSE bug 495473SUSE bug 465291SUSE bug 515951CVE-2009-1312openSUSE Leap 42.1
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.
ModerateCVE-2009-1312SUSE bug 495473SUSE bug 495473SUSE bug 495473CVE-2009-1313openSUSE Leap 42.1
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
CriticalCVE-2009-1313SUSE bug 500909SUSE bug 502062SUSE bug 502062CVE-2009-1377openSUSE Leap 42.1
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
ModerateCVE-2009-1377SUSE bug 504687SUSE bug 459468SUSE bug 629905CVE-2009-1378openSUSE Leap 42.1
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
ModerateCVE-2009-1378SUSE bug 504687SUSE bug 459468SUSE bug 629905CVE-2009-1379openSUSE Leap 42.1
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
ModerateCVE-2009-1379SUSE bug 504687SUSE bug 504687SUSE bug 504687SUSE bug 459468SUSE bug 629905CVE-2009-1384openSUSE Leap 42.1
pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
LowCVE-2009-1384SUSE bug 507729SUSE bug 507729CVE-2009-1386openSUSE Leap 42.1
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
ModerateCVE-2009-1386SUSE bug 509031SUSE bug 509031SUSE bug 515659SUSE bug 459468SUSE bug 629905CVE-2009-1387openSUSE Leap 42.1
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
ModerateCVE-2009-1387SUSE bug 509031SUSE bug 509031SUSE bug 515659SUSE bug 515659SUSE bug 459468SUSE bug 629905CVE-2009-1563openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2009-1563SUSE bug 546371SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109SUSE bug 557126SUSE bug 557127SUSE bug 557128SUSE bug 557126SUSE bug 557671CVE-2009-1571openSUSE Leap 42.1
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.
ImportantCVE-2009-1571SUSE bug 576969SUSE bug 581160SUSE bug 584499CVE-2009-1720openSUSE Leap 42.1
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information.
ImportantCVE-2009-1720SUSE bug 527538SUSE bug 527539SUSE bug 527539CVE-2009-1721openSUSE Leap 42.1
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
ImportantCVE-2009-1721SUSE bug 527538SUSE bug 527539CVE-2009-1882openSUSE Leap 42.1
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.
ImportantCVE-2009-1882SUSE bug 507728SUSE bug 507728SUSE bug 507728CVE-2009-1885openSUSE Leap 42.1
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
ModerateCVE-2009-1885SUSE bug 530708SUSE bug 530708SUSE bug 530708CVE-2009-1886openSUSE Leap 42.1
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.
CriticalCVE-2009-1886SUSE bug 513360SUSE bug 515479SUSE bug 515479CVE-2009-1888openSUSE Leap 42.1
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.
LowCVE-2009-1888SUSE bug 513360SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479SUSE bug 515479CVE-2009-1890openSUSE Leap 42.1
The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests.
ImportantCVE-2009-1890SUSE bug 519194SUSE bug 519194SUSE bug 519194SUSE bug 519194SUSE bug 519194CVE-2009-1891openSUSE Leap 42.1
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
ModerateCVE-2009-1891SUSE bug 521906SUSE bug 521906SUSE bug 521906SUSE bug 521906SUSE bug 521906CVE-2009-1892openSUSE Leap 42.1
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
ModerateCVE-2009-1892SUSE bug 519413SUSE bug 519413SUSE bug 519413SUSE bug 519413SUSE bug 519413CVE-2009-1955openSUSE Leap 42.1
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
ModerateCVE-2009-1955SUSE bug 509825SUSE bug 510301SUSE bug 529591SUSE bug 992541CVE-2009-1956openSUSE Leap 42.1
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
ModerateCVE-2009-1956SUSE bug 510301SUSE bug 510301SUSE bug 510301SUSE bug 510301CVE-2009-1959openSUSE Leap 42.1
Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.
ModerateCVE-2009-1959SUSE bug 510837SUSE bug 510837SUSE bug 510837SUSE bug 510837SUSE bug 510837CVE-2009-2285openSUSE Leap 42.1
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
ModerateCVE-2009-2285SUSE bug 518698SUSE bug 518698CVE-2009-2347openSUSE Leap 42.1
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
ImportantCVE-2009-2347SUSE bug 519796SUSE bug 519796SUSE bug 519796SUSE bug 519796SUSE bug 616827CVE-2009-2411openSUSE Leap 42.1
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.
ImportantCVE-2009-2411SUSE bug 528714SUSE bug 528714SUSE bug 528714SUSE bug 802057SUSE bug 528714CVE-2009-2412openSUSE Leap 42.1
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
ImportantCVE-2009-2412SUSE bug 528714SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 528714SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 529591SUSE bug 802057SUSE bug 529591CVE-2009-2417openSUSE Leap 42.1
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2009-2417SUSE bug 527990SUSE bug 527990SUSE bug 528372SUSE bug 528372SUSE bug 528372SUSE bug 528372CVE-2009-2470openSUSE Leap 42.1
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
ModerateCVE-2009-2470CVE-2009-2473openSUSE Leap 42.1
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
ModerateCVE-2009-2473SUSE bug 532345SUSE bug 528370SUSE bug 532345SUSE bug 532345SUSE bug 532345CVE-2009-2474openSUSE Leap 42.1
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2009-2474SUSE bug 528370SUSE bug 528370SUSE bug 528370SUSE bug 528370CVE-2009-2624openSUSE Leap 42.1
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
ImportantCVE-2009-2624SUSE bug 570331SUSE bug 570331SUSE bug 570331SUSE bug 570331SUSE bug 588113CVE-2009-2625openSUSE Leap 42.1
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
ImportantCVE-2009-2625SUSE bug 530717SUSE bug 534025SUSE bug 525562SUSE bug 534721SUSE bug 537969SUSE bug 540945SUSE bug 540945SUSE bug 540945SUSE bug 548655SUSE bug 550664SUSE bug 553220SUSE bug 558892SUSE bug 581162SUSE bug 581765SUSE bug 610080SUSE bug 611931SUSE bug 611932SUSE bug 610080SUSE bug 611931CVE-2009-2654openSUSE Leap 42.1
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
ModerateCVE-2009-2654SUSE bug 527489CVE-2009-2666openSUSE Leap 42.1
socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ImportantCVE-2009-2666SUSE bug 528746SUSE bug 528746SUSE bug 528746SUSE bug 528746SUSE bug 528746SUSE bug 528746SUSE bug 528746SUSE bug 528746CVE-2009-2694openSUSE Leap 42.1
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376.
CriticalCVE-2009-2694SUSE bug 527100SUSE bug 527100SUSE bug 527100SUSE bug 527100CVE-2009-2699openSUSE Leap 42.1
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
ModerateCVE-2009-2699SUSE bug 1078450CVE-2009-2703openSUSE Leap 42.1
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
ImportantCVE-2009-2703SUSE bug 537214SUSE bug 537214CVE-2009-2813openSUSE Leap 42.1
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.
ModerateCVE-2009-2813SUSE bug 539517SUSE bug 515479SUSE bug 539517SUSE bug 543115SUSE bug 539517SUSE bug 539517SUSE bug 539517CVE-2009-2820openSUSE Leap 42.1
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues.
ModerateCVE-2009-2820SUSE bug 548317SUSE bug 548317SUSE bug 551563SUSE bug 548317SUSE bug 548317SUSE bug 551563SUSE bug 574336CVE-2009-2905openSUSE Leap 42.1
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
ModerateCVE-2009-2905SUSE bug 540930SUSE bug 540930SUSE bug 540930SUSE bug 540930SUSE bug 540930CVE-2009-2906openSUSE Leap 42.1
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
LowCVE-2009-2906SUSE bug 543115SUSE bug 515479SUSE bug 543115SUSE bug 543115SUSE bug 543115SUSE bug 543115SUSE bug 543115CVE-2009-2948openSUSE Leap 42.1
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.
LowCVE-2009-2948SUSE bug 542150SUSE bug 515479SUSE bug 542150SUSE bug 543115SUSE bug 542150SUSE bug 542150CVE-2009-3026openSUSE Leap 42.1
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions.
ImportantCVE-2009-3026SUSE bug 535570SUSE bug 535570SUSE bug 535570SUSE bug 550170CVE-2009-3050openSUSE Leap 42.1
Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.
ModerateCVE-2009-3050SUSE bug 535943SUSE bug 523721SUSE bug 535943SUSE bug 535943SUSE bug 535943SUSE bug 535943CVE-2009-3069openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3069SUSE bug 534458CVE-2009-3070openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3070SUSE bug 534458SUSE bug 538290CVE-2009-3071openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3071SUSE bug 534458SUSE bug 538290CVE-2009-3072openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.
ImportantCVE-2009-3072SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935CVE-2009-3073openSUSE Leap 42.1
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3073SUSE bug 534458CVE-2009-3074openSUSE Leap 42.1
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3074SUSE bug 538290CVE-2009-3075openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.
ImportantCVE-2009-3075SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935CVE-2009-3077openSUSE Leap 42.1
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."
ImportantCVE-2009-3077SUSE bug 534458SUSE bug 538290SUSE bug 590499SUSE bug 607935CVE-2009-3078openSUSE Leap 42.1
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.
ModerateCVE-2009-3078SUSE bug 534458SUSE bug 538290CVE-2009-3079openSUSE Leap 42.1
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
ImportantCVE-2009-3079SUSE bug 534458SUSE bug 538290SUSE bug 538290CVE-2009-3083openSUSE Leap 42.1
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
ModerateCVE-2009-3083SUSE bug 536602SUSE bug 550170CVE-2009-3084openSUSE Leap 42.1
The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect "UTF16-LE" charset name.
ModerateCVE-2009-3084SUSE bug 536602SUSE bug 550170CVE-2009-3085openSUSE Leap 42.1
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.
ModerateCVE-2009-3085SUSE bug 536602SUSE bug 536602SUSE bug 536602SUSE bug 536602SUSE bug 550170CVE-2009-3094openSUSE Leap 42.1
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.
ImportantCVE-2009-3094SUSE bug 538322CVE-2009-3095openSUSE Leap 42.1
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.
ImportantCVE-2009-3095SUSE bug 538322SUSE bug 538322SUSE bug 538322SUSE bug 538322SUSE bug 538322CVE-2009-3235openSUSE Leap 42.1
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
ImportantCVE-2009-3235SUSE bug 539876SUSE bug 539877SUSE bug 539877SUSE bug 539877SUSE bug 539877CVE-2009-3241openSUSE Leap 42.1
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
ImportantCVE-2009-3241SUSE bug 541654SUSE bug 541654CVE-2009-3242openSUSE Leap 42.1
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure.
ImportantCVE-2009-3242SUSE bug 541659SUSE bug 541659CVE-2009-3243openSUSE Leap 42.1
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
ImportantCVE-2009-3243SUSE bug 541655SUSE bug 541655CVE-2009-3274openSUSE Leap 42.1
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.
LowCVE-2009-3274SUSE bug 534458SUSE bug 534458SUSE bug 534458SUSE bug 534458SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3295openSUSE Leap 42.1
The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request.
ModerateCVE-2009-3295SUSE bug 561347SUSE bug 561347SUSE bug 561347SUSE bug 561347SUSE bug 561347SUSE bug 561347SUSE bug 561347CVE-2009-3297openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0787, CVE-2010-0788, CVE-2010-0789. Reason: this candidate was intended for one issue in Samba, but it was used for multiple distinct issues, including one in FUSE and one in ncpfs. Notes: All CVE users should consult CVE-2010-0787 (Samba), CVE-2010-0788 (ncpfs), and CVE-2010-0789 (FUSE) to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Not setCVE-2009-3297SUSE bug 550002SUSE bug 550003SUSE bug 577925SUSE bug 583535SUSE bug 583536SUSE bug 583536SUSE bug 550002SUSE bug 550003SUSE bug 583536SUSE bug 594263SUSE bug 550004SUSE bug 620680SUSE bug 651598CVE-2009-3370openSUSE Leap 42.1
Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
ModerateCVE-2009-3370SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3371openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.
CriticalCVE-2009-3371SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3372openSUSE Leap 42.1
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
ModerateCVE-2009-3372SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3373openSUSE Leap 42.1
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2009-3373SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109SUSE bug 557686CVE-2009-3374openSUSE Leap 42.1
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
ImportantCVE-2009-3374SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3375openSUSE Leap 42.1
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.
ModerateCVE-2009-3375SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3376openSUSE Leap 42.1
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.
LowCVE-2009-3376SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109SUSE bug 590499SUSE bug 607935CVE-2009-3377openSUSE Leap 42.1
Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3377SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3378openSUSE Leap 42.1
The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file.
CriticalCVE-2009-3378SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3379openSUSE Leap 42.1
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.
ImportantCVE-2009-3379SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109SUSE bug 608192CVE-2009-3380openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3380SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3381openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3381SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3383openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3383SUSE bug 545277SUSE bug 545277SUSE bug 545277SUSE bug 522109CVE-2009-3388openSUSE Leap 42.1
liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues."
CriticalCVE-2009-3388SUSE bug 559807CVE-2009-3389openSUSE Leap 42.1
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
CriticalCVE-2009-3389SUSE bug 559807SUSE bug 581722SUSE bug 581722CVE-2009-3553openSUSE Leap 42.1
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-3553SUSE bug 554861SUSE bug 554861SUSE bug 554861SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 574336SUSE bug 578215SUSE bug 578215SUSE bug 578215SUSE bug 554861SUSE bug 578215CVE-2009-3555openSUSE Leap 42.1
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
ImportantCVE-2009-3555SUSE bug 553641SUSE bug 553641SUSE bug 554084SUSE bug 554085SUSE bug 554069SUSE bug 554069SUSE bug 555177SUSE bug 557168SUSE bug 554069SUSE bug 564507SUSE bug 564507SUSE bug 566041SUSE bug 552497SUSE bug 459468SUSE bug 584292SUSE bug 590826SUSE bug 584292SUSE bug 588996SUSE bug 586567SUSE bug 592589SUSE bug 594415SUSE bug 604782SUSE bug 614753SUSE bug 586809SUSE bug 622073SUSE bug 623905SUSE bug 646073SUSE bug 646906SUSE bug 648140SUSE bug 642531SUSE bug 648950SUSE bug 629905SUSE bug 659926SUSE bug 586809SUSE bug 670152SUSE bug 704832SUSE bug 728876SUSE bug 729181SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 753357SUSE bug 704832SUSE bug 799454SUSE bug 799454SUSE bug 799454SUSE bug 791794SUSE bug 815621SUSE bug 554084SUSE bug 979060SUSE bug 979060SUSE bug 979060SUSE bug 979060SUSE bug 986238SUSE bug 1077582CVE-2009-3560openSUSE Leap 42.1
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.
ImportantCVE-2009-3560SUSE bug 558892SUSE bug 561561SUSE bug 581162SUSE bug 561561SUSE bug 581765SUSE bug 550666SUSE bug 561561SUSE bug 611931SUSE bug 694595SUSE bug 725950CVE-2009-3607openSUSE Leap 42.1
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CriticalCVE-2009-3607SUSE bug 546393SUSE bug 546393SUSE bug 566697CVE-2009-3608openSUSE Leap 42.1
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
ImportantCVE-2009-3608SUSE bug 543090SUSE bug 543410SUSE bug 546400SUSE bug 543410SUSE bug 546400SUSE bug 546404SUSE bug 556049SUSE bug 566697CVE-2009-3615openSUSE Leap 42.1
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
ModerateCVE-2009-3615SUSE bug 548072SUSE bug 550170CVE-2009-3617openSUSE Leap 42.1
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information.
ModerateCVE-2009-3617SUSE bug 547318SUSE bug 573072CVE-2009-3627openSUSE Leap 42.1
The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.
ModerateCVE-2009-3627SUSE bug 550076SUSE bug 550076SUSE bug 585716CVE-2009-3720openSUSE Leap 42.1
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.
ImportantCVE-2009-3720SUSE bug 534721SUSE bug 550664SUSE bug 550666SUSE bug 558892SUSE bug 534721SUSE bug 581162SUSE bug 561561SUSE bug 581765SUSE bug 550666SUSE bug 561561SUSE bug 611931SUSE bug 725950CVE-2009-3736openSUSE Leap 42.1
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
ImportantCVE-2009-3736SUSE bug 556122CVE-2009-3939openSUSE Leap 42.1
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
ImportantCVE-2009-3939SUSE bug 555173SUSE bug 557180SUSE bug 557180CVE-2009-3979openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2009-3979SUSE bug 559807CVE-2009-3980openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3980SUSE bug 559807CVE-2009-3982openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2009-3982SUSE bug 559807CVE-2009-3983openSUSE Leap 42.1
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
ModerateCVE-2009-3983SUSE bug 559807SUSE bug 590499SUSE bug 607935CVE-2009-3984openSUSE Leap 42.1
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.
ModerateCVE-2009-3984SUSE bug 559807CVE-2009-3985openSUSE Leap 42.1
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
ModerateCVE-2009-3985SUSE bug 559807CVE-2009-3995openSUSE Leap 42.1
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.
CriticalCVE-2009-3995SUSE bug 577875SUSE bug 577875SUSE bug 577875SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 752802SUSE bug 752802SUSE bug 625547SUSE bug 752802SUSE bug 752802SUSE bug 752802SUSE bug 752802SUSE bug 625547SUSE bug 752802SUSE bug 752802SUSE bug 625547SUSE bug 577875SUSE bug 625547SUSE bug 752802SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547CVE-2009-3996openSUSE Leap 42.1
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
CriticalCVE-2009-3996SUSE bug 577875SUSE bug 577875SUSE bug 577875CVE-2009-4019openSUSE Leap 42.1
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
LowCVE-2009-4019SUSE bug 557669SUSE bug 557669SUSE bug 557669SUSE bug 604528CVE-2009-4022openSUSE Leap 42.1
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
CriticalCVE-2009-4022SUSE bug 558260SUSE bug 558260SUSE bug 570912SUSE bug 570912SUSE bug 570912SUSE bug 644911CVE-2009-4026openSUSE Leap 42.1
The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."
ImportantCVE-2009-4026SUSE bug 558267SUSE bug 558267SUSE bug 558267CVE-2009-4027openSUSE Leap 42.1
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
ImportantCVE-2009-4027SUSE bug 558267SUSE bug 558267SUSE bug 558267CVE-2009-4028openSUSE Leap 42.1
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
LowCVE-2009-4028SUSE bug 557669SUSE bug 604528CVE-2009-4029openSUSE Leap 42.1
The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.
ModerateCVE-2009-4029SUSE bug 559815SUSE bug 559815SUSE bug 559815SUSE bug 559815SUSE bug 559815SUSE bug 770618SUSE bug 786745SUSE bug 770618SUSE bug 559815SUSE bug 559815SUSE bug 559815SUSE bug 559815CVE-2009-4030openSUSE Leap 42.1
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
LowCVE-2009-4030SUSE bug 557669SUSE bug 604528CVE-2009-4034openSUSE Leap 42.1
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
LowCVE-2009-4034SUSE bug 564710SUSE bug 603968CVE-2009-4131openSUSE Leap 42.1
The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.
ImportantCVE-2009-4131SUSE bug 561018SUSE bug 561018SUSE bug 564380CVE-2009-4136openSUSE Leap 42.1
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.
ModerateCVE-2009-4136SUSE bug 564360SUSE bug 603969CVE-2009-4138openSUSE Leap 42.1
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.
ImportantCVE-2009-4138SUSE bug 564712CVE-2009-4212openSUSE Leap 42.1
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
CriticalCVE-2009-4212SUSE bug 561351SUSE bug 561351SUSE bug 561351SUSE bug 561351SUSE bug 561351CVE-2009-4492openSUSE Leap 42.1
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
ImportantCVE-2009-4492SUSE bug 570616SUSE bug 580482SUSE bug 570616CVE-2009-4536openSUSE Leap 42.1
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.
CriticalCVE-2009-4536SUSE bug 567376SUSE bug 567376SUSE bug 567376CVE-2009-4538openSUSE Leap 42.1
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
ImportantCVE-2009-4538SUSE bug 567376SUSE bug 567376SUSE bug 567376CVE-2009-5029openSUSE Leap 42.1
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
ImportantCVE-2009-5029SUSE bug 735850SUSE bug 736174SUSE bug 759836SUSE bug 826666SUSE bug 920055CVE-2009-5030openSUSE Leap 42.1
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
ImportantCVE-2009-5030SUSE bug 757260SUSE bug 757260CVE-2009-5044openSUSE Leap 42.1
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
ModerateCVE-2009-5044SUSE bug 698290SUSE bug 703666CVE-2009-5080openSUSE Leap 42.1
The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296.
LowCVE-2009-5080SUSE bug 703665CVE-2009-5081openSUSE Leap 42.1
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
LowCVE-2009-5081SUSE bug 703666CVE-2010-0001openSUSE Leap 42.1
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
CriticalCVE-2010-0001SUSE bug 570331SUSE bug 570331SUSE bug 570331SUSE bug 588113SUSE bug 588113CVE-2010-0013openSUSE Leap 42.1
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
ImportantCVE-2010-0013SUSE bug 567799SUSE bug 569616SUSE bug 567799SUSE bug 581201CVE-2010-0159openSUSE Leap 42.1
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
ImportantCVE-2010-0159SUSE bug 576969SUSE bug 581160SUSE bug 584499CVE-2010-0164openSUSE Leap 42.1
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.
CriticalCVE-2010-0164CVE-2010-0165openSUSE Leap 42.1
The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.
CriticalCVE-2010-0165CVE-2010-0166openSUSE Leap 42.1
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.
ModerateCVE-2010-0166CVE-2010-0167openSUSE Leap 42.1
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
ImportantCVE-2010-0167CVE-2010-0168openSUSE Leap 42.1
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.
ImportantCVE-2010-0168CVE-2010-0169openSUSE Leap 42.1
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.
ModerateCVE-2010-0169CVE-2010-0170openSUSE Leap 42.1
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
ModerateCVE-2010-0170CVE-2010-0171openSUSE Leap 42.1
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.
ModerateCVE-2010-0171CVE-2010-0172openSUSE Leap 42.1
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.
ModerateCVE-2010-0172CVE-2010-0173openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-0173SUSE bug 586567CVE-2010-0174openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-0174SUSE bug 586567CVE-2010-0175openSUSE Leap 42.1
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.
ImportantCVE-2010-0175SUSE bug 586567CVE-2010-0176openSUSE Leap 42.1
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."
ImportantCVE-2010-0176SUSE bug 586567CVE-2010-0177openSUSE Leap 42.1
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."
ImportantCVE-2010-0177SUSE bug 586567CVE-2010-0178openSUSE Leap 42.1
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.
ImportantCVE-2010-0178SUSE bug 586567CVE-2010-0181openSUSE Leap 42.1
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.
ModerateCVE-2010-0181SUSE bug 586567CVE-2010-0182openSUSE Leap 42.1
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
ModerateCVE-2010-0182SUSE bug 586567CVE-2010-0277openSUSE Leap 42.1
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.
ModerateCVE-2010-0277SUSE bug 569616SUSE bug 567799SUSE bug 569616SUSE bug 569616SUSE bug 569616SUSE bug 569616SUSE bug 569616SUSE bug 581201CVE-2010-0283openSUSE Leap 42.1
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
ImportantCVE-2010-0283SUSE bug 571781SUSE bug 576524SUSE bug 571781CVE-2010-0393openSUSE Leap 42.1
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
ModerateCVE-2010-0393SUSE bug 574336SUSE bug 574336SUSE bug 574336SUSE bug 574336CVE-2010-0405openSUSE Leap 42.1
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
ImportantCVE-2010-0405SUSE bug 636978SUSE bug 636978SUSE bug 646682SUSE bug 636978CVE-2010-0407openSUSE Leap 42.1
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
CriticalCVE-2010-0407SUSE bug 609317SUSE bug 609317SUSE bug 641823CVE-2010-0408openSUSE Leap 42.1
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code.
ImportantCVE-2010-0408SUSE bug 586572SUSE bug 586572SUSE bug 601151SUSE bug 586572CVE-2010-0420openSUSE Leap 42.1
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.
ModerateCVE-2010-0420SUSE bug 569616SUSE bug 569616SUSE bug 581201CVE-2010-0423openSUSE Leap 42.1
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.
ModerateCVE-2010-0423SUSE bug 569616SUSE bug 569616SUSE bug 581201CVE-2010-0424openSUSE Leap 42.1
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory.
ImportantCVE-2010-0424SUSE bug 580800SUSE bug 580800SUSE bug 589640SUSE bug 580800SUSE bug 590353SUSE bug 579447SUSE bug 580800CVE-2010-0425openSUSE Leap 42.1
modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."
CriticalCVE-2010-0425SUSE bug 586572SUSE bug 586572SUSE bug 601151SUSE bug 1078450CVE-2010-0434openSUSE Leap 42.1
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.
LowCVE-2010-0434SUSE bug 586572SUSE bug 586572SUSE bug 601151SUSE bug 586572CVE-2010-0436openSUSE Leap 42.1
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.
ImportantCVE-2010-0436SUSE bug 584223CVE-2010-0540openSUSE Leap 42.1
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.
ModerateCVE-2010-0540SUSE bug 601830SUSE bug 601830SUSE bug 601830SUSE bug 680210SUSE bug 680212SUSE bug 700987SUSE bug 711490SUSE bug 715643SUSE bug 601830SUSE bug 671735SUSE bug 680210SUSE bug 711490SUSE bug 715643SUSE bug 601830SUSE bug 680210SUSE bug 748422SUSE bug 748422SUSE bug 748422CVE-2010-0541openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
ModerateCVE-2010-0541SUSE bug 600752SUSE bug 600752SUSE bug 600752CVE-2010-0542openSUSE Leap 42.1
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
ImportantCVE-2010-0542SUSE bug 601352SUSE bug 644521SUSE bug 601352SUSE bug 657780SUSE bug 601352SUSE bug 601352CVE-2010-0547openSUSE Leap 42.1
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
ModerateCVE-2010-0547SUSE bug 577925SUSE bug 577868SUSE bug 583535SUSE bug 583536SUSE bug 594263SUSE bug 597421SUSE bug 602694SUSE bug 583535SUSE bug 709819CVE-2010-0624openSUSE Leap 42.1
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
ImportantCVE-2010-0624SUSE bug 579475SUSE bug 579475SUSE bug 608034CVE-2010-0628openSUSE Leap 42.1
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.
ImportantCVE-2010-0628SUSE bug 582557SUSE bug 586981CVE-2010-0654openSUSE Leap 42.1
Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
ModerateCVE-2010-0654SUSE bug 583603SUSE bug 622506CVE-2010-0728openSUSE Leap 42.1
smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.
CriticalCVE-2010-0728SUSE bug 586683CVE-2010-0740openSUSE Leap 42.1
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-0740SUSE bug 590833SUSE bug 590833SUSE bug 590833SUSE bug 629905CVE-2010-0742openSUSE Leap 42.1
The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.
ImportantCVE-2010-0742SUSE bug 610642CVE-2010-0750openSUSE Leap 42.1
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument.
ModerateCVE-2010-0750SUSE bug 593959CVE-2010-0787openSUSE Leap 42.1
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
ImportantCVE-2010-0787SUSE bug 550002SUSE bug 550002SUSE bug 602694SUSE bug 620680CVE-2010-0926openSUSE Leap 42.1
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
ModerateCVE-2010-0926SUSE bug 577868SUSE bug 577868SUSE bug 597421SUSE bug 1027147CVE-2010-0991openSUSE Leap 42.1
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
ImportantCVE-2010-0991SUSE bug 598935CVE-2010-1000openSUSE Leap 42.1
Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
ModerateCVE-2010-1000SUSE bug 604709SUSE bug 687873SUSE bug 687873SUSE bug 687873SUSE bug 687873SUSE bug 687873SUSE bug 687873SUSE bug 687873SUSE bug 604709CVE-2010-1028openSUSE Leap 42.1
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
CriticalCVE-2010-1028CVE-2010-1121openSUSE Leap 42.1
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
ImportantCVE-2010-1121SUSE bug 603356CVE-2010-1125openSUSE Leap 42.1
The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
ImportantCVE-2010-1125SUSE bug 603356CVE-2010-1146openSUSE Leap 42.1
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
ImportantCVE-2010-1146SUSE bug 593906CVE-2010-1154openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2010. Notes: none.
Not setCVE-2010-1154SUSE bug 596005SUSE bug 596005CVE-2010-1155openSUSE Leap 42.1
Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate.
ImportantCVE-2010-1155SUSE bug 596005SUSE bug 596005CVE-2010-1160openSUSE Leap 42.1
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim.
Not setCVE-2010-1160SUSE bug 596831CVE-2010-1161openSUSE Leap 42.1
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.
LowCVE-2010-1161SUSE bug 596831CVE-2010-1163openSUSE Leap 42.1
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.
ImportantCVE-2010-1163SUSE bug 594738SUSE bug 594738SUSE bug 594738SUSE bug 594738CVE-2010-1167openSUSE Leap 42.1
fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list.
LowCVE-2010-1167SUSE bug 597673CVE-2010-1169openSUSE Leap 42.1
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.
ImportantCVE-2010-1169SUSE bug 605926SUSE bug 605926SUSE bug 605926SUSE bug 648140CVE-2010-1170openSUSE Leap 42.1
The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.
ModerateCVE-2010-1170SUSE bug 605845SUSE bug 605926SUSE bug 605845SUSE bug 634562SUSE bug 648140CVE-2010-1172openSUSE Leap 42.1
DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties, as demonstrated by properties of the (1) DeviceKit-Power, (2) NetworkManager, and (3) ModemManager services.
ImportantCVE-2010-1172SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 628607SUSE bug 633621SUSE bug 633622SUSE bug 633623SUSE bug 633629SUSE bug 633637SUSE bug 633639SUSE bug 633648SUSE bug 633652SUSE bug 633653SUSE bug 633654SUSE bug 633658SUSE bug 633660SUSE bug 633678SUSE bug 633679SUSE bug 633681SUSE bug 633682SUSE bug 633685SUSE bug 633686SUSE bug 633700SUSE bug 633701SUSE bug 633702SUSE bug 628607SUSE bug 628607SUSE bug 628607CVE-2010-1196openSUSE Leap 42.1
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
ImportantCVE-2010-1196SUSE bug 603356SUSE bug 617399CVE-2010-1197openSUSE Leap 42.1
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.
ModerateCVE-2010-1197SUSE bug 603356SUSE bug 617399CVE-2010-1198openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.
ImportantCVE-2010-1198SUSE bug 603356SUSE bug 617399CVE-2010-1199openSUSE Leap 42.1
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
ImportantCVE-2010-1199SUSE bug 603356SUSE bug 617399CVE-2010-1200openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-1200SUSE bug 603356SUSE bug 617399CVE-2010-1201openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2010-1201SUSE bug 603356SUSE bug 617399CVE-2010-1202openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-1202SUSE bug 603356SUSE bug 617399CVE-2010-1203openSUSE Leap 42.1
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.
ImportantCVE-2010-1203SUSE bug 603356SUSE bug 617399CVE-2010-1205openSUSE Leap 42.1
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CriticalCVE-2010-1205SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 622506SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 639941SUSE bug 639941SUSE bug 639941SUSE bug 639941SUSE bug 617866SUSE bug 639941SUSE bug 617866SUSE bug 639941SUSE bug 639941SUSE bug 639941SUSE bug 617866SUSE bug 617866SUSE bug 617866SUSE bug 854395SUSE bug 617866CVE-2010-1206openSUSE Leap 42.1
The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.
ModerateCVE-2010-1206SUSE bug 618183SUSE bug 622506CVE-2010-1207openSUSE Leap 42.1
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
ModerateCVE-2010-1207SUSE bug 622506CVE-2010-1208openSUSE Leap 42.1
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.
ImportantCVE-2010-1208SUSE bug 622506CVE-2010-1209openSUSE Leap 42.1
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.
ImportantCVE-2010-1209SUSE bug 622506CVE-2010-1210openSUSE Leap 42.1
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
ModerateCVE-2010-1210SUSE bug 622506CVE-2010-1211openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-1211SUSE bug 622506CVE-2010-1212openSUSE Leap 42.1
js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.
ImportantCVE-2010-1212SUSE bug 622506CVE-2010-1213openSUSE Leap 42.1
The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.
ModerateCVE-2010-1213SUSE bug 622506CVE-2010-1214openSUSE Leap 42.1
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
ImportantCVE-2010-1214SUSE bug 622506CVE-2010-1215openSUSE Leap 42.1
Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object from the chrome scope."
ImportantCVE-2010-1215SUSE bug 622506CVE-2010-1320openSUSE Leap 42.1
Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.
ImportantCVE-2010-1320SUSE bug 596002CVE-2010-1321openSUSE Leap 42.1
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
CriticalCVE-2010-1321SUSE bug 596826SUSE bug 596826SUSE bug 611090SUSE bug 646073SUSE bug 648950SUSE bug 658525SUSE bug 659926SUSE bug 663953SUSE bug 679560CVE-2010-1322openSUSE Leap 42.1
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
ImportantCVE-2010-1322SUSE bug 640990SUSE bug 640990CVE-2010-1323openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
ImportantCVE-2010-1323SUSE bug 650650CVE-2010-1324openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
ImportantCVE-2010-1324SUSE bug 650650CVE-2010-1436openSUSE Leap 42.1
gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
ImportantCVE-2010-1436SUSE bug 599957CVE-2010-1452openSUSE Leap 42.1
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
ImportantCVE-2010-1452SUSE bug 627030SUSE bug 627030SUSE bug 627030SUSE bug 627030CVE-2010-1455openSUSE Leap 42.1
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
ImportantCVE-2010-1455SUSE bug 603251SUSE bug 603251CVE-2010-1585openSUSE Leap 42.1
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
ImportantCVE-2010-1585SUSE bug 667155SUSE bug 679570CVE-2010-1623openSUSE Leap 42.1
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
ModerateCVE-2010-1623SUSE bug 650435SUSE bug 650435SUSE bug 693778SUSE bug 725950SUSE bug 997229SUSE bug 997229CVE-2010-1624openSUSE Leap 42.1
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
ImportantCVE-2010-1624SUSE bug 604225CVE-2010-1633openSUSE Leap 42.1
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.
LowCVE-2010-1633SUSE bug 610642CVE-2010-1635openSUSE Leap 42.1
The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value.
ImportantCVE-2010-1635SUSE bug 605935CVE-2010-1641openSUSE Leap 42.1
The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
ImportantCVE-2010-1641SUSE bug 608576SUSE bug 608576SUSE bug 608576CVE-2010-1642openSUSE Leap 42.1
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.
ImportantCVE-2010-1642SUSE bug 605935SUSE bug 605935CVE-2010-1646openSUSE Leap 42.1
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
ImportantCVE-2010-1646SUSE bug 594738SUSE bug 594738CVE-2010-1674openSUSE Leap 42.1
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute.
LowCVE-2010-1674SUSE bug 654270SUSE bug 654270SUSE bug 654270SUSE bug 685558CVE-2010-1675openSUSE Leap 42.1
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
LowCVE-2010-1675SUSE bug 654270SUSE bug 654270SUSE bug 654270SUSE bug 685558CVE-2010-1748openSUSE Leap 42.1
The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs.
ImportantCVE-2010-1748SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 644521SUSE bug 604271SUSE bug 604271SUSE bug 604271SUSE bug 649256SUSE bug 604271SUSE bug 601352SUSE bug 604271SUSE bug 601352SUSE bug 604271SUSE bug 657780SUSE bug 604271SUSE bug 604271CVE-2010-2063openSUSE Leap 42.1
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
ImportantCVE-2010-2063SUSE bug 611927SUSE bug 611927SUSE bug 611927CVE-2010-2065openSUSE Leap 42.1
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
ModerateCVE-2010-2065SUSE bug 612879SUSE bug 612879SUSE bug 612879SUSE bug 612787SUSE bug 612879SUSE bug 612879SUSE bug 612879CVE-2010-2066openSUSE Leap 42.1
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
LowCVE-2010-2066SUSE bug 612457CVE-2010-2067openSUSE Leap 42.1
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
ImportantCVE-2010-2067SUSE bug 612787SUSE bug 612879SUSE bug 612787SUSE bug 612879SUSE bug 612787CVE-2010-2068openSUSE Leap 42.1
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
ImportantCVE-2010-2068SUSE bug 627030SUSE bug 627387SUSE bug 627387SUSE bug 627030CVE-2010-2074openSUSE Leap 42.1
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2010-2074SUSE bug 609451CVE-2010-2156openSUSE Leap 42.1
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
ImportantCVE-2010-2156SUSE bug 612546CVE-2010-2225openSUSE Leap 42.1
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
CriticalCVE-2010-2225SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232SUSE bug 616232CVE-2010-2233openSUSE Leap 42.1
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."
ImportantCVE-2010-2233SUSE bug 612879SUSE bug 612879CVE-2010-2240openSUSE Leap 42.1
The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
ImportantCVE-2010-2240SUSE bug 615929SUSE bug 618152SUSE bug 618152SUSE bug 618152SUSE bug 618152SUSE bug 618152SUSE bug 615929SUSE bug 618152SUSE bug 211997SUSE bug 59807SUSE bug 618152SUSE bug 546062SUSE bug 618152SUSE bug 643986SUSE bug 632737SUSE bug 746947SUSE bug 746947SUSE bug 746947SUSE bug 746947SUSE bug 746949SUSE bug 746949SUSE bug 615929SUSE bug 1039348SUSE bug 1039348CVE-2010-2242openSUSE Leap 42.1
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.
ModerateCVE-2010-2242SUSE bug 618155SUSE bug 618155CVE-2010-2244openSUSE Leap 42.1
The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
LowCVE-2010-2244SUSE bug 603289SUSE bug 646961SUSE bug 603289CVE-2010-2252openSUSE Leap 42.1
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
ModerateCVE-2010-2252SUSE bug 606317SUSE bug 606317CVE-2010-2494openSUSE Leap 42.1
Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.
ModerateCVE-2010-2494SUSE bug 619847SUSE bug 619847CVE-2010-2497openSUSE Leap 42.1
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
ImportantCVE-2010-2497SUSE bug 619562SUSE bug 619562SUSE bug 619562SUSE bug 635692CVE-2010-2528openSUSE Leap 42.1
The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element.
ImportantCVE-2010-2528SUSE bug 630965CVE-2010-2529openSUSE Leap 42.1
Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.
CriticalCVE-2010-2529SUSE bug 620837CVE-2010-2546openSUSE Leap 42.1
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.
ModerateCVE-2010-2546SUSE bug 625547SUSE bug 752802SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547SUSE bug 625547CVE-2010-2547openSUSE Leap 42.1
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.
ImportantCVE-2010-2547SUSE bug 625947SUSE bug 625947CVE-2010-2640openSUSE Leap 42.1
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2640SUSE bug 660555CVE-2010-2641openSUSE Leap 42.1
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2641SUSE bug 660555CVE-2010-2642openSUSE Leap 42.1
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
CriticalCVE-2010-2642SUSE bug 660555SUSE bug 661018SUSE bug 664484SUSE bug 662411SUSE bug 790421SUSE bug 790421CVE-2010-2643openSUSE Leap 42.1
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
ModerateCVE-2010-2643SUSE bug 660555CVE-2010-2751openSUSE Leap 42.1
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
LowCVE-2010-2751SUSE bug 622506CVE-2010-2752openSUSE Leap 42.1
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
ImportantCVE-2010-2752SUSE bug 622506CVE-2010-2753openSUSE Leap 42.1
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.
ImportantCVE-2010-2753SUSE bug 622506SUSE bug 637303CVE-2010-2754openSUSE Leap 42.1
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.
ModerateCVE-2010-2754SUSE bug 622506CVE-2010-2755openSUSE Leap 42.1
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.
ImportantCVE-2010-2755SUSE bug 622506CVE-2010-2760openSUSE Leap 42.1
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.
ImportantCVE-2010-2760SUSE bug 638109SUSE bug 637303CVE-2010-2761openSUSE Leap 42.1
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.
ImportantCVE-2010-2761SUSE bug 657343SUSE bug 657343SUSE bug 657343SUSE bug 657343SUSE bug 657731SUSE bug 657731SUSE bug 663396SUSE bug 669245SUSE bug 670476CVE-2010-2762openSUSE Leap 42.1
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
ImportantCVE-2010-2762SUSE bug 637303CVE-2010-2764openSUSE Leap 42.1
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.
ImportantCVE-2010-2764SUSE bug 638109SUSE bug 637303CVE-2010-2765openSUSE Leap 42.1
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.
ImportantCVE-2010-2765SUSE bug 638109SUSE bug 637303CVE-2010-2766openSUSE Leap 42.1
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.
ImportantCVE-2010-2766SUSE bug 638109SUSE bug 637303CVE-2010-2767openSUSE Leap 42.1
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
ImportantCVE-2010-2767SUSE bug 638109SUSE bug 637303CVE-2010-2768openSUSE Leap 42.1
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.
ImportantCVE-2010-2768SUSE bug 638109SUSE bug 637303CVE-2010-2769openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.
ImportantCVE-2010-2769SUSE bug 638109SUSE bug 637303CVE-2010-2800openSUSE Leap 42.1
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.
ModerateCVE-2010-2800SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753CVE-2010-2801openSUSE Leap 42.1
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
ModerateCVE-2010-2801SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753SUSE bug 627753CVE-2010-2805openSUSE Leap 42.1
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
ImportantCVE-2010-2805SUSE bug 629447SUSE bug 629447SUSE bug 635692CVE-2010-2891openSUSE Leap 42.1
Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters.
ModerateCVE-2010-2891SUSE bug 649867SUSE bug 649867CVE-2010-2935openSUSE Leap 42.1
simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error."
ImportantCVE-2010-2935SUSE bug 629085CVE-2010-2936openSUSE Leap 42.1
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
ImportantCVE-2010-2936SUSE bug 629085CVE-2010-2939openSUSE Leap 42.1
Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue.
ModerateCVE-2010-2939SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905SUSE bug 629905CVE-2010-2941openSUSE Leap 42.1
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
LowCVE-2010-2941SUSE bug 649256SUSE bug 649256SUSE bug 649256SUSE bug 654627CVE-2010-2942openSUSE Leap 42.1
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
ImportantCVE-2010-2942SUSE bug 632309SUSE bug 642324CVE-2010-2947openSUSE Leap 42.1
Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.
ImportantCVE-2010-2947SUSE bug 631582SUSE bug 631582CVE-2010-2950openSUSE Leap 42.1
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2094.
CriticalCVE-2010-2950SUSE bug 633934CVE-2010-2954openSUSE Leap 42.1
The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket.
ImportantCVE-2010-2954SUSE bug 636112SUSE bug 636112CVE-2010-2955openSUSE Leap 42.1
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.
ImportantCVE-2010-2955SUSE bug 635413SUSE bug 635413CVE-2010-2993openSUSE Leap 42.1
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
ImportantCVE-2010-2993SUSE bug 630599SUSE bug 630599CVE-2010-3053openSUSE Leap 42.1
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
ImportantCVE-2010-3053SUSE bug 633938SUSE bug 633938SUSE bug 635692SUSE bug 635692SUSE bug 645982CVE-2010-3054openSUSE Leap 42.1
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
ImportantCVE-2010-3054SUSE bug 633943SUSE bug 633943SUSE bug 633943SUSE bug 635692SUSE bug 645982CVE-2010-3069openSUSE Leap 42.1
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
CriticalCVE-2010-3069SUSE bug 637218SUSE bug 637218CVE-2010-3081openSUSE Leap 42.1
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
CriticalCVE-2010-3081SUSE bug 639709SUSE bug 639709SUSE bug 639709SUSE bug 641575SUSE bug 641575SUSE bug 641575SUSE bug 641575SUSE bug 871595SUSE bug 639709CVE-2010-3166openSUSE Leap 42.1
Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.
ImportantCVE-2010-3166SUSE bug 638109SUSE bug 637303CVE-2010-3167openSUSE Leap 42.1
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."
ImportantCVE-2010-3167SUSE bug 638109SUSE bug 637303CVE-2010-3168openSUSE Leap 42.1
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.
ImportantCVE-2010-3168SUSE bug 638109SUSE bug 637303CVE-2010-3169openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-3169SUSE bug 638109SUSE bug 637303CVE-2010-3170openSUSE Leap 42.1
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2010-3170SUSE bug 637290SUSE bug 645315SUSE bug 652858SUSE bug 637290CVE-2010-3173openSUSE Leap 42.1
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
ModerateCVE-2010-3173SUSE bug 645315CVE-2010-3174openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-3174SUSE bug 645315SUSE bug 652858CVE-2010-3175openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-3175SUSE bug 645315SUSE bug 652858CVE-2010-3176openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-3176SUSE bug 645315SUSE bug 652858CVE-2010-3177openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
ModerateCVE-2010-3177SUSE bug 645315SUSE bug 652858CVE-2010-3178openSUSE Leap 42.1
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.
ModerateCVE-2010-3178SUSE bug 645315SUSE bug 652858CVE-2010-3179openSUSE Leap 42.1
Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
ImportantCVE-2010-3179SUSE bug 645315SUSE bug 652858CVE-2010-3180openSUSE Leap 42.1
Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.
ImportantCVE-2010-3180SUSE bug 645315SUSE bug 652858CVE-2010-3182openSUSE Leap 42.1
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
ModerateCVE-2010-3182SUSE bug 642502SUSE bug 645315SUSE bug 652858CVE-2010-3183openSUSE Leap 42.1
The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.
ImportantCVE-2010-3183SUSE bug 645315SUSE bug 652858CVE-2010-3296openSUSE Leap 42.1
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.
ModerateCVE-2010-3296SUSE bug 639481SUSE bug 649187SUSE bug 649187CVE-2010-3297openSUSE Leap 42.1
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
ModerateCVE-2010-3297SUSE bug 639482SUSE bug 649187SUSE bug 649187CVE-2010-3298openSUSE Leap 42.1
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
ModerateCVE-2010-3298SUSE bug 639483SUSE bug 649187SUSE bug 649187CVE-2010-3301openSUSE Leap 42.1
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.
CriticalCVE-2010-3301SUSE bug 639708SUSE bug 639708CVE-2010-3310openSUSE Leap 42.1
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions.
CriticalCVE-2010-3310SUSE bug 640721CVE-2010-3311openSUSE Leap 42.1
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
ImportantCVE-2010-3311SUSE bug 641580SUSE bug 635692SUSE bug 645982CVE-2010-3315openSUSE Leap 42.1
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
ImportantCVE-2010-3315SUSE bug 649861CVE-2010-3430openSUSE Leap 42.1
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
ModerateCVE-2010-3430SUSE bug 623457SUSE bug 631802CVE-2010-3431openSUSE Leap 42.1
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
ModerateCVE-2010-3431SUSE bug 623457CVE-2010-3433openSUSE Leap 42.1
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
ImportantCVE-2010-3433SUSE bug 643771SUSE bug 648140CVE-2010-3436openSUSE Leap 42.1
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.
ModerateCVE-2010-3436SUSE bug 642733SUSE bug 992991CVE-2010-3445openSUSE Leap 42.1
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
ImportantCVE-2010-3445SUSE bug 643078SUSE bug 643078CVE-2010-3609openSUSE Leap 42.1
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-3609SUSE bug 642571CVE-2010-3611openSUSE Leap 42.1
ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field.
ModerateCVE-2010-3611SUSE bug 650902SUSE bug 650902SUSE bug 667655CVE-2010-3613openSUSE Leap 42.1
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
CriticalCVE-2010-3613SUSE bug 657129CVE-2010-3614openSUSE Leap 42.1
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
ModerateCVE-2010-3614SUSE bug 657102SUSE bug 657102CVE-2010-3615openSUSE Leap 42.1
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
CriticalCVE-2010-3615SUSE bug 657120CVE-2010-3616openSUSE Leap 42.1
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520.
ModerateCVE-2010-3616SUSE bug 659059CVE-2010-3709openSUSE Leap 42.1
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
ModerateCVE-2010-3709SUSE bug 660102SUSE bug 660102SUSE bug 992991CVE-2010-3710openSUSE Leap 42.1
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.
ModerateCVE-2010-3710SUSE bug 649210SUSE bug 649210CVE-2010-3711openSUSE Leap 42.1
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.
ModerateCVE-2010-3711SUSE bug 648273CVE-2010-3765openSUSE Leap 42.1
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
ImportantCVE-2010-3765SUSE bug 649492SUSE bug 652858CVE-2010-3768openSUSE Leap 42.1
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.
ImportantCVE-2010-3768SUSE bug 657016CVE-2010-3769openSUSE Leap 42.1
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.
CriticalCVE-2010-3769SUSE bug 657016CVE-2010-3776openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-3776SUSE bug 657016CVE-2010-3777openSUSE Leap 42.1
Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2010-3777SUSE bug 657016CVE-2010-3778openSUSE Leap 42.1
Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2010-3778SUSE bug 657016CVE-2010-3814openSUSE Leap 42.1
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
ImportantCVE-2010-3814SUSE bug 647375SUSE bug 647375SUSE bug 647375SUSE bug 689174CVE-2010-3853openSUSE Leap 42.1
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
ImportantCVE-2010-3853SUSE bug 647958SUSE bug 647958CVE-2010-3855openSUSE Leap 42.1
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
ImportantCVE-2010-3855SUSE bug 647375SUSE bug 647375SUSE bug 647375SUSE bug 689174CVE-2010-3864openSUSE Leap 42.1
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.
ImportantCVE-2010-3864SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 629905SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003SUSE bug 651003CVE-2010-4000openSUSE Leap 42.1
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
LowCVE-2010-4000SUSE bug 642827CVE-2010-4003openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Not setCVE-2010-4003SUSE bug 642829CVE-2010-4020openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
ImportantCVE-2010-4020SUSE bug 650650CVE-2010-4021openSUSE Leap 42.1
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."
ImportantCVE-2010-4021SUSE bug 650650CVE-2010-4022openSUSE Leap 42.1
The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
ModerateCVE-2010-4022SUSE bug 662665CVE-2010-4150openSUSE Leap 42.1
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
ImportantCVE-2010-4150SUSE bug 655968CVE-2010-4225openSUSE Leap 42.1
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx (ASP.NET) applications via unknown vectors related to an "unloading bug."
ModerateCVE-2010-4225SUSE bug 660070CVE-2010-4267openSUSE Leap 42.1
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
ImportantCVE-2010-4267SUSE bug 336658SUSE bug 336658SUSE bug 336658SUSE bug 808355CVE-2010-4300openSUSE Leap 42.1
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.
ImportantCVE-2010-4300SUSE bug 655448SUSE bug 655448CVE-2010-4301openSUSE Leap 42.1
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
ImportantCVE-2010-4301SUSE bug 655448CVE-2010-4341openSUSE Leap 42.1
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
ModerateCVE-2010-4341SUSE bug 660481SUSE bug 660481CVE-2010-4352openSUSE Leap 42.1
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
LowCVE-2010-4352SUSE bug 659934CVE-2010-4410openSUSE Leap 42.1
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
ImportantCVE-2010-4410SUSE bug 660127SUSE bug 657343SUSE bug 663396SUSE bug 670476CVE-2010-4411openSUSE Leap 42.1
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.
ImportantCVE-2010-4411SUSE bug 657343SUSE bug 657343SUSE bug 657731SUSE bug 657731SUSE bug 657343SUSE bug 657731SUSE bug 663396SUSE bug 663396SUSE bug 669245SUSE bug 670476CVE-2010-4494openSUSE Leap 42.1
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
ImportantCVE-2010-4494SUSE bug 661471CVE-2010-4531openSUSE Leap 42.1
Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.
ModerateCVE-2010-4531SUSE bug 661000CVE-2010-4538openSUSE Leap 42.1
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
ImportantCVE-2010-4538SUSE bug 662029SUSE bug 662029CVE-2010-4539openSUSE Leap 42.1
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
ModerateCVE-2010-4539SUSE bug 662030SUSE bug 662030SUSE bug 662030SUSE bug 662030CVE-2010-4540openSUSE Leap 42.1
Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-4540SUSE bug 662043SUSE bug 662043SUSE bug 662043CVE-2010-4541openSUSE Leap 42.1
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself.
ModerateCVE-2010-4541SUSE bug 662043SUSE bug 662043SUSE bug 662043CVE-2010-4542openSUSE Leap 42.1
Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information.
ModerateCVE-2010-4542SUSE bug 662043SUSE bug 662043SUSE bug 662043CVE-2010-4543openSUSE Leap 42.1
Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image. NOTE: some of these details are obtained from third party information.
ImportantCVE-2010-4543SUSE bug 662043SUSE bug 662043SUSE bug 662043SUSE bug 662043SUSE bug 692877CVE-2010-4644openSUSE Leap 42.1
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
ModerateCVE-2010-4644SUSE bug 662030SUSE bug 662030CVE-2010-4645openSUSE Leap 42.1
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
ImportantCVE-2010-4645SUSE bug 662932SUSE bug 662932CVE-2010-4651openSUSE Leap 42.1
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
LowCVE-2010-4651SUSE bug 662957SUSE bug 662957SUSE bug 662957SUSE bug 662957SUSE bug 662957SUSE bug 662957SUSE bug 662957SUSE bug 662957CVE-2010-4665openSUSE Leap 42.1
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.
ModerateCVE-2010-4665SUSE bug 687442SUSE bug 854393CVE-2010-4777openSUSE Leap 42.1
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.
ImportantCVE-2010-4777CVE-2010-5298openSUSE Leap 42.1
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
ModerateCVE-2010-5298SUSE bug 873351SUSE bug 873351SUSE bug 873351SUSE bug 873351SUSE bug 880891SUSE bug 883126SUSE bug 915913SUSE bug 873351SUSE bug 873351CVE-2011-0010openSUSE Leap 42.1
check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
ModerateCVE-2011-0010SUSE bug 663881CVE-2011-0014openSUSE Leap 42.1
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."
ImportantCVE-2011-0014SUSE bug 670526CVE-2011-0020openSUSE Leap 42.1
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
ImportantCVE-2011-0020SUSE bug 666101CVE-2011-0024openSUSE Leap 42.1
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
ModerateCVE-2011-0024SUSE bug 683335CVE-2011-0053openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2011-0053SUSE bug 667155SUSE bug 679570CVE-2011-0061openSUSE Leap 42.1
Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
ImportantCVE-2011-0061SUSE bug 667155SUSE bug 679570CVE-2011-0062openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2011-0062SUSE bug 667155SUSE bug 679570CVE-2011-0064openSUSE Leap 42.1
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
ImportantCVE-2011-0064SUSE bug 672502SUSE bug 666101CVE-2011-0068openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Not setCVE-2011-0068SUSE bug 689281CVE-2011-0069openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.
ImportantCVE-2011-0069SUSE bug 689281CVE-2011-0070openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.
ImportantCVE-2011-0070SUSE bug 689281CVE-2011-0072openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.
ImportantCVE-2011-0072SUSE bug 689281CVE-2011-0074openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.
ImportantCVE-2011-0074SUSE bug 689281CVE-2011-0075openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078.
ModerateCVE-2011-0075SUSE bug 689281CVE-2011-0077openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078.
ImportantCVE-2011-0077SUSE bug 689281CVE-2011-0078openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077.
ModerateCVE-2011-0078SUSE bug 689281CVE-2011-0079openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.
CriticalCVE-2011-0079SUSE bug 689281CVE-2011-0080openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2011-0080SUSE bug 689281CVE-2011-0081openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2011-0081SUSE bug 689281CVE-2011-0083openSUSE Leap 42.1
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
CriticalCVE-2011-0083SUSE bug 701296SUSE bug 704750CVE-2011-0084openSUSE Leap 42.1
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
CriticalCVE-2011-0084SUSE bug 712224SUSE bug 712224CVE-2011-0085openSUSE Leap 42.1
Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.
CriticalCVE-2011-0085SUSE bug 701995SUSE bug 701296SUSE bug 704750CVE-2011-0192openSUSE Leap 42.1
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.
CriticalCVE-2011-0192SUSE bug 672510SUSE bug 682053SUSE bug 682871SUSE bug 682871SUSE bug 854393CVE-2011-0226openSUSE Leap 42.1
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
ImportantCVE-2011-0226SUSE bug 704612SUSE bug 704612SUSE bug 704612SUSE bug 728044CVE-2011-0281openSUSE Leap 42.1
The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
ImportantCVE-2011-0281SUSE bug 663619SUSE bug 663619CVE-2011-0282openSUSE Leap 42.1
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
ModerateCVE-2011-0282SUSE bug 663619SUSE bug 663619CVE-2011-0284openSUSE Leap 42.1
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.
ImportantCVE-2011-0284SUSE bug 671717CVE-2011-0285openSUSE Leap 42.1
The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.
ModerateCVE-2011-0285SUSE bug 687469CVE-2011-0413openSUSE Leap 42.1
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.
CriticalCVE-2011-0413SUSE bug 667655SUSE bug 667655SUSE bug 680298CVE-2011-0414openSUSE Leap 42.1
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
CriticalCVE-2011-0414SUSE bug 674431SUSE bug 674431CVE-2011-0419openSUSE Leap 42.1
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
ImportantCVE-2011-0419SUSE bug 693778SUSE bug 693778SUSE bug 693778SUSE bug 693778SUSE bug 693778SUSE bug 700212SUSE bug 693778SUSE bug 693778CVE-2011-0420openSUSE Leap 42.1
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
ImportantCVE-2011-0420SUSE bug 672933SUSE bug 672933CVE-2011-0421openSUSE Leap 42.1
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.
ModerateCVE-2011-0421SUSE bug 681193CVE-2011-0460openSUSE Leap 42.1
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.
ImportantCVE-2011-0460CVE-2011-0461openSUSE Leap 42.1
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
ImportantCVE-2011-0461SUSE bug 665479CVE-2011-0465openSUSE Leap 42.1
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
ImportantCVE-2011-0465SUSE bug 674733SUSE bug 674733SUSE bug 674733SUSE bug 674733SUSE bug 674733SUSE bug 688931CVE-2011-0523openSUSE Leap 42.1
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
ModerateCVE-2011-0523SUSE bug 666839CVE-2011-0524openSUSE Leap 42.1
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
ModerateCVE-2011-0524SUSE bug 666839CVE-2011-0538openSUSE Leap 42.1
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
ImportantCVE-2011-0538SUSE bug 669908CVE-2011-0541openSUSE Leap 42.1
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.
ImportantCVE-2011-0541SUSE bug 668820SUSE bug 668820SUSE bug 685055CVE-2011-0707openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
ImportantCVE-2011-0707SUSE bug 671745CVE-2011-0708openSUSE Leap 42.1
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
ImportantCVE-2011-0708SUSE bug 671710CVE-2011-0711openSUSE Leap 42.1
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
ImportantCVE-2011-0711SUSE bug 672524SUSE bug 672505CVE-2011-0712openSUSE Leap 42.1
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.
ImportantCVE-2011-0712SUSE bug 672499SUSE bug 672499CVE-2011-0713openSUSE Leap 42.1
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
ImportantCVE-2011-0713SUSE bug 672916CVE-2011-0715openSUSE Leap 42.1
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.
ModerateCVE-2011-0715SUSE bug 676949CVE-2011-0719openSUSE Leap 42.1
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.
ImportantCVE-2011-0719SUSE bug 670431CVE-2011-0904openSUSE Leap 42.1
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
ImportantCVE-2011-0904SUSE bug 690238SUSE bug 690238SUSE bug 691207SUSE bug 690238SUSE bug 691207SUSE bug 691356SUSE bug 690238SUSE bug 691207SUSE bug 690238SUSE bug 691207SUSE bug 691207SUSE bug 691207SUSE bug 690238SUSE bug 691207CVE-2011-0905openSUSE Leap 42.1
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.
LowCVE-2011-0905SUSE bug 690238SUSE bug 690238SUSE bug 691207SUSE bug 690238SUSE bug 691207SUSE bug 691356SUSE bug 690238SUSE bug 691207SUSE bug 690238SUSE bug 691207SUSE bug 691207SUSE bug 691207SUSE bug 690238SUSE bug 691207CVE-2011-0997openSUSE Leap 42.1
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
ImportantCVE-2011-0997SUSE bug 675052SUSE bug 675052SUSE bug 689182SUSE bug 708527SUSE bug 715172CVE-2011-1000openSUSE Leap 42.1
jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.
ImportantCVE-2011-1000SUSE bug 673257SUSE bug 673257CVE-2011-1002openSUSE Leap 42.1
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
LowCVE-2011-1002SUSE bug 671797CVE-2011-1004openSUSE Leap 42.1
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
ImportantCVE-2011-1004SUSE bug 673740CVE-2011-1005openSUSE Leap 42.1
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
ModerateCVE-2011-1005SUSE bug 673750SUSE bug 783511SUSE bug 783525SUSE bug 673750SUSE bug 880899SUSE bug 673750SUSE bug 673750SUSE bug 673750CVE-2011-1020openSUSE Leap 42.1
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
ImportantCVE-2011-1020SUSE bug 674982CVE-2011-1091openSUSE Leap 42.1
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.
LowCVE-2011-1091SUSE bug 736189SUSE bug 736189SUSE bug 736189SUSE bug 736189SUSE bug 736189SUSE bug 736189SUSE bug 736189SUSE bug 736189CVE-2011-1092openSUSE Leap 42.1
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
ModerateCVE-2011-1092SUSE bug 677782CVE-2011-1097openSUSE Leap 42.1
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
ModerateCVE-2011-1097SUSE bug 684387CVE-2011-1098openSUSE Leap 42.1
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
ModerateCVE-2011-1098SUSE bug 677336SUSE bug 677335SUSE bug 677335SUSE bug 1007000SUSE bug 677335SUSE bug 677335CVE-2011-1138openSUSE Leap 42.1
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.
ModerateCVE-2011-1138SUSE bug 678567CVE-2011-1139openSUSE Leap 42.1
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
ModerateCVE-2011-1139SUSE bug 678568CVE-2011-1140openSUSE Leap 42.1
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.
ModerateCVE-2011-1140SUSE bug 678569CVE-2011-1143openSUSE Leap 42.1
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
ModerateCVE-2011-1143SUSE bug 678571CVE-2011-1145openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2011-1145SUSE bug 678796SUSE bug 764737CVE-2011-1146openSUSE Leap 42.1
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.
ImportantCVE-2011-1146SUSE bug 678406CVE-2011-1153openSUSE Leap 42.1
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call.
ModerateCVE-2011-1153SUSE bug 778941SUSE bug 992991CVE-2011-1154openSUSE Leap 42.1
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
ImportantCVE-2011-1154SUSE bug 679661SUSE bug 677335SUSE bug 681984CVE-2011-1155openSUSE Leap 42.1
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
ModerateCVE-2011-1155SUSE bug 679662SUSE bug 677335CVE-2011-1164openSUSE Leap 42.1
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
ModerateCVE-2011-1164SUSE bug 680072SUSE bug 680072CVE-2011-1167openSUSE Leap 42.1
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
ImportantCVE-2011-1167SUSE bug 683337SUSE bug 854393CVE-2011-1176openSUSE Leap 42.1
The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.
ModerateCVE-2011-1176SUSE bug 681176CVE-2011-1180openSUSE Leap 42.1
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.
ImportantCVE-2011-1180SUSE bug 681497CVE-2011-1187openSUSE Leap 42.1
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
ImportantCVE-2011-1187SUSE bug 758408CVE-2011-1202openSUSE Leap 42.1
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
LowCVE-2011-1202SUSE bug 689281SUSE bug 692619CVE-2011-1466openSUSE Leap 42.1
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
ModerateCVE-2011-1466SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 733590SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169SUSE bug 736169CVE-2011-1485openSUSE Leap 42.1
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
ImportantCVE-2011-1485SUSE bug 688788SUSE bug 688788SUSE bug 688788CVE-2011-1521openSUSE Leap 42.1
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs.
ImportantCVE-2011-1521SUSE bug 682554SUSE bug 682554CVE-2011-1523openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter.
ModerateCVE-2011-1523SUSE bug 682966SUSE bug 697895SUSE bug 682966CVE-2011-1527openSUSE Leap 42.1
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.
CriticalCVE-2011-1527SUSE bug 719393SUSE bug 743742CVE-2011-1528openSUSE Leap 42.1
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151.
CriticalCVE-2011-1528SUSE bug 719393SUSE bug 743742CVE-2011-1529openSUSE Leap 42.1
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
CriticalCVE-2011-1529SUSE bug 719393SUSE bug 743742CVE-2011-1530openSUSE Leap 42.1
The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.
ModerateCVE-2011-1530SUSE bug 730393SUSE bug 730393CVE-2011-1577openSUSE Leap 42.1
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
ModerateCVE-2011-1577SUSE bug 687113SUSE bug 692784SUSE bug 692784CVE-2011-1581openSUSE Leap 42.1
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
ModerateCVE-2011-1581SUSE bug 687116SUSE bug 687116CVE-2011-1588openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2011-1588SUSE bug 687874CVE-2011-1590openSUSE Leap 42.1
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
ImportantCVE-2011-1590SUSE bug 688109SUSE bug 688109CVE-2011-1591openSUSE Leap 42.1
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
ImportantCVE-2011-1591SUSE bug 688109SUSE bug 688109CVE-2011-1592openSUSE Leap 42.1
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
ModerateCVE-2011-1592SUSE bug 688109SUSE bug 688109CVE-2011-1709openSUSE Leap 42.1
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
ModerateCVE-2011-1709SUSE bug 694858CVE-2011-1752openSUSE Leap 42.1
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
ImportantCVE-2011-1752SUSE bug 698205CVE-2011-1758openSUSE Leap 42.1
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.
ImportantCVE-2011-1758SUSE bug 691135SUSE bug 691135SUSE bug 691135SUSE bug 691135CVE-2011-1761openSUSE Leap 42.1
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.
ImportantCVE-2011-1761SUSE bug 691137SUSE bug 710726CVE-2011-1783openSUSE Leap 42.1
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
ImportantCVE-2011-1783SUSE bug 698205CVE-2011-1898openSUSE Leap 42.1
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
ImportantCVE-2011-1898SUSE bug 702025SUSE bug 724906SUSE bug 724906SUSE bug 702025SUSE bug 724906CVE-2011-1907openSUSE Leap 42.1
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
ImportantCVE-2011-1907SUSE bug 692210CVE-2011-1910openSUSE Leap 42.1
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
ImportantCVE-2011-1910SUSE bug 696585SUSE bug 696585SUSE bug 698286SUSE bug 698286SUSE bug 698286CVE-2011-1921openSUSE Leap 42.1
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly readable in the past, which allows remote attackers to obtain sensitive information via a replay REPORT operation.
ImportantCVE-2011-1921SUSE bug 698205SUSE bug 698205CVE-2011-1928openSUSE Leap 42.1
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419.
LowCVE-2011-1928SUSE bug 693778SUSE bug 693778SUSE bug 693778SUSE bug 693778CVE-2011-1944openSUSE Leap 42.1
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
ModerateCVE-2011-1944SUSE bug 697372SUSE bug 697372CVE-2011-1946openSUSE Leap 42.1
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts.
ImportantCVE-2011-1946SUSE bug 695627CVE-2011-1947openSUSE Leap 42.1
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets.
ImportantCVE-2011-1947SUSE bug 697368SUSE bug 697368CVE-2011-1957openSUSE Leap 42.1
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
ImportantCVE-2011-1957SUSE bug 697516SUSE bug 697516CVE-2011-1958openSUSE Leap 42.1
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.
ImportantCVE-2011-1958SUSE bug 697516SUSE bug 697516CVE-2011-1959openSUSE Leap 42.1
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
ImportantCVE-2011-1959SUSE bug 697516SUSE bug 697516CVE-2011-2054openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CriticalCVE-2011-2054SUSE bug 709167CVE-2011-2174openSUSE Leap 42.1
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
ImportantCVE-2011-2174SUSE bug 697516SUSE bug 697516CVE-2011-2175openSUSE Leap 42.1
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.
ImportantCVE-2011-2175SUSE bug 697516SUSE bug 697516CVE-2011-2186openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2011-2186SUSE bug 698456CVE-2011-2199openSUSE Leap 42.1
Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.
ModerateCVE-2011-2199SUSE bug 699714SUSE bug 699714CVE-2011-2202openSUSE Leap 42.1
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
LowCVE-2011-2202SUSE bug 699711CVE-2011-2203openSUSE Leap 42.1
The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.
ModerateCVE-2011-2203SUSE bug 699709CVE-2011-2362openSUSE Leap 42.1
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.
ModerateCVE-2011-2362SUSE bug 701296SUSE bug 704750CVE-2011-2363openSUSE Leap 42.1
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
ImportantCVE-2011-2363SUSE bug 702020SUSE bug 701296CVE-2011-2364openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.
CriticalCVE-2011-2364SUSE bug 701296CVE-2011-2365openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
CriticalCVE-2011-2365SUSE bug 701296CVE-2011-2366openSUSE Leap 42.1
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
ModerateCVE-2011-2366SUSE bug 701296CVE-2011-2367openSUSE Leap 42.1
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.
ImportantCVE-2011-2367SUSE bug 701296CVE-2011-2368openSUSE Leap 42.1
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CriticalCVE-2011-2368SUSE bug 701296CVE-2011-2369openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.
ModerateCVE-2011-2369SUSE bug 701296CVE-2011-2370openSUSE Leap 42.1
Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.
ModerateCVE-2011-2370SUSE bug 701296CVE-2011-2371openSUSE Leap 42.1
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
ImportantCVE-2011-2371SUSE bug 701296CVE-2011-2372openSUSE Leap 42.1
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
ImportantCVE-2011-2372SUSE bug 720264CVE-2011-2373openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
ImportantCVE-2011-2373SUSE bug 701296CVE-2011-2374openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2374SUSE bug 701296SUSE bug 701296CVE-2011-2375openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2375SUSE bug 701296CVE-2011-2376openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2376SUSE bug 701296CVE-2011-2377openSUSE Leap 42.1
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.
ImportantCVE-2011-2377SUSE bug 701296CVE-2011-2464openSUSE Leap 42.1
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
ImportantCVE-2011-2464SUSE bug 703907SUSE bug 703907CVE-2011-2483openSUSE Leap 42.1
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
ImportantCVE-2011-2483SUSE bug 700876SUSE bug 700876SUSE bug 701491SUSE bug 713727SUSE bug 701491SUSE bug 738221SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303CVE-2011-2485openSUSE Leap 42.1
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.
ImportantCVE-2011-2485SUSE bug 702028CVE-2011-2486openSUSE Leap 42.1
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash.
ModerateCVE-2011-2486SUSE bug 702034SUSE bug 702034CVE-2011-2489openSUSE Leap 42.1
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
ImportantCVE-2011-2489SUSE bug 698772CVE-2011-2490openSUSE Leap 42.1
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
ImportantCVE-2011-2490SUSE bug 698772CVE-2011-2501openSUSE Leap 42.1
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.
ModerateCVE-2011-2501SUSE bug 702578CVE-2011-2511openSUSE Leap 42.1
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
ModerateCVE-2011-2511SUSE bug 703084CVE-2011-2513openSUSE Leap 42.1
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.
ModerateCVE-2011-2513SUSE bug 704309SUSE bug 704309SUSE bug 704309CVE-2011-2514openSUSE Leap 42.1
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted.
ModerateCVE-2011-2514SUSE bug 704309CVE-2011-2522openSUSE Leap 42.1
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
ModerateCVE-2011-2522SUSE bug 705241SUSE bug 705241CVE-2011-2597openSUSE Leap 42.1
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
ModerateCVE-2011-2597SUSE bug 706728CVE-2011-2690openSUSE Leap 42.1
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
ModerateCVE-2011-2690SUSE bug 706387SUSE bug 706388SUSE bug 854395CVE-2011-2691openSUSE Leap 42.1
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.
ModerateCVE-2011-2691SUSE bug 706388CVE-2011-2692openSUSE Leap 42.1
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
ModerateCVE-2011-2692SUSE bug 706389SUSE bug 854395CVE-2011-2694openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).
ModerateCVE-2011-2694CVE-2011-2696openSUSE Leap 42.1
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
ImportantCVE-2011-2696SUSE bug 705681CVE-2011-2697openSUSE Leap 42.1
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.
ImportantCVE-2011-2697SUSE bug 698451SUSE bug 698451SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 852368SUSE bug 957531CVE-2011-2698openSUSE Leap 42.1
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.
ModerateCVE-2011-2698SUSE bug 706728CVE-2011-2709openSUSE Leap 42.1
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
ImportantCVE-2011-2709SUSE bug 694598SUSE bug 694598CVE-2011-2721openSUSE Leap 42.1
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.
ModerateCVE-2011-2721SUSE bug 708263CVE-2011-2722openSUSE Leap 42.1
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
LowCVE-2011-2722SUSE bug 704608SUSE bug 713717SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 59233SUSE bug 698451SUSE bug 704608SUSE bug 808355CVE-2011-2729openSUSE Leap 42.1
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
ImportantCVE-2011-2729SUSE bug 715656CVE-2011-2748openSUSE Leap 42.1
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
ImportantCVE-2011-2748SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653CVE-2011-2749openSUSE Leap 42.1
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
ModerateCVE-2011-2749SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653SUSE bug 712653CVE-2011-2766openSUSE Leap 42.1
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.
ImportantCVE-2011-2766SUSE bug 735882CVE-2011-2895openSUSE Leap 42.1
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
ImportantCVE-2011-2895SUSE bug 709851SUSE bug 711487SUSE bug 711487SUSE bug 709851SUSE bug 709851SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487SUSE bug 711487CVE-2011-2896openSUSE Leap 42.1
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
ModerateCVE-2011-2896SUSE bug 711490SUSE bug 601830SUSE bug 680210SUSE bug 680212SUSE bug 700987SUSE bug 711490SUSE bug 715643SUSE bug 601830SUSE bug 671735SUSE bug 680210SUSE bug 711490SUSE bug 711491SUSE bug 715643SUSE bug 711490SUSE bug 711490SUSE bug 711490SUSE bug 711490SUSE bug 711491SUSE bug 711490SUSE bug 711491CVE-2011-2985openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2985SUSE bug 712224CVE-2011-2986openSUSE Leap 42.1
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
ModerateCVE-2011-2986SUSE bug 712224CVE-2011-2987openSUSE Leap 42.1
Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2987SUSE bug 712224CVE-2011-2988openSUSE Leap 42.1
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.
CriticalCVE-2011-2988SUSE bug 712224CVE-2011-2989openSUSE Leap 42.1
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2989SUSE bug 712224SUSE bug 712224CVE-2011-2990openSUSE Leap 42.1
The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.
ModerateCVE-2011-2990SUSE bug 712224CVE-2011-2991openSUSE Leap 42.1
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2991SUSE bug 712224CVE-2011-2992openSUSE Leap 42.1
The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-2992SUSE bug 712224CVE-2011-2993openSUSE Leap 42.1
The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.
CriticalCVE-2011-2993SUSE bug 712224CVE-2011-2995openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2011-2995SUSE bug 720264CVE-2011-2996openSUSE Leap 42.1
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2996SUSE bug 720264CVE-2011-2997openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-2997SUSE bug 720264CVE-2011-3000openSUSE Leap 42.1
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
ImportantCVE-2011-3000SUSE bug 720264CVE-2011-3001openSUSE Leap 42.1
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
ModerateCVE-2011-3001SUSE bug 720264CVE-2011-3002openSUSE Leap 42.1
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.
CriticalCVE-2011-3002SUSE bug 720264CVE-2011-3003openSUSE Leap 42.1
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.
CriticalCVE-2011-3003SUSE bug 720264CVE-2011-3004openSUSE Leap 42.1
The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.
ImportantCVE-2011-3004SUSE bug 720264CVE-2011-3005openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.
CriticalCVE-2011-3005SUSE bug 720264CVE-2011-3026openSUSE Leap 42.1
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
ImportantCVE-2011-3026SUSE bug 747311SUSE bug 747328SUSE bug 747311SUSE bug 747311SUSE bug 747311SUSE bug 747311SUSE bug 747327SUSE bug 773612SUSE bug 747311SUSE bug 747311SUSE bug 747311SUSE bug 747311SUSE bug 747311SUSE bug 854395CVE-2011-3045openSUSE Leap 42.1
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
ModerateCVE-2011-3045SUSE bug 752008SUSE bug 752008SUSE bug 752008SUSE bug 752008SUSE bug 754456SUSE bug 752008SUSE bug 752008SUSE bug 754456SUSE bug 752008CVE-2011-3048openSUSE Leap 42.1
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
ModerateCVE-2011-3048SUSE bug 754745SUSE bug 754745SUSE bug 754745SUSE bug 754745SUSE bug 854395SUSE bug 754745CVE-2011-3062openSUSE Leap 42.1
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
ImportantCVE-2011-3062SUSE bug 754458SUSE bug 758408CVE-2011-3079openSUSE Leap 42.1
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
CriticalCVE-2011-3079SUSE bug 760264SUSE bug 930622CVE-2011-3101openSUSE Leap 42.1
Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.
CriticalCVE-2011-3101SUSE bug 762481SUSE bug 765204CVE-2011-3146openSUSE Leap 42.1
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
ImportantCVE-2011-3146SUSE bug 714980SUSE bug 714980CVE-2011-3148openSUSE Leap 42.1
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
ImportantCVE-2011-3148SUSE bug 724480CVE-2011-3149openSUSE Leap 42.1
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
LowCVE-2011-3149SUSE bug 724480CVE-2011-3153openSUSE Leap 42.1
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
ModerateCVE-2011-3153SUSE bug 728627CVE-2011-3172openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2011-3172SUSE bug 707645SUSE bug 707645CVE-2011-3177openSUSE Leap 42.1
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
LowCVE-2011-3177SUSE bug 713661SUSE bug 713661SUSE bug 713661CVE-2011-3192openSUSE Leap 42.1
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CriticalCVE-2011-3192SUSE bug 713966SUSE bug 714306SUSE bug 713966SUSE bug 714306SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 716634SUSE bug 713966SUSE bug 716634SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 718106SUSE bug 716634SUSE bug 713966SUSE bug 713966SUSE bug 718106SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 722545SUSE bug 713966SUSE bug 726139SUSE bug 713966SUSE bug 713966SUSE bug 716634SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 713966SUSE bug 716634SUSE bug 716634SUSE bug 713966SUSE bug 732051SUSE bug 732051SUSE bug 713966SUSE bug 732051SUSE bug 713966SUSE bug 732051SUSE bug 732051SUSE bug 732051SUSE bug 732051SUSE bug 713966SUSE bug 732051SUSE bug 713966SUSE bug 716634SUSE bug 718106SUSE bug 726139SUSE bug 732051SUSE bug 732051SUSE bug 713966SUSE bug 718106SUSE bug 726139SUSE bug 732051SUSE bug 713966SUSE bug 713966SUSE bug 983778CVE-2011-3193openSUSE Leap 42.1
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
ModerateCVE-2011-3193SUSE bug 714984CVE-2011-3200openSUSE Leap 42.1
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
ImportantCVE-2011-3200SUSE bug 714658SUSE bug 714658SUSE bug 714658SUSE bug 714658SUSE bug 714658SUSE bug 714658SUSE bug 714658CVE-2011-3207openSUSE Leap 42.1
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
ModerateCVE-2011-3207SUSE bug 716143SUSE bug 716143CVE-2011-3210openSUSE Leap 42.1
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol.
ModerateCVE-2011-3210SUSE bug 716144CVE-2011-3232openSUSE Leap 42.1
YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
CriticalCVE-2011-3232SUSE bug 720264CVE-2011-3256openSUSE Leap 42.1
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.
ImportantCVE-2011-3256SUSE bug 728044SUSE bug 730124SUSE bug 748083CVE-2011-3266openSUSE Leap 42.1
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.
ModerateCVE-2011-3266SUSE bug 718032CVE-2011-3328openSUSE Leap 42.1
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
ModerateCVE-2011-3328SUSE bug 720017CVE-2011-3349openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Not setCVE-2011-3349SUSE bug 708205SUSE bug 708205CVE-2011-3360openSUSE Leap 42.1
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
ModerateCVE-2011-3360SUSE bug 718032CVE-2011-3368openSUSE Leap 42.1
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
ImportantCVE-2011-3368SUSE bug 722545SUSE bug 722545SUSE bug 728876SUSE bug 729181SUSE bug 791794SUSE bug 722545CVE-2011-3372openSUSE Leap 42.1
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
ModerateCVE-2011-3372SUSE bug 719998SUSE bug 719998CVE-2011-3377openSUSE Leap 42.1
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.
ModerateCVE-2011-3377SUSE bug 729870CVE-2011-3379openSUSE Leap 42.1
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.
ModerateCVE-2011-3379SUSE bug 728350SUSE bug 728350SUSE bug 728350CVE-2011-3389openSUSE Leap 42.1
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
ModerateCVE-2011-3389SUSE bug 716002SUSE bug 719047SUSE bug 725167SUSE bug 726096SUSE bug 726096SUSE bug 739248SUSE bug 739256SUSE bug 742306SUSE bug 751718SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 759666SUSE bug 719047SUSE bug 814655SUSE bug 719047CVE-2011-3439openSUSE Leap 42.1
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
ImportantCVE-2011-3439SUSE bug 730124SUSE bug 730124SUSE bug 748083CVE-2011-3483openSUSE Leap 42.1
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
ModerateCVE-2011-3483SUSE bug 718032CVE-2011-3594openSUSE Leap 42.1
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.
CriticalCVE-2011-3594SUSE bug 722199SUSE bug 736161CVE-2011-3602openSUSE Leap 42.1
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files.
LowCVE-2011-3602SUSE bug 721968CVE-2011-3607openSUSE Leap 42.1
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
ModerateCVE-2011-3607SUSE bug 729181SUSE bug 729183SUSE bug 729181SUSE bug 728876SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 806721SUSE bug 729181SUSE bug 729181SUSE bug 729181SUSE bug 729181CVE-2011-3627openSUSE Leap 42.1
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
ImportantCVE-2011-3627SUSE bug 724856SUSE bug 809945CVE-2011-3630openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2011-3630CVE-2011-3631openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2011-3631CVE-2011-3632openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2011-3632CVE-2011-3635openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias (aka nickname).
ModerateCVE-2011-3635SUSE bug 727003CVE-2011-3640openSUSE Leap 42.1
** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
ModerateCVE-2011-3640SUSE bug 726096SUSE bug 726096CVE-2011-3648openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.
ModerateCVE-2011-3648CVE-2011-3650openSUSE Leap 42.1
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.
ModerateCVE-2011-3650CVE-2011-3651openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2011-3651CVE-2011-3652openSUSE Leap 42.1
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-3652CVE-2011-3654openSUSE Leap 42.1
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CriticalCVE-2011-3654CVE-2011-3655openSUSE Leap 42.1
Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.
CriticalCVE-2011-3655CVE-2011-3658openSUSE Leap 42.1
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
ImportantCVE-2011-3658SUSE bug 737533SUSE bug 746591SUSE bug 747320SUSE bug 750044CVE-2011-3659openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
ImportantCVE-2011-3659SUSE bug 744275CVE-2011-3660openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.
CriticalCVE-2011-3660SUSE bug 737533CVE-2011-3661openSUSE Leap 42.1
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
ImportantCVE-2011-3661SUSE bug 737533CVE-2011-3663openSUSE Leap 42.1
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.
ModerateCVE-2011-3663SUSE bug 737533CVE-2011-3922openSUSE Leap 42.1
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling.
ImportantCVE-2011-3922SUSE bug 739904SUSE bug 739904SUSE bug 739904SUSE bug 740493SUSE bug 739904SUSE bug 739904SUSE bug 739904SUSE bug 739904SUSE bug 739904CVE-2011-4105openSUSE Leap 42.1
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
ModerateCVE-2011-4105SUSE bug 730062CVE-2011-4108openSUSE Leap 42.1
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.
ModerateCVE-2011-4108SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 742821SUSE bug 758060SUSE bug 778825CVE-2011-4128openSUSE Leap 42.1
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
ModerateCVE-2011-4128SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486SUSE bug 729486CVE-2011-4153openSUSE Leap 42.1
PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c.
ModerateCVE-2011-4153SUSE bug 741859SUSE bug 742273SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 733590SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741859SUSE bug 741859CVE-2011-4182openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2011-4182SUSE bug 735394SUSE bug 735394CVE-2011-4313openSUSE Leap 42.1
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
CriticalCVE-2011-4313SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 730995SUSE bug 738156SUSE bug 730995SUSE bug 730995SUSE bug 730995CVE-2011-4317openSUSE Leap 42.1
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
LowCVE-2011-4317SUSE bug 722545SUSE bug 728876SUSE bug 729181SUSE bug 791794CVE-2011-4349openSUSE Leap 42.1
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
ImportantCVE-2011-4349SUSE bug 732996SUSE bug 698250SUSE bug 732996SUSE bug 732996SUSE bug 732996CVE-2011-4405openSUSE Leap 42.1
The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.
ModerateCVE-2011-4405SUSE bug 733542SUSE bug 733542SUSE bug 733542SUSE bug 733542SUSE bug 733542SUSE bug 735322SUSE bug 733542SUSE bug 733542SUSE bug 733542CVE-2011-4539openSUSE Leap 42.1
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
ModerateCVE-2011-4539SUSE bug 735610SUSE bug 735610SUSE bug 735610SUSE bug 741239CVE-2011-4566openSUSE Leap 42.1
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.
ModerateCVE-2011-4566SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 733590SUSE bug 733590SUSE bug 733590SUSE bug 733590CVE-2011-4576openSUSE Leap 42.1
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.
ModerateCVE-2011-4576SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 758060SUSE bug 778825SUSE bug 758060CVE-2011-4577openSUSE Leap 42.1
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.
ModerateCVE-2011-4577SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 758060CVE-2011-4600openSUSE Leap 42.1
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.
LowCVE-2011-4600SUSE bug 736082SUSE bug 736082SUSE bug 736082SUSE bug 736082SUSE bug 736082SUSE bug 736082SUSE bug 736082SUSE bug 736082CVE-2011-4604openSUSE Leap 42.1
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.
ModerateCVE-2011-4604SUSE bug 736149SUSE bug 736149SUSE bug 736149SUSE bug 736149SUSE bug 736149SUSE bug 736149CVE-2011-4619openSUSE Leap 42.1
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
ModerateCVE-2011-4619SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 739719SUSE bug 758060SUSE bug 758060SUSE bug 799454CVE-2011-4718openSUSE Leap 42.1
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
ModerateCVE-2011-4718SUSE bug 834813SUSE bug 834813SUSE bug 834813SUSE bug 834813CVE-2011-4815openSUSE Leap 42.1
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
CriticalCVE-2011-4815SUSE bug 739122CVE-2011-4868openSUSE Leap 42.1
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.
ModerateCVE-2011-4868SUSE bug 741239SUSE bug 741239SUSE bug 741239SUSE bug 741239CVE-2011-4885openSUSE Leap 42.1
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
ModerateCVE-2011-4885SUSE bug 738221SUSE bug 744966SUSE bug 749111SUSE bug 749111SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 733590SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111CVE-2011-4944openSUSE Leap 42.1
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
LowCVE-2011-4944SUSE bug 754447CVE-2012-0021openSUSE Leap 42.1
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.
ModerateCVE-2012-0021SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 743744SUSE bug 1078450CVE-2012-0027openSUSE Leap 42.1
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.
ModerateCVE-2012-0027SUSE bug 739719CVE-2012-0029openSUSE Leap 42.1
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.
ImportantCVE-2012-0029SUSE bug 740165SUSE bug 757537SUSE bug 740165SUSE bug 747331CVE-2012-0031openSUSE Leap 42.1
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
LowCVE-2012-0031SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 806721SUSE bug 741243SUSE bug 741243SUSE bug 741243SUSE bug 741243CVE-2012-0035openSUSE Leap 42.1
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
ModerateCVE-2012-0035SUSE bug 740447CVE-2012-0037openSUSE Leap 42.1
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
ImportantCVE-2012-0037SUSE bug 740453SUSE bug 745298SUSE bug 734781SUSE bug 740453SUSE bug 37195SUSE bug 734781SUSE bug 740453CVE-2012-0050openSUSE Leap 42.1
OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108.
ModerateCVE-2012-0050SUSE bug 742821SUSE bug 739719SUSE bug 739719SUSE bug 758060CVE-2012-0053openSUSE Leap 42.1
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
ModerateCVE-2012-0053SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743SUSE bug 743743CVE-2012-0056openSUSE Leap 42.1
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
CriticalCVE-2012-0056SUSE bug 742028SUSE bug 742279SUSE bug 742279SUSE bug 742279SUSE bug 653148SUSE bug 742279CVE-2012-0217openSUSE Leap 42.1
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
CriticalCVE-2012-0217SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 764077SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 757537SUSE bug 785429SUSE bug 785434SUSE bug 785434SUSE bug 757537CVE-2012-0247openSUSE Leap 42.1
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.
CriticalCVE-2012-0247SUSE bug 746880SUSE bug 752879SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880CVE-2012-0248openSUSE Leap 42.1
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
ImportantCVE-2012-0248SUSE bug 746880SUSE bug 752879SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880SUSE bug 746880CVE-2012-0390openSUSE Leap 42.1
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.
ModerateCVE-2012-0390SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898SUSE bug 739898CVE-2012-0441openSUSE Leap 42.1
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
ImportantCVE-2012-0441SUSE bug 765204CVE-2012-0442openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-0442SUSE bug 744275CVE-2012-0443openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-0443SUSE bug 744275CVE-2012-0444openSUSE Leap 42.1
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
ImportantCVE-2012-0444SUSE bug 744275SUSE bug 747912SUSE bug 747912SUSE bug 747912SUSE bug 747912SUSE bug 747912SUSE bug 747912SUSE bug 747912SUSE bug 747912CVE-2012-0445openSUSE Leap 42.1
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.
ModerateCVE-2012-0445SUSE bug 744275CVE-2012-0446openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.
ModerateCVE-2012-0446SUSE bug 744275CVE-2012-0447openSUSE Leap 42.1
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.
ModerateCVE-2012-0447SUSE bug 744275CVE-2012-0449openSUSE Leap 42.1
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.
ImportantCVE-2012-0449SUSE bug 744275CVE-2012-0451openSUSE Leap 42.1
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.
ModerateCVE-2012-0451SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0452openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.
CriticalCVE-2012-0452SUSE bug 746616SUSE bug 746616SUSE bug 746663SUSE bug 746616SUSE bug 746616SUSE bug 746616SUSE bug 746616SUSE bug 746616SUSE bug 746616SUSE bug 746616CVE-2012-0455openSUSE Leap 42.1
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue.
ModerateCVE-2012-0455SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0456openSUSE Leap 42.1
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
ModerateCVE-2012-0456SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0457openSUSE Leap 42.1
Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.
ImportantCVE-2012-0457SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0458openSUSE Leap 42.1
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.
ImportantCVE-2012-0458SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0459openSUSE Leap 42.1
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.
ImportantCVE-2012-0459SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0460openSUSE Leap 42.1
Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.
ModerateCVE-2012-0460SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0461openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-0461SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0462openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-0462SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0463openSUSE Leap 42.1
The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.
ImportantCVE-2012-0463SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0464openSUSE Leap 42.1
Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.
ImportantCVE-2012-0464SUSE bug 750044SUSE bug 752168SUSE bug 746591SUSE bug 747320SUSE bug 750044SUSE bug 750044CVE-2012-0467openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-0467SUSE bug 758408CVE-2012-0468openSUSE Leap 42.1
The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.
ImportantCVE-2012-0468SUSE bug 758408CVE-2012-0469openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.
ImportantCVE-2012-0469SUSE bug 758408CVE-2012-0470openSUSE Leap 42.1
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems."
ImportantCVE-2012-0470SUSE bug 758408CVE-2012-0471openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.
ImportantCVE-2012-0471SUSE bug 758408CVE-2012-0472openSUSE Leap 42.1
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
ImportantCVE-2012-0472SUSE bug 758408CVE-2012-0473openSUSE Leap 42.1
The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.
ImportantCVE-2012-0473SUSE bug 758408CVE-2012-0474openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."
ImportantCVE-2012-0474SUSE bug 758408CVE-2012-0475openSUSE Leap 42.1
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.
ImportantCVE-2012-0475SUSE bug 758408CVE-2012-0477openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.
ImportantCVE-2012-0477SUSE bug 758408CVE-2012-0478openSUSE Leap 42.1
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
ImportantCVE-2012-0478SUSE bug 758408CVE-2012-0479openSUSE Leap 42.1
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
ImportantCVE-2012-0479SUSE bug 758408CVE-2012-0759openSUSE Leap 42.1
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.
CriticalCVE-2012-0759SUSE bug 796895CVE-2012-0786openSUSE Leap 42.1
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
ModerateCVE-2012-0786SUSE bug 853044SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003SUSE bug 885003CVE-2012-0804openSUSE Leap 42.1
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
ModerateCVE-2012-0804SUSE bug 744059SUSE bug 744059CVE-2012-0817openSUSE Leap 42.1
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.
ModerateCVE-2012-0817SUSE bug 743986CVE-2012-0830openSUSE Leap 42.1
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
CriticalCVE-2012-0830SUSE bug 744966SUSE bug 749111SUSE bug 749111SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 733590SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111CVE-2012-0845openSUSE Leap 42.1
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
ModerateCVE-2012-0845SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125SUSE bug 747125CVE-2012-0862openSUSE Leap 42.1
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
ImportantCVE-2012-0862SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 844230SUSE bug 762294SUSE bug 844230SUSE bug 762294SUSE bug 855685SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 844230SUSE bug 762294SUSE bug 762294SUSE bug 762294SUSE bug 762294CVE-2012-0866openSUSE Leap 42.1
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.
ModerateCVE-2012-0866SUSE bug 749299SUSE bug 749299SUSE bug 749299SUSE bug 749299SUSE bug 749301SUSE bug 749299SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303SUSE bug 749299SUSE bug 749299SUSE bug 749299CVE-2012-0867openSUSE Leap 42.1
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
LowCVE-2012-0867SUSE bug 749301SUSE bug 749301SUSE bug 749301SUSE bug 749301SUSE bug 749301SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303SUSE bug 749301SUSE bug 749301SUSE bug 749301SUSE bug 749301SUSE bug 749301CVE-2012-0868openSUSE Leap 42.1
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.
ImportantCVE-2012-0868SUSE bug 749301SUSE bug 749303SUSE bug 749303SUSE bug 749303SUSE bug 749301SUSE bug 749303SUSE bug 749303SUSE bug 701489SUSE bug 749299SUSE bug 749301SUSE bug 749303SUSE bug 749303SUSE bug 749303SUSE bug 749303SUSE bug 749303CVE-2012-0870openSUSE Leap 42.1
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.
CriticalCVE-2012-0870SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 747934SUSE bug 752797SUSE bug 747934SUSE bug 747934CVE-2012-0876openSUSE Leap 42.1
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
ModerateCVE-2012-0876SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 751464SUSE bug 751465SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 750914SUSE bug 983215SUSE bug 983216SUSE bug 983216SUSE bug 750914SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216CVE-2012-0884openSUSE Leap 42.1
The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.
LowCVE-2012-0884SUSE bug 751977SUSE bug 749210SUSE bug 754640SUSE bug 754640SUSE bug 754640SUSE bug 749735SUSE bug 751977SUSE bug 761819SUSE bug 761819CVE-2012-1012openSUSE Leap 42.1
server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global list privilege.
ModerateCVE-2012-1012SUSE bug 766109CVE-2012-1013openSUSE Leap 42.1
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
ModerateCVE-2012-1013SUSE bug 765485SUSE bug 765485SUSE bug 765485SUSE bug 765485SUSE bug 765485SUSE bug 765485SUSE bug 765485CVE-2012-1016openSUSE Leap 42.1
The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request.
ModerateCVE-2012-1016SUSE bug 807556SUSE bug 807556SUSE bug 807556SUSE bug 807556SUSE bug 807556SUSE bug 807556CVE-2012-1095openSUSE Leap 42.1
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
LowCVE-2012-1095SUSE bug 749335CVE-2012-1111openSUSE Leap 42.1
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
ModerateCVE-2012-1111SUSE bug 745339CVE-2012-1126openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
ModerateCVE-2012-1126SUSE bug 750937SUSE bug 750937SUSE bug 750937SUSE bug 750937SUSE bug 750937SUSE bug 750937SUSE bug 750937CVE-2012-1127openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
ModerateCVE-2012-1127SUSE bug 750947SUSE bug 750947SUSE bug 750947SUSE bug 750947SUSE bug 750947SUSE bug 750947SUSE bug 750947CVE-2012-1128openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
ModerateCVE-2012-1128SUSE bug 750942SUSE bug 750942SUSE bug 750942SUSE bug 750942SUSE bug 750942SUSE bug 750942CVE-2012-1129openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
LowCVE-2012-1129SUSE bug 750952SUSE bug 750952SUSE bug 750952SUSE bug 750952SUSE bug 750952SUSE bug 750952SUSE bug 750952CVE-2012-1130openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
ModerateCVE-2012-1130SUSE bug 750951SUSE bug 750951SUSE bug 750951SUSE bug 750951SUSE bug 750951SUSE bug 750951SUSE bug 750951CVE-2012-1131openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
ModerateCVE-2012-1131SUSE bug 750953SUSE bug 750953SUSE bug 750953SUSE bug 750953SUSE bug 750953SUSE bug 750953SUSE bug 750953CVE-2012-1132openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
LowCVE-2012-1132SUSE bug 750950SUSE bug 750950SUSE bug 750950SUSE bug 750950SUSE bug 750950SUSE bug 750950SUSE bug 750950CVE-2012-1133openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
ImportantCVE-2012-1133SUSE bug 750940SUSE bug 750940SUSE bug 750940SUSE bug 750940SUSE bug 750940SUSE bug 750940SUSE bug 750940CVE-2012-1134openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
ImportantCVE-2012-1134SUSE bug 750945SUSE bug 750945SUSE bug 750945SUSE bug 750945SUSE bug 750945SUSE bug 750945SUSE bug 750945CVE-2012-1135openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
LowCVE-2012-1135SUSE bug 750946SUSE bug 750946SUSE bug 750946SUSE bug 750946SUSE bug 750946SUSE bug 750946SUSE bug 750946CVE-2012-1136openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
ImportantCVE-2012-1136SUSE bug 750939SUSE bug 750939SUSE bug 750939SUSE bug 750939SUSE bug 750939SUSE bug 750939SUSE bug 750939CVE-2012-1137openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
ModerateCVE-2012-1137SUSE bug 750943SUSE bug 750943SUSE bug 750943SUSE bug 750943SUSE bug 750943SUSE bug 750943CVE-2012-1138openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
ModerateCVE-2012-1138SUSE bug 750941SUSE bug 750941SUSE bug 750941SUSE bug 750941SUSE bug 750941SUSE bug 750941SUSE bug 750941CVE-2012-1139openSUSE Leap 42.1
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
LowCVE-2012-1139SUSE bug 750938SUSE bug 750938SUSE bug 750938SUSE bug 750938SUSE bug 750938SUSE bug 750938SUSE bug 750938CVE-2012-1140openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
ModerateCVE-2012-1140SUSE bug 750954SUSE bug 750954SUSE bug 750954SUSE bug 750954SUSE bug 750954CVE-2012-1141openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
LowCVE-2012-1141SUSE bug 750955SUSE bug 750955SUSE bug 750955SUSE bug 750955SUSE bug 750955SUSE bug 750955SUSE bug 750955CVE-2012-1142openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
ImportantCVE-2012-1142SUSE bug 750948SUSE bug 750948SUSE bug 750948SUSE bug 750948SUSE bug 750948SUSE bug 750948SUSE bug 750948CVE-2012-1143openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
ModerateCVE-2012-1143SUSE bug 750949SUSE bug 750949SUSE bug 750949SUSE bug 750949SUSE bug 750949SUSE bug 750949SUSE bug 750949CVE-2012-1144openSUSE Leap 42.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
ImportantCVE-2012-1144SUSE bug 750944SUSE bug 750944SUSE bug 750944SUSE bug 750944SUSE bug 750944CVE-2012-1147openSUSE Leap 42.1
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
ModerateCVE-2012-1147SUSE bug 751464SUSE bug 750914SUSE bug 751464SUSE bug 751465CVE-2012-1148openSUSE Leap 42.1
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
ModerateCVE-2012-1148SUSE bug 751465SUSE bug 750914SUSE bug 751464SUSE bug 751465CVE-2012-1150openSUSE Leap 42.1
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
ModerateCVE-2012-1150SUSE bug 751718SUSE bug 755383SUSE bug 826682SUSE bug 826682SUSE bug 826682SUSE bug 826682SUSE bug 826682SUSE bug 826682SUSE bug 826682CVE-2012-1152openSUSE Leap 42.1
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.
ModerateCVE-2012-1152SUSE bug 751503CVE-2012-1162openSUSE Leap 42.1
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct."
ModerateCVE-2012-1162SUSE bug 751829SUSE bug 751829SUSE bug 751830CVE-2012-1163openSUSE Leap 42.1
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
ModerateCVE-2012-1163SUSE bug 751830SUSE bug 751829SUSE bug 751830CVE-2012-1165openSUSE Leap 42.1
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.
ModerateCVE-2012-1165SUSE bug 751946SUSE bug 754640SUSE bug 754640SUSE bug 749210SUSE bug 749213SUSE bug 751946SUSE bug 754640SUSE bug 751946CVE-2012-1173openSUSE Leap 42.1
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
ImportantCVE-2012-1173SUSE bug 753362SUSE bug 753362SUSE bug 753362SUSE bug 753362SUSE bug 854393SUSE bug 753362CVE-2012-1174openSUSE Leap 42.1
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."
ModerateCVE-2012-1174SUSE bug 752281CVE-2012-1182openSUSE Leap 42.1
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.
CriticalCVE-2012-1182SUSE bug 752797SUSE bug 747934SUSE bug 752797SUSE bug 754443CVE-2012-1185openSUSE Leap 42.1
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
ImportantCVE-2012-1185SUSE bug 752879CVE-2012-1186openSUSE Leap 42.1
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
ModerateCVE-2012-1186SUSE bug 752879CVE-2012-1457openSUSE Leap 42.1
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
ModerateCVE-2012-1457SUSE bug 753611SUSE bug 767574SUSE bug 753611SUSE bug 753611SUSE bug 753611CVE-2012-1458openSUSE Leap 42.1
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
ModerateCVE-2012-1458SUSE bug 753613SUSE bug 767574SUSE bug 753613SUSE bug 753613SUSE bug 753613CVE-2012-1459openSUSE Leap 42.1
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
ModerateCVE-2012-1459SUSE bug 753610SUSE bug 753610SUSE bug 767574SUSE bug 753610SUSE bug 753610SUSE bug 753610CVE-2012-1569openSUSE Leap 42.1
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.
ModerateCVE-2012-1569SUSE bug 753301SUSE bug 752193SUSE bug 752193SUSE bug 924966CVE-2012-1571openSUSE Leap 42.1
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
ModerateCVE-2012-1571SUSE bug 753303SUSE bug 753303SUSE bug 883306SUSE bug 883306SUSE bug 884986SUSE bug 884986SUSE bug 987530CVE-2012-1573openSUSE Leap 42.1
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
ModerateCVE-2012-1573SUSE bug 754223SUSE bug 752193SUSE bug 752193CVE-2012-1586openSUSE Leap 42.1
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.
ModerateCVE-2012-1586SUSE bug 754443SUSE bug 754443CVE-2012-1616openSUSE Leap 42.1
Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
ModerateCVE-2012-1616SUSE bug 768322CVE-2012-1667openSUSE Leap 42.1
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
ImportantCVE-2012-1667SUSE bug 765315SUSE bug 792926CVE-2012-1823openSUSE Leap 42.1
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
ImportantCVE-2012-1823SUSE bug 760536SUSE bug 761631SUSE bug 761631SUSE bug 761631SUSE bug 760536SUSE bug 850694SUSE bug 850694SUSE bug 850694SUSE bug 850694SUSE bug 850694CVE-2012-1937openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1937SUSE bug 765204CVE-2012-1938openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.
CriticalCVE-2012-1938SUSE bug 765204CVE-2012-1940openSUSE Leap 42.1
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.
CriticalCVE-2012-1940SUSE bug 765204CVE-2012-1941openSUSE Leap 42.1
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.
CriticalCVE-2012-1941SUSE bug 765204CVE-2012-1944openSUSE Leap 42.1
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
ModerateCVE-2012-1944SUSE bug 765204CVE-2012-1945openSUSE Leap 42.1
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.
ModerateCVE-2012-1945SUSE bug 765204CVE-2012-1946openSUSE Leap 42.1
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.
ImportantCVE-2012-1946SUSE bug 765204CVE-2012-1947openSUSE Leap 42.1
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.
ImportantCVE-2012-1947SUSE bug 765204CVE-2012-1948openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1948SUSE bug 771583CVE-2012-1949openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1949SUSE bug 771583CVE-2012-1950openSUSE Leap 42.1
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
CriticalCVE-2012-1950SUSE bug 771583CVE-2012-1951openSUSE Leap 42.1
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.
CriticalCVE-2012-1951SUSE bug 771583CVE-2012-1952openSUSE Leap 42.1
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
CriticalCVE-2012-1952SUSE bug 771583CVE-2012-1953openSUSE Leap 42.1
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
CriticalCVE-2012-1953SUSE bug 771583CVE-2012-1954openSUSE Leap 42.1
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
CriticalCVE-2012-1954SUSE bug 771583CVE-2012-1955openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
CriticalCVE-2012-1955SUSE bug 771583CVE-2012-1956openSUSE Leap 42.1
Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
ModerateCVE-2012-1956SUSE bug 777588CVE-2012-1957openSUSE Leap 42.1
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
CriticalCVE-2012-1957SUSE bug 771583CVE-2012-1958openSUSE Leap 42.1
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.
CriticalCVE-2012-1958SUSE bug 771583CVE-2012-1959openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.
CriticalCVE-2012-1959SUSE bug 771583CVE-2012-1960openSUSE Leap 42.1
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
LowCVE-2012-1960SUSE bug 771583CVE-2012-1961openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.
CriticalCVE-2012-1961SUSE bug 771583CVE-2012-1962openSUSE Leap 42.1
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
CriticalCVE-2012-1962SUSE bug 771583CVE-2012-1963openSUSE Leap 42.1
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
CriticalCVE-2012-1963SUSE bug 771583CVE-2012-1965openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
CriticalCVE-2012-1965SUSE bug 771583CVE-2012-1966openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
CriticalCVE-2012-1966SUSE bug 771583CVE-2012-1967openSUSE Leap 42.1
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
CriticalCVE-2012-1967SUSE bug 771583CVE-2012-1970openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2012-1970SUSE bug 777588CVE-2012-1972openSUSE Leap 42.1
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1972SUSE bug 777588CVE-2012-1973openSUSE Leap 42.1
Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1973SUSE bug 777588CVE-2012-1974openSUSE Leap 42.1
Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1974SUSE bug 777588CVE-2012-1975openSUSE Leap 42.1
Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1975SUSE bug 777588CVE-2012-1976openSUSE Leap 42.1
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-1976SUSE bug 777588CVE-2012-2110openSUSE Leap 42.1
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
ImportantCVE-2012-2110SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 778825SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060SUSE bug 758060CVE-2012-2111openSUSE Leap 42.1
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.
ImportantCVE-2012-2111SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 754443SUSE bug 757576SUSE bug 757576SUSE bug 757576SUSE bug 757576CVE-2012-2113openSUSE Leap 42.1
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
ImportantCVE-2012-2113SUSE bug 767852SUSE bug 767852SUSE bug 767852SUSE bug 767852SUSE bug 767852SUSE bug 767852SUSE bug 767852SUSE bug 854393SUSE bug 767852SUSE bug 767852CVE-2012-2141openSUSE Leap 42.1
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table.
ModerateCVE-2012-2141SUSE bug 759352SUSE bug 826684SUSE bug 826684CVE-2012-2143openSUSE Leap 42.1
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
ModerateCVE-2012-2143SUSE bug 766797SUSE bug 766798SUSE bug 766799SUSE bug 766798SUSE bug 766798SUSE bug 766799SUSE bug 766797SUSE bug 766798SUSE bug 766799SUSE bug 766798SUSE bug 766798SUSE bug 766797SUSE bug 766797SUSE bug 766797SUSE bug 766799SUSE bug 766797SUSE bug 766799SUSE bug 766797CVE-2012-2150openSUSE Leap 42.1
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
LowCVE-2012-2150SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367SUSE bug 939367CVE-2012-2214openSUSE Leap 42.1
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
ImportantCVE-2012-2214SUSE bug 760890CVE-2012-2311openSUSE Leap 42.1
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
ImportantCVE-2012-2311SUSE bug 760536SUSE bug 761631SUSE bug 761631CVE-2012-2335openSUSE Leap 42.1
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.
ModerateCVE-2012-2335SUSE bug 761631SUSE bug 761631CVE-2012-2336openSUSE Leap 42.1
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
ImportantCVE-2012-2336SUSE bug 761631SUSE bug 761631CVE-2012-2337openSUSE Leap 42.1
sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.
ImportantCVE-2012-2337SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 762327SUSE bug 826687CVE-2012-2385openSUSE Leap 42.1
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
ModerateCVE-2012-2385CVE-2012-2392openSUSE Leap 42.1
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.
ModerateCVE-2012-2392SUSE bug 763634SUSE bug 763855SUSE bug 763855SUSE bug 763855SUSE bug 763855SUSE bug 763855SUSE bug 763855SUSE bug 769578SUSE bug 763855SUSE bug 769578SUSE bug 763855CVE-2012-2393openSUSE Leap 42.1
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.
ModerateCVE-2012-2393SUSE bug 763634SUSE bug 763857SUSE bug 763857SUSE bug 763857SUSE bug 763857SUSE bug 763855CVE-2012-2394openSUSE Leap 42.1
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.
ModerateCVE-2012-2394SUSE bug 763634SUSE bug 763859SUSE bug 763859SUSE bug 763859SUSE bug 763859CVE-2012-2396openSUSE Leap 42.1
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
ModerateCVE-2012-2396SUSE bug 760496CVE-2012-2417openSUSE Leap 42.1
PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.
ImportantCVE-2012-2417SUSE bug 764127SUSE bug 764127SUSE bug 764127SUSE bug 764127SUSE bug 764127SUSE bug 764127SUSE bug 764127CVE-2012-2451openSUSE Leap 42.1
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries.
LowCVE-2012-2451SUSE bug 760459CVE-2012-2625openSUSE Leap 42.1
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image.
ModerateCVE-2012-2625SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 773393SUSE bug 773393SUSE bug 773401SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 762484SUSE bug 787163SUSE bug 762484CVE-2012-2655openSUSE Leap 42.1
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.
ModerateCVE-2012-2655SUSE bug 765069SUSE bug 765069SUSE bug 765069SUSE bug 765069SUSE bug 765069SUSE bug 765069SUSE bug 765069SUSE bug 765069CVE-2012-2669openSUSE Leap 42.1
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.
ModerateCVE-2012-2669SUSE bug 761200CVE-2012-2673openSUSE Leap 42.1
Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
ModerateCVE-2012-2673SUSE bug 765444CVE-2012-2686openSUSE Leap 42.1
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data.
ModerateCVE-2012-2686SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802648CVE-2012-2687openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
LowCVE-2012-2687SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260SUSE bug 777260CVE-2012-2688openSUSE Leap 42.1
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
ModerateCVE-2012-2688SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582SUSE bug 772582CVE-2012-2737openSUSE Leap 42.1
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.
ModerateCVE-2012-2737SUSE bug 768807CVE-2012-2738openSUSE Leap 42.1
The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
ImportantCVE-2012-2738SUSE bug 772761SUSE bug 772761SUSE bug 772761SUSE bug 772761SUSE bug 772761CVE-2012-2808openSUSE Leap 42.1
The PRNG implementation in the DNS resolver in Bionic in Android before 4.1.1 incorrectly uses time and PID information during the generation of random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2015-0800.
ModerateCVE-2012-2808CVE-2012-2812openSUSE Leap 42.1
The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ModerateCVE-2012-2812SUSE bug 771229SUSE bug 831515CVE-2012-2813openSUSE Leap 42.1
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ImportantCVE-2012-2813SUSE bug 771229SUSE bug 831515CVE-2012-2814openSUSE Leap 42.1
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
ImportantCVE-2012-2814SUSE bug 771229SUSE bug 831515CVE-2012-2836openSUSE Leap 42.1
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
ImportantCVE-2012-2836SUSE bug 771229SUSE bug 831515CVE-2012-2837openSUSE Leap 42.1
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.
ImportantCVE-2012-2837SUSE bug 771229SUSE bug 831515CVE-2012-2840openSUSE Leap 42.1
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
ImportantCVE-2012-2840SUSE bug 771229SUSE bug 831515CVE-2012-2841openSUSE Leap 42.1
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
ImportantCVE-2012-2841SUSE bug 771229SUSE bug 831515CVE-2012-2845openSUSE Leap 42.1
Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
ImportantCVE-2012-2845SUSE bug 771229CVE-2012-2944openSUSE Leap 42.1
Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters.
ImportantCVE-2012-2944SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699SUSE bug 764699CVE-2012-3236openSUSE Leap 42.1
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.
ModerateCVE-2012-3236SUSE bug 768376SUSE bug 769565SUSE bug 769565SUSE bug 769565SUSE bug 769565SUSE bug 769565SUSE bug 763595SUSE bug 769565SUSE bug 769565SUSE bug 769565SUSE bug 769565CVE-2012-3291openSUSE Leap 42.1
Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.
ImportantCVE-2012-3291SUSE bug 767616SUSE bug 767616SUSE bug 767616SUSE bug 767616SUSE bug 767616CVE-2012-3356openSUSE Leap 42.1
The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
ModerateCVE-2012-3356SUSE bug 768680CVE-2012-3357openSUSE Leap 42.1
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log msg leak."
ModerateCVE-2012-3357SUSE bug 768680CVE-2012-3358openSUSE Leap 42.1
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.
ImportantCVE-2012-3358SUSE bug 770649CVE-2012-3365openSUSE Leap 42.1
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
ImportantCVE-2012-3365SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772582SUSE bug 772580SUSE bug 772580SUSE bug 772580SUSE bug 772580CVE-2012-3374openSUSE Leap 42.1
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
ImportantCVE-2012-3374SUSE bug 770304SUSE bug 770304SUSE bug 770304CVE-2012-3386openSUSE Leap 42.1
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
LowCVE-2012-3386SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 786745SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618SUSE bug 770618CVE-2012-3401openSUSE Leap 42.1
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
ImportantCVE-2012-3401SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 770816SUSE bug 854393SUSE bug 770816CVE-2012-3412openSUSE Leap 42.1
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
ImportantCVE-2012-3412SUSE bug 774523SUSE bug 774523SUSE bug 774523CVE-2012-3422openSUSE Leap 42.1
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
ImportantCVE-2012-3422SUSE bug 773458SUSE bug 818768CVE-2012-3423openSUSE Leap 42.1
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
ModerateCVE-2012-3423SUSE bug 773458SUSE bug 818768CVE-2012-3432openSUSE Leap 42.1
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.
ModerateCVE-2012-3432SUSE bug 773401SUSE bug 773393SUSE bug 773401SUSE bug 773401SUSE bug 773401SUSE bug 773401SUSE bug 773401SUSE bug 773401SUSE bug 773401SUSE bug 773401CVE-2012-3433openSUSE Leap 42.1
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.
ImportantCVE-2012-3433SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773401SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393SUSE bug 773393CVE-2012-3438openSUSE Leap 42.1
The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
ModerateCVE-2012-3438SUSE bug 785093SUSE bug 785093SUSE bug 773612SUSE bug 785093SUSE bug 773612SUSE bug 773612SUSE bug 773612SUSE bug 773612SUSE bug 773612SUSE bug 773612SUSE bug 785093SUSE bug 773612CVE-2012-3445openSUSE Leap 42.1
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.
ModerateCVE-2012-3445SUSE bug 773955CVE-2012-3466openSUSE Leap 42.1
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.
ModerateCVE-2012-3466SUSE bug 775235SUSE bug 775235SUSE bug 775235SUSE bug 775235SUSE bug 775235SUSE bug 775235SUSE bug 775235SUSE bug 775235CVE-2012-3482openSUSE Leap 42.1
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read.
ModerateCVE-2012-3482SUSE bug 775988SUSE bug 775988SUSE bug 775988SUSE bug 775988SUSE bug 775988SUSE bug 775988SUSE bug 775988CVE-2012-3488openSUSE Leap 42.1
The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.
ModerateCVE-2012-3488SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523SUSE bug 776523CVE-2012-3489openSUSE Leap 42.1
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.
LowCVE-2012-3489SUSE bug 776524SUSE bug 776524SUSE bug 776524SUSE bug 776524CVE-2012-3499openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
ImportantCVE-2012-3499SUSE bug 806458SUSE bug 807511SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458SUSE bug 806458CVE-2012-3502openSUSE Leap 42.1
The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
ModerateCVE-2012-3502SUSE bug 777119SUSE bug 777119SUSE bug 777119CVE-2012-3515openSUSE Leap 42.1
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
ImportantCVE-2012-3515SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084SUSE bug 777084CVE-2012-3520openSUSE Leap 42.1
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
ModerateCVE-2012-3520SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925SUSE bug 776925CVE-2012-3524openSUSE Leap 42.1
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
ImportantCVE-2012-3524SUSE bug 697105SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 852781SUSE bug 697105SUSE bug 912016SUSE bug 697105CVE-2012-3534openSUSE Leap 42.1
GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections.
ModerateCVE-2012-3534SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486SUSE bug 777486CVE-2012-3535openSUSE Leap 42.1
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
ImportantCVE-2012-3535SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445SUSE bug 777445CVE-2012-3548openSUSE Leap 42.1
The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.
ModerateCVE-2012-3548SUSE bug 778000SUSE bug 778000SUSE bug 778000SUSE bug 778000SUSE bug 783275SUSE bug 778000CVE-2012-3570openSUSE Leap 42.1
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
LowCVE-2012-3570SUSE bug 772924SUSE bug 772924SUSE bug 772924SUSE bug 772924SUSE bug 772924SUSE bug 772924CVE-2012-3571openSUSE Leap 42.1
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
LowCVE-2012-3571SUSE bug 772924SUSE bug 772924SUSE bug 772924CVE-2012-3817openSUSE Leap 42.1
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
ImportantCVE-2012-3817SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 772945SUSE bug 792926CVE-2012-3868openSUSE Leap 42.1
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
ImportantCVE-2012-3868SUSE bug 772946SUSE bug 772946SUSE bug 772946SUSE bug 772946SUSE bug 792926SUSE bug 772946CVE-2012-3954openSUSE Leap 42.1
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
LowCVE-2012-3954SUSE bug 772924SUSE bug 772924SUSE bug 772924SUSE bug 772924CVE-2012-3955openSUSE Leap 42.1
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.
ModerateCVE-2012-3955SUSE bug 780167SUSE bug 780167SUSE bug 780167SUSE bug 780167SUSE bug 780167SUSE bug 780167CVE-2012-3956openSUSE Leap 42.1
Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3956SUSE bug 777588CVE-2012-3957openSUSE Leap 42.1
Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-3957SUSE bug 777588CVE-2012-3958openSUSE Leap 42.1
Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3958SUSE bug 777588CVE-2012-3959openSUSE Leap 42.1
Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3959SUSE bug 777588CVE-2012-3960openSUSE Leap 42.1
Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3960SUSE bug 777588CVE-2012-3961openSUSE Leap 42.1
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-3961SUSE bug 777588CVE-2012-3962openSUSE Leap 42.1
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.
CriticalCVE-2012-3962SUSE bug 777588CVE-2012-3963openSUSE Leap 42.1
Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-3963SUSE bug 777588CVE-2012-3964openSUSE Leap 42.1
Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2012-3964SUSE bug 777588CVE-2012-3965openSUSE Leap 42.1
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
ImportantCVE-2012-3965SUSE bug 777588CVE-2012-3966openSUSE Leap 42.1
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.
ImportantCVE-2012-3966SUSE bug 777588CVE-2012-3967openSUSE Leap 42.1
The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.
ImportantCVE-2012-3967SUSE bug 777588CVE-2012-3968openSUSE Leap 42.1
Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.
ImportantCVE-2012-3968SUSE bug 777588CVE-2012-3969openSUSE Leap 42.1
Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.
CriticalCVE-2012-3969SUSE bug 777588CVE-2012-3970openSUSE Leap 42.1
Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.
ImportantCVE-2012-3970SUSE bug 777588CVE-2012-3971openSUSE Leap 42.1
Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.
ModerateCVE-2012-3971SUSE bug 777588CVE-2012-3972openSUSE Leap 42.1
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.
ModerateCVE-2012-3972SUSE bug 777588CVE-2012-3973openSUSE Leap 42.1
The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.
ImportantCVE-2012-3973SUSE bug 777588CVE-2012-3975openSUSE Leap 42.1
The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.
LowCVE-2012-3975SUSE bug 777588CVE-2012-3976openSUSE Leap 42.1
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.
ModerateCVE-2012-3976SUSE bug 777588CVE-2012-3978openSUSE Leap 42.1
The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.
ModerateCVE-2012-3978SUSE bug 777588CVE-2012-3980openSUSE Leap 42.1
The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.
ModerateCVE-2012-3980SUSE bug 777588CVE-2012-3982openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-3982SUSE bug 783533CVE-2012-3983openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-3983SUSE bug 783533CVE-2012-3984openSUSE Leap 42.1
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.
ImportantCVE-2012-3984SUSE bug 783533CVE-2012-3985openSUSE Leap 42.1
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.
ModerateCVE-2012-3985SUSE bug 783533CVE-2012-3986openSUSE Leap 42.1
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.
ImportantCVE-2012-3986SUSE bug 783533CVE-2012-3988openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.
ImportantCVE-2012-3988SUSE bug 783533CVE-2012-3989openSUSE Leap 42.1
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site.
ImportantCVE-2012-3989SUSE bug 783533CVE-2012-3990openSUSE Leap 42.1
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.
ImportantCVE-2012-3990SUSE bug 783533CVE-2012-3991openSUSE Leap 42.1
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.
ImportantCVE-2012-3991SUSE bug 783533CVE-2012-3992openSUSE Leap 42.1
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.
ImportantCVE-2012-3992SUSE bug 783533CVE-2012-3993openSUSE Leap 42.1
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue.
CriticalCVE-2012-3993SUSE bug 783533CVE-2012-3994openSUSE Leap 42.1
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.
ImportantCVE-2012-3994SUSE bug 783533CVE-2012-3995openSUSE Leap 42.1
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2012-3995SUSE bug 783533CVE-2012-4024openSUSE Leap 42.1
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the list file is a trusted file constructed by the program's user; however, there are some realistic situations in which a list file would be obtained from an untrusted remote source.
ModerateCVE-2012-4024SUSE bug 773015CVE-2012-4025openSUSE Leap 42.1
Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow.
ModerateCVE-2012-4025SUSE bug 773015CVE-2012-4048openSUSE Leap 42.1
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.
ImportantCVE-2012-4048SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738CVE-2012-4049openSUSE Leap 42.1
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
ModerateCVE-2012-4049SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738SUSE bug 772738CVE-2012-4179openSUSE Leap 42.1
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4179SUSE bug 783533CVE-2012-4180openSUSE Leap 42.1
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4180SUSE bug 783533CVE-2012-4181openSUSE Leap 42.1
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4181SUSE bug 783533CVE-2012-4182openSUSE Leap 42.1
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4182SUSE bug 783533CVE-2012-4183openSUSE Leap 42.1
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2012-4183SUSE bug 783533CVE-2012-4184openSUSE Leap 42.1
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.
ImportantCVE-2012-4184SUSE bug 783533CVE-2012-4185openSUSE Leap 42.1
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4185SUSE bug 783533CVE-2012-4186openSUSE Leap 42.1
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-4186SUSE bug 783533CVE-2012-4187openSUSE Leap 42.1
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.
CriticalCVE-2012-4187SUSE bug 783533CVE-2012-4188openSUSE Leap 42.1
Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2012-4188SUSE bug 783533CVE-2012-4191openSUSE Leap 42.1
The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
ImportantCVE-2012-4191CVE-2012-4192openSUSE Leap 42.1
Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote attackers to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.
ImportantCVE-2012-4192CVE-2012-4193openSUSE Leap 42.1
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
ImportantCVE-2012-4193SUSE bug 783533CVE-2012-4194openSUSE Leap 42.1
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
ImportantCVE-2012-4194SUSE bug 786522CVE-2012-4195openSUSE Leap 42.1
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.
ImportantCVE-2012-4195SUSE bug 786522CVE-2012-4196openSUSE Leap 42.1
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
ImportantCVE-2012-4196SUSE bug 786522CVE-2012-4201openSUSE Leap 42.1
The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.
ModerateCVE-2012-4201SUSE bug 790140CVE-2012-4202openSUSE Leap 42.1
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
ImportantCVE-2012-4202SUSE bug 790140CVE-2012-4203openSUSE Leap 42.1
The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.
ModerateCVE-2012-4203SUSE bug 790140CVE-2012-4204openSUSE Leap 42.1
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
ImportantCVE-2012-4204SUSE bug 790140CVE-2012-4205openSUSE Leap 42.1
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks or obtain sensitive information by leveraging a sandboxed add-on.
ModerateCVE-2012-4205SUSE bug 790140CVE-2012-4207openSUSE Leap 42.1
The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.
ModerateCVE-2012-4207SUSE bug 790140CVE-2012-4208openSUSE Leap 42.1
The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.
ModerateCVE-2012-4208SUSE bug 790140CVE-2012-4209openSUSE Leap 42.1
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.
ModerateCVE-2012-4209SUSE bug 790140CVE-2012-4210openSUSE Leap 42.1
The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.
ImportantCVE-2012-4210SUSE bug 790140CVE-2012-4212openSUSE Leap 42.1
Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4212SUSE bug 790140CVE-2012-4213openSUSE Leap 42.1
Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4213SUSE bug 790140CVE-2012-4214openSUSE Leap 42.1
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.
CriticalCVE-2012-4214SUSE bug 790140CVE-2012-4215openSUSE Leap 42.1
Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4215SUSE bug 790140CVE-2012-4216openSUSE Leap 42.1
Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4216SUSE bug 790140CVE-2012-4217openSUSE Leap 42.1
Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2012-4217SUSE bug 790140CVE-2012-4218openSUSE Leap 42.1
Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2012-4218SUSE bug 790140CVE-2012-4244openSUSE Leap 42.1
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
CriticalCVE-2012-4244SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 780157SUSE bug 792926CVE-2012-4285openSUSE Leap 42.1
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.
ModerateCVE-2012-4285SUSE bug 776083CVE-2012-4286openSUSE Leap 42.1
The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.
LowCVE-2012-4286SUSE bug 776083CVE-2012-4287openSUSE Leap 42.1
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.
ModerateCVE-2012-4287SUSE bug 776083CVE-2012-4288openSUSE Leap 42.1
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.
ModerateCVE-2012-4288SUSE bug 776083CVE-2012-4289openSUSE Leap 42.1
epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.
ModerateCVE-2012-4289SUSE bug 776083CVE-2012-4290openSUSE Leap 42.1
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.
ModerateCVE-2012-4290SUSE bug 776083CVE-2012-4291openSUSE Leap 42.1
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
ModerateCVE-2012-4291SUSE bug 776083CVE-2012-4292openSUSE Leap 42.1
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2012-4292SUSE bug 776083CVE-2012-4293openSUSE Leap 42.1
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.
ModerateCVE-2012-4293SUSE bug 776083CVE-2012-4294openSUSE Leap 42.1
Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.
ModerateCVE-2012-4294SUSE bug 776083CVE-2012-4295openSUSE Leap 42.1
Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.
ImportantCVE-2012-4295SUSE bug 776083CVE-2012-4296openSUSE Leap 42.1
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.
ModerateCVE-2012-4296SUSE bug 776083CVE-2012-4297openSUSE Leap 42.1
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.
ImportantCVE-2012-4297SUSE bug 776083CVE-2012-4298openSUSE Leap 42.1
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.
ModerateCVE-2012-4298SUSE bug 776083CVE-2012-4411openSUSE Leap 42.1
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
ImportantCVE-2012-4411SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 779212SUSE bug 779212CVE-2012-4412openSUSE Leap 42.1
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
ModerateCVE-2012-4412SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 848783SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 882910SUSE bug 779320SUSE bug 779320SUSE bug 882910SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 779320SUSE bug 920055SUSE bug 920169SUSE bug 920338SUSE bug 920169SUSE bug 920338CVE-2012-4425openSUSE Leap 42.1
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself.
ImportantCVE-2012-4425CVE-2012-4453openSUSE Leap 42.1
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
ModerateCVE-2012-4453SUSE bug 782734SUSE bug 1008340CVE-2012-4504openSUSE Leap 42.1
Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.
ImportantCVE-2012-4504SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 784523SUSE bug 795039CVE-2012-4507openSUSE Leap 42.1
The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
ModerateCVE-2012-4507SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463SUSE bug 784463CVE-2012-4510openSUSE Leap 42.1
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources.
ModerateCVE-2012-4510SUSE bug 783488CVE-2012-4535openSUSE Leap 42.1
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
ImportantCVE-2012-4535SUSE bug 786516SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 786516SUSE bug 786516SUSE bug 786516SUSE bug 786516SUSE bug 786516SUSE bug 786516SUSE bug 786516SUSE bug 786516CVE-2012-4536openSUSE Leap 42.1
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read.
ImportantCVE-2012-4536SUSE bug 786518SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 786518SUSE bug 786518SUSE bug 786518SUSE bug 786518SUSE bug 786518CVE-2012-4537openSUSE Leap 42.1
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."
ImportantCVE-2012-4537SUSE bug 786517SUSE bug 779212SUSE bug 786516SUSE bug 786517SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 786517SUSE bug 786517SUSE bug 786517SUSE bug 786517SUSE bug 786517SUSE bug 786517SUSE bug 786517CVE-2012-4538openSUSE Leap 42.1
The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors.
ModerateCVE-2012-4538SUSE bug 786519SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 786519SUSE bug 786519SUSE bug 786519SUSE bug 786519SUSE bug 786519SUSE bug 786519CVE-2012-4539openSUSE Leap 42.1
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability."
ImportantCVE-2012-4539SUSE bug 786520SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 786520SUSE bug 786520SUSE bug 786520SUSE bug 786520SUSE bug 786520SUSE bug 786520CVE-2012-4540openSUSE Leap 42.1
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
ImportantCVE-2012-4540SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 787846SUSE bug 840572CVE-2012-4544openSUSE Leap 42.1
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk.
LowCVE-2012-4544SUSE bug 787163SUSE bug 779212SUSE bug 786516SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 787163SUSE bug 787163SUSE bug 787163SUSE bug 840592SUSE bug 787163SUSE bug 787163SUSE bug 787163SUSE bug 787163SUSE bug 787163SUSE bug 787163CVE-2012-4559openSUSE Leap 42.1
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ImportantCVE-2012-4559SUSE bug 789827SUSE bug 789827CVE-2012-4560openSUSE Leap 42.1
Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
ImportantCVE-2012-4560SUSE bug 789827SUSE bug 789827CVE-2012-4561openSUSE Leap 42.1
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.
ImportantCVE-2012-4561SUSE bug 789827SUSE bug 789827CVE-2012-4564openSUSE Leap 42.1
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
ImportantCVE-2012-4564SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 781995SUSE bug 787892SUSE bug 787892SUSE bug 791607SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 787892SUSE bug 854393CVE-2012-4929openSUSE Leap 42.1
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.
ModerateCVE-2012-4929SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 793420SUSE bug 793420SUSE bug 803004SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 793420SUSE bug 779952SUSE bug 793420SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 779952SUSE bug 793420SUSE bug 793420SUSE bug 793420SUSE bug 793420SUSE bug 847895SUSE bug 793420SUSE bug 793420SUSE bug 793420SUSE bug 1011293CVE-2012-5112openSUSE Leap 42.1
Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5112SUSE bug 786698CVE-2012-5133openSUSE Leap 42.1
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
ImportantCVE-2012-5133SUSE bug 791234CVE-2012-5134openSUSE Leap 42.1
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
ImportantCVE-2012-5134SUSE bug 791234SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 795039SUSE bug 793334SUSE bug 804033SUSE bug 793334SUSE bug 804033SUSE bug 804033SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334SUSE bug 793334CVE-2012-5166openSUSE Leap 42.1
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
CriticalCVE-2012-5166SUSE bug 784602SUSE bug 784602SUSE bug 784602SUSE bug 784602SUSE bug 784602SUSE bug 784602SUSE bug 784602SUSE bug 792926CVE-2012-5237openSUSE Leap 42.1
The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2012-5237SUSE bug 783275CVE-2012-5238openSUSE Leap 42.1
epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.
ModerateCVE-2012-5238SUSE bug 783275CVE-2012-5239openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3548. Reason: This candidate is a reservation duplicate of CVE-2012-3548. Notes: All CVE users should reference CVE-2012-3548 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5239SUSE bug 783275CVE-2012-5240openSUSE Leap 42.1
Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.
ModerateCVE-2012-5240SUSE bug 783275CVE-2012-5468openSUSE Leap 42.1
Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters.
ImportantCVE-2012-5468SUSE bug 792939SUSE bug 792939SUSE bug 792939SUSE bug 792939SUSE bug 792939SUSE bug 792939SUSE bug 792939CVE-2012-5510openSUSE Leap 42.1
Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.
ImportantCVE-2012-5510SUSE bug 789945SUSE bug 789945SUSE bug 789945SUSE bug 789945SUSE bug 789945CVE-2012-5511openSUSE Leap 42.1
Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.
ModerateCVE-2012-5511SUSE bug 789944SUSE bug 789944SUSE bug 789944SUSE bug 789944SUSE bug 789944SUSE bug 789944CVE-2012-5513openSUSE Leap 42.1
The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
ImportantCVE-2012-5513SUSE bug 789951SUSE bug 789951SUSE bug 789951SUSE bug 789951SUSE bug 789951SUSE bug 789951SUSE bug 789951CVE-2012-5514openSUSE Leap 42.1
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
ModerateCVE-2012-5514SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789988SUSE bug 789948SUSE bug 789948SUSE bug 789948SUSE bug 789948CVE-2012-5515openSUSE Leap 42.1
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
ModerateCVE-2012-5515SUSE bug 789950SUSE bug 789950SUSE bug 789950SUSE bug 789950SUSE bug 789950SUSE bug 789950SUSE bug 789950CVE-2012-5519openSUSE Leap 42.1
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
ImportantCVE-2012-5519SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 789566SUSE bug 882905SUSE bug 882905SUSE bug 789566SUSE bug 882905SUSE bug 882905SUSE bug 882905SUSE bug 882905SUSE bug 789566SUSE bug 882905SUSE bug 789566SUSE bug 789566SUSE bug 882905SUSE bug 882905SUSE bug 924208CVE-2012-5525openSUSE Leap 42.1
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
ImportantCVE-2012-5525SUSE bug 789952SUSE bug 789952SUSE bug 789952CVE-2012-5532openSUSE Leap 42.1
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.
LowCVE-2012-5532SUSE bug 791605CVE-2012-5576openSUSE Leap 42.1
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large (1) red, (2) green, or (3) blue color mask in an XWD file.
ImportantCVE-2012-5576SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372SUSE bug 791372CVE-2012-5592openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6052. Reason: This candidate is a reservation duplicate of CVE-2012-6052. Notes: All CVE users should reference CVE-2012-6052 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5592SUSE bug 792005CVE-2012-5593openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6053. Reason: This candidate is a reservation duplicate of CVE-2012-6053. Notes: All CVE users should reference CVE-2012-6053 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5593SUSE bug 792005CVE-2012-5594openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6054. Reason: This candidate is a reservation duplicate of CVE-2012-6054. Notes: All CVE users should reference CVE-2012-6054 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5594SUSE bug 792005CVE-2012-5595openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6056. Reason: This candidate is a reservation duplicate of CVE-2012-6056. Notes: All CVE users should reference CVE-2012-6056 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5595SUSE bug 792005CVE-2012-5596openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6057. Reason: This candidate is a reservation duplicate of CVE-2012-6057. Notes: All CVE users should reference CVE-2012-6057 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5596SUSE bug 792005CVE-2012-5597openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6059. Reason: This candidate is a reservation duplicate of CVE-2012-6059. Notes: All CVE users should reference CVE-2012-6059 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5597SUSE bug 792005CVE-2012-5598openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6060. Reason: This candidate is a reservation duplicate of CVE-2012-6060. Notes: All CVE users should reference CVE-2012-6060 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5598SUSE bug 792005CVE-2012-5599openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6061. Reason: This candidate is a reservation duplicate of CVE-2012-6061. Notes: All CVE users should reference CVE-2012-6061 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5599SUSE bug 792005CVE-2012-5600openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6062. Reason: This candidate is a reservation duplicate of CVE-2012-6062. Notes: All CVE users should reference CVE-2012-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5600SUSE bug 792005CVE-2012-5601openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6055. Reason: This candidate is a reservation duplicate of CVE-2012-6055. Notes: All CVE users should reference CVE-2012-6055 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5601SUSE bug 792005CVE-2012-5602openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6058. Reason: This candidate is a reservation duplicate of CVE-2012-6058. Notes: All CVE users should reference CVE-2012-6058 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2012-5602SUSE bug 792005CVE-2012-5615openSUSE Leap 42.1
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
ModerateCVE-2012-5615SUSE bug 792440SUSE bug 792440SUSE bug 792440SUSE bug 792440SUSE bug 901237SUSE bug 901237SUSE bug 915913SUSE bug 792440SUSE bug 792440CVE-2012-5634openSUSE Leap 42.1
Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt.
ModerateCVE-2012-5634SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 800275SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 840592SUSE bug 794316SUSE bug 794316SUSE bug 794316SUSE bug 794316CVE-2012-5668openSUSE Leap 42.1
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
ModerateCVE-2012-5668SUSE bug 795826CVE-2012-5669openSUSE Leap 42.1
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
ImportantCVE-2012-5669SUSE bug 795826CVE-2012-5670openSUSE Leap 42.1
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
ImportantCVE-2012-5670SUSE bug 795826SUSE bug 795826CVE-2012-5688openSUSE Leap 42.1
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
ModerateCVE-2012-5688SUSE bug 792926SUSE bug 792926SUSE bug 792926SUSE bug 792926SUSE bug 792926SUSE bug 792926CVE-2012-5689openSUSE Leap 42.1
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
ModerateCVE-2012-5689SUSE bug 800822SUSE bug 800822SUSE bug 800822CVE-2012-5783openSUSE Leap 42.1
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
ImportantCVE-2012-5783SUSE bug 803332SUSE bug 803333SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332SUSE bug 803332CVE-2012-5829openSUSE Leap 42.1
Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5829SUSE bug 790140SUSE bug 796895CVE-2012-5830openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
ImportantCVE-2012-5830SUSE bug 790140CVE-2012-5833openSUSE Leap 42.1
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.
CriticalCVE-2012-5833SUSE bug 790140CVE-2012-5835openSUSE Leap 42.1
Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.
ImportantCVE-2012-5835SUSE bug 790140CVE-2012-5836openSUSE Leap 42.1
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.
ImportantCVE-2012-5836SUSE bug 790140CVE-2012-5837openSUSE Leap 42.1
The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.
ModerateCVE-2012-5837SUSE bug 790140CVE-2012-5838openSUSE Leap 42.1
The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.
ImportantCVE-2012-5838SUSE bug 790140CVE-2012-5839openSUSE Leap 42.1
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
CriticalCVE-2012-5839SUSE bug 790140CVE-2012-5840openSUSE Leap 42.1
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.
ImportantCVE-2012-5840SUSE bug 790140CVE-2012-5841openSUSE Leap 42.1
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2012-5841SUSE bug 790140CVE-2012-5842openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-5842SUSE bug 790140CVE-2012-5843openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2012-5843SUSE bug 790140CVE-2012-6075openSUSE Leap 42.1
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
ImportantCVE-2012-6075SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 800275SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 840592SUSE bug 797523SUSE bug 797523SUSE bug 797523SUSE bug 797523CVE-2012-6093openSUSE Leap 42.1
The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails and might cause users to make unsafe security decisions to accept a certificate.
ModerateCVE-2012-6093SUSE bug 797006SUSE bug 802634CVE-2012-6094openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2012-6094SUSE bug 795624SUSE bug 795624SUSE bug 857372SUSE bug 795624SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372SUSE bug 857372CVE-2012-6096openSUSE Leap 42.1
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.
ModerateCVE-2012-6096SUSE bug 797237CVE-2012-6128openSUSE Leap 42.1
Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.
ModerateCVE-2012-6128SUSE bug 803347SUSE bug 803347SUSE bug 803347CVE-2012-6150openSUSE Leap 42.1
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
LowCVE-2012-6150SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 844720SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347SUSE bug 853347CVE-2012-6152openSUSE Leap 42.1
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.
ModerateCVE-2012-6152SUSE bug 861019SUSE bug 861019CVE-2012-6702openSUSE Leap 42.1
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
ModerateCVE-2012-6702SUSE bug 983215SUSE bug 983216SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215SUSE bug 983215CVE-2013-0151openSUSE Leap 42.1
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs.
ModerateCVE-2013-0151SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285SUSE bug 797285CVE-2013-0152openSUSE Leap 42.1
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
ModerateCVE-2013-0152SUSE bug 797287SUSE bug 797287SUSE bug 797287SUSE bug 797287SUSE bug 797287SUSE bug 797287SUSE bug 800798CVE-2013-0153openSUSE Leap 42.1
The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.
ModerateCVE-2013-0153SUSE bug 800275SUSE bug 800275SUSE bug 800802SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 840592SUSE bug 800275SUSE bug 800275SUSE bug 800275SUSE bug 800275CVE-2013-0157openSUSE Leap 42.1
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.
LowCVE-2013-0157SUSE bug 797002CVE-2013-0160openSUSE Leap 42.1
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
LowCVE-2013-0160SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 797175SUSE bug 841063SUSE bug 841063SUSE bug 841063SUSE bug 797175SUSE bug 841063SUSE bug 797175SUSE bug 797175SUSE bug 841063SUSE bug 797175SUSE bug 797175SUSE bug 871595SUSE bug 797175SUSE bug 797175CVE-2013-0166openSUSE Leap 42.1
OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.
ModerateCVE-2013-0166SUSE bug 802648SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 802746SUSE bug 813366SUSE bug 821818SUSE bug 833408SUSE bug 802746SUSE bug 802746SUSE bug 833408SUSE bug 833408SUSE bug 905106SUSE bug 911906CVE-2013-0169openSUSE Leap 42.1
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
ImportantCVE-2013-0169SUSE bug 802184SUSE bug 802184SUSE bug 802184SUSE bug 802648SUSE bug 802648SUSE bug 802746SUSE bug 802184SUSE bug 802648SUSE bug 802648SUSE bug 802184SUSE bug 802648SUSE bug 802648SUSE bug 804654SUSE bug 803379SUSE bug 802648SUSE bug 802184SUSE bug 802648SUSE bug 802648SUSE bug 809839SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 813939SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802184SUSE bug 813366SUSE bug 802648SUSE bug 821818SUSE bug 802184SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802648SUSE bug 802184SUSE bug 802184SUSE bug 905106SUSE bug 802184SUSE bug 802184SUSE bug 802184SUSE bug 802184SUSE bug 802184SUSE bug 802184SUSE bug 977584SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 1070148CVE-2013-0170openSUSE Leap 42.1
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
ImportantCVE-2013-0170SUSE bug 800976SUSE bug 800976SUSE bug 800976SUSE bug 800976SUSE bug 800976SUSE bug 800976SUSE bug 800976SUSE bug 800976CVE-2013-0172openSUSE Leap 42.1
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.
ModerateCVE-2013-0172SUSE bug 798364SUSE bug 798364SUSE bug 798364CVE-2013-0176openSUSE Leap 42.1
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
ModerateCVE-2013-0176SUSE bug 802631SUSE bug 802631SUSE bug 802631SUSE bug 928323SUSE bug 802631SUSE bug 802631CVE-2013-0211openSUSE Leap 42.1
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow.
LowCVE-2013-0211SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 800024SUSE bug 979005CVE-2013-0213openSUSE Leap 42.1
The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.
ImportantCVE-2013-0213SUSE bug 799641SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 800982SUSE bug 880220CVE-2013-0214openSUSE Leap 42.1
Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.
ImportantCVE-2013-0214SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 799641SUSE bug 880220CVE-2013-0219openSUSE Leap 42.1
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
ModerateCVE-2013-0219SUSE bug 801036SUSE bug 801036SUSE bug 801036SUSE bug 801036SUSE bug 801036SUSE bug 801036CVE-2013-0220openSUSE Leap 42.1
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.
CVE-2013-0220SUSE bug 801036SUSE bug 801036SUSE bug 801036SUSE bug 801036SUSE bug 801036CVE-2013-0221openSUSE Leap 42.1
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0221SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538SUSE bug 798538CVE-2013-0222openSUSE Leap 42.1
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0222SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 798538SUSE bug 798541SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 798538SUSE bug 798541SUSE bug 796243SUSE bug 796243SUSE bug 796243SUSE bug 798538SUSE bug 798541SUSE bug 796243SUSE bug 796243SUSE bug 796243CVE-2013-0223openSUSE Leap 42.1
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function.
ModerateCVE-2013-0223SUSE bug 798541SUSE bug 798541SUSE bug 798541SUSE bug 798541SUSE bug 798541SUSE bug 798541SUSE bug 798538SUSE bug 798541SUSE bug 798541SUSE bug 798541SUSE bug 798538SUSE bug 798541SUSE bug 798541SUSE bug 798541CVE-2013-0231openSUSE Leap 42.1
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.
ModerateCVE-2013-0231SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 841063SUSE bug 841063SUSE bug 801178SUSE bug 841063SUSE bug 801178SUSE bug 841063SUSE bug 841063SUSE bug 801178SUSE bug 871595SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178SUSE bug 801178CVE-2013-0240openSUSE Leap 42.1
Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network.
ModerateCVE-2013-0240SUSE bug 802409SUSE bug 802409SUSE bug 802409SUSE bug 808534SUSE bug 802409CVE-2013-0242openSUSE Leap 42.1
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
ModerateCVE-2013-0242SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 848783SUSE bug 882910SUSE bug 882910SUSE bug 801246SUSE bug 801246SUSE bug 801246SUSE bug 801246CVE-2013-0249openSUSE Leap 42.1
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.
ImportantCVE-2013-0249SUSE bug 802411SUSE bug 802411SUSE bug 802411CVE-2013-0254openSUSE Leap 42.1
The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable and world-writable) for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrated by reading a pixmap being sent to an X server.
ModerateCVE-2013-0254SUSE bug 802634CVE-2013-0255openSUSE Leap 42.1
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.
ModerateCVE-2013-0255SUSE bug 802679SUSE bug 802679SUSE bug 803057SUSE bug 802679SUSE bug 802679SUSE bug 802679SUSE bug 802679SUSE bug 802679SUSE bug 802679SUSE bug 802679CVE-2013-0271openSUSE Leap 42.1
The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
LowCVE-2013-0271SUSE bug 804742CVE-2013-0272openSUSE Leap 42.1
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
ModerateCVE-2013-0272SUSE bug 804742CVE-2013-0273openSUSE Leap 42.1
sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-0273SUSE bug 804742CVE-2013-0274openSUSE Leap 42.1
upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.
ModerateCVE-2013-0274SUSE bug 804742CVE-2013-0287openSUSE Leap 42.1
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
ModerateCVE-2013-0287SUSE bug 809153SUSE bug 809153SUSE bug 809153SUSE bug 809153SUSE bug 809153SUSE bug 809153SUSE bug 809153CVE-2013-0292openSUSE Leap 42.1
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
ImportantCVE-2013-0292SUSE bug 804392SUSE bug 804392SUSE bug 804392SUSE bug 792095SUSE bug 804392SUSE bug 792095SUSE bug 804392SUSE bug 804392SUSE bug 804392SUSE bug 804392SUSE bug 804392SUSE bug 804392CVE-2013-0338openSUSE Leap 42.1
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
ImportantCVE-2013-0338SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233SUSE bug 805233CVE-2013-0454openSUSE Leap 42.1
The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or "hide unreadable" parameter.
LowCVE-2013-0454SUSE bug 811975SUSE bug 811975SUSE bug 811975SUSE bug 811975SUSE bug 811975SUSE bug 811975CVE-2013-0743openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE's scope. Notes: none.
ModerateCVE-2013-0743SUSE bug 796895CVE-2013-0744openSUSE Leap 42.1
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
ImportantCVE-2013-0744SUSE bug 796895CVE-2013-0745openSUSE Leap 42.1
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
ImportantCVE-2013-0745SUSE bug 796895CVE-2013-0746openSUSE Leap 42.1
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.
ImportantCVE-2013-0746SUSE bug 796895CVE-2013-0747openSUSE Leap 42.1
The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.
ModerateCVE-2013-0747SUSE bug 796895CVE-2013-0748openSUSE Leap 42.1
The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.
ModerateCVE-2013-0748SUSE bug 796895CVE-2013-0749openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2013-0749SUSE bug 796895CVE-2013-0750openSUSE Leap 42.1
Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.
ImportantCVE-2013-0750SUSE bug 796895CVE-2013-0751openSUSE Leap 42.1
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.
ModerateCVE-2013-0751SUSE bug 796895CVE-2013-0752openSUSE Leap 42.1
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
ImportantCVE-2013-0752SUSE bug 796895CVE-2013-0753openSUSE Leap 42.1
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
ImportantCVE-2013-0753SUSE bug 796895CVE-2013-0754openSUSE Leap 42.1
Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
ImportantCVE-2013-0754SUSE bug 796895CVE-2013-0755openSUSE Leap 42.1
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.
ImportantCVE-2013-0755SUSE bug 796895CVE-2013-0756openSUSE Leap 42.1
Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.
ImportantCVE-2013-0756SUSE bug 796895CVE-2013-0757openSUSE Leap 42.1
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
ImportantCVE-2013-0757SUSE bug 796895CVE-2013-0758openSUSE Leap 42.1
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.
ImportantCVE-2013-0758SUSE bug 796895CVE-2013-0760openSUSE Leap 42.1
Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
CriticalCVE-2013-0760SUSE bug 796895CVE-2013-0761openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0761SUSE bug 796895CVE-2013-0762openSUSE Leap 42.1
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0762SUSE bug 796895CVE-2013-0763openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.
CriticalCVE-2013-0763SUSE bug 796895CVE-2013-0764openSUSE Leap 42.1
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.
ModerateCVE-2013-0764SUSE bug 796895CVE-2013-0765openSUSE Leap 42.1
Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
ImportantCVE-2013-0765SUSE bug 804248CVE-2013-0766openSUSE Leap 42.1
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0766SUSE bug 796895CVE-2013-0767openSUSE Leap 42.1
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
ImportantCVE-2013-0767SUSE bug 796895CVE-2013-0768openSUSE Leap 42.1
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.
ImportantCVE-2013-0768SUSE bug 796895CVE-2013-0769openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-0769SUSE bug 796895CVE-2013-0770openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-0770SUSE bug 796895CVE-2013-0771openSUSE Leap 42.1
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
ImportantCVE-2013-0771SUSE bug 796895CVE-2013-0772openSUSE Leap 42.1
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
ModerateCVE-2013-0772SUSE bug 804248CVE-2013-0773openSUSE Leap 42.1
The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
ModerateCVE-2013-0773SUSE bug 804248CVE-2013-0774openSUSE Leap 42.1
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
ImportantCVE-2013-0774SUSE bug 804248CVE-2013-0775openSUSE Leap 42.1
Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.
ImportantCVE-2013-0775SUSE bug 804248CVE-2013-0776openSUSE Leap 42.1
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
ModerateCVE-2013-0776SUSE bug 804248CVE-2013-0777openSUSE Leap 42.1
Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-0777SUSE bug 804248CVE-2013-0778openSUSE Leap 42.1
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-0778SUSE bug 804248CVE-2013-0779openSUSE Leap 42.1
The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-0779SUSE bug 804248CVE-2013-0780openSUSE Leap 42.1
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
CriticalCVE-2013-0780SUSE bug 804248CVE-2013-0781openSUSE Leap 42.1
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2013-0781SUSE bug 804248CVE-2013-0782openSUSE Leap 42.1
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2013-0782SUSE bug 804248CVE-2013-0783openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-0783SUSE bug 804248CVE-2013-0787openSUSE Leap 42.1
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
ImportantCVE-2013-0787SUSE bug 808243CVE-2013-0788openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-0788SUSE bug 813026SUSE bug 819204CVE-2013-0789openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.
ImportantCVE-2013-0789SUSE bug 813026SUSE bug 819204CVE-2013-0791openSUSE Leap 42.1
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
ModerateCVE-2013-0791SUSE bug 813026SUSE bug 819204CVE-2013-0792openSUSE Leap 42.1
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
ModerateCVE-2013-0792SUSE bug 813026SUSE bug 819204CVE-2013-0793openSUSE Leap 42.1
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
ModerateCVE-2013-0793SUSE bug 819204CVE-2013-0794openSUSE Leap 42.1
Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.
ModerateCVE-2013-0794SUSE bug 813026SUSE bug 819204CVE-2013-0795openSUSE Leap 42.1
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
ImportantCVE-2013-0795SUSE bug 813026SUSE bug 819204CVE-2013-0796openSUSE Leap 42.1
The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
ImportantCVE-2013-0796SUSE bug 813026SUSE bug 819204CVE-2013-0800openSUSE Leap 42.1
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
ImportantCVE-2013-0800SUSE bug 813026SUSE bug 819204CVE-2013-0801openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-0801SUSE bug 819204CVE-2013-0913openSUSE Leap 42.1
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.
ImportantCVE-2013-0913SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 808829SUSE bug 871595CVE-2013-1415openSUSE Leap 42.1
The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request.
ModerateCVE-2013-1415SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715SUSE bug 806715CVE-2013-1417openSUSE Leap 42.1
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.
ModerateCVE-2013-1417SUSE bug 850660SUSE bug 850660SUSE bug 850660SUSE bug 850660SUSE bug 850660SUSE bug 879587CVE-2013-1418openSUSE Leap 42.1
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
ModerateCVE-2013-1418SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 849240SUSE bug 866059SUSE bug 849240SUSE bug 879587CVE-2013-1431openSUSE Leap 42.1
The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.
ModerateCVE-2013-1431SUSE bug 822586SUSE bug 822586SUSE bug 822586CVE-2013-1442openSUSE Leap 42.1
Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers.
ModerateCVE-2013-1442SUSE bug 839596SUSE bug 839596SUSE bug 839596SUSE bug 840592SUSE bug 839596SUSE bug 839596SUSE bug 839596SUSE bug 839596SUSE bug 839596CVE-2013-1445openSUSE Leap 42.1
The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.
ModerateCVE-2013-1445SUSE bug 846214SUSE bug 846214SUSE bug 846214SUSE bug 846214SUSE bug 846214SUSE bug 846214SUSE bug 846214SUSE bug 846214CVE-2013-1447openSUSE Leap 42.1
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
ModerateCVE-2013-1447SUSE bug 853644SUSE bug 853834SUSE bug 853834SUSE bug 853834SUSE bug 853834SUSE bug 853834SUSE bug 871412SUSE bug 853834SUSE bug 853834CVE-2013-1571openSUSE Leap 42.1
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
ModerateCVE-2013-1571SUSE bug 824397SUSE bug 824397SUSE bug 825624SUSE bug 828665SUSE bug 829708SUSE bug 829212SUSE bug 825624SUSE bug 824397SUSE bug 824397SUSE bug 825624SUSE bug 824397SUSE bug 825624CVE-2013-1572openSUSE Leap 42.1
The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1572SUSE bug 801131CVE-2013-1573openSUSE Leap 42.1
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1573SUSE bug 801131CVE-2013-1574openSUSE Leap 42.1
The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1574SUSE bug 801131CVE-2013-1575openSUSE Leap 42.1
The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1575SUSE bug 801131CVE-2013-1576openSUSE Leap 42.1
The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1576SUSE bug 801131CVE-2013-1577openSUSE Leap 42.1
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1577SUSE bug 801131CVE-2013-1578openSUSE Leap 42.1
The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet.
ModerateCVE-2013-1578SUSE bug 801131CVE-2013-1579openSUSE Leap 42.1
The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1579SUSE bug 801131CVE-2013-1580openSUSE Leap 42.1
The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-1580SUSE bug 801131CVE-2013-1581openSUSE Leap 42.1
The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet.
ModerateCVE-2013-1581SUSE bug 801131CVE-2013-1582openSUSE Leap 42.1
The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet.
ModerateCVE-2013-1582SUSE bug 801131CVE-2013-1583openSUSE Leap 42.1
The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1583SUSE bug 801131CVE-2013-1584openSUSE Leap 42.1
The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1584SUSE bug 801131CVE-2013-1585openSUSE Leap 42.1
epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1585SUSE bug 801131CVE-2013-1586openSUSE Leap 42.1
The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1586SUSE bug 801131CVE-2013-1587openSUSE Leap 42.1
The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-1587SUSE bug 801131CVE-2013-1588openSUSE Leap 42.1
Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-1588SUSE bug 801131CVE-2013-1589openSUSE Leap 42.1
Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-1589SUSE bug 801131CVE-2013-1590openSUSE Leap 42.1
Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-1590SUSE bug 801131CVE-2013-1620openSUSE Leap 42.1
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
ModerateCVE-2013-1620SUSE bug 802184SUSE bug 802184CVE-2013-1635openSUSE Leap 42.1
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.
LowCVE-2013-1635SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707CVE-2013-1643openSUSE Leap 42.1
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.
LowCVE-2013-1643SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707SUSE bug 807707CVE-2013-1667openSUSE Leap 42.1
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
ImportantCVE-2013-1667SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415SUSE bug 804415CVE-2013-1669openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1669SUSE bug 819204CVE-2013-1670openSUSE Leap 42.1
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2013-1670SUSE bug 819204CVE-2013-1671openSUSE Leap 42.1
Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.
ModerateCVE-2013-1671SUSE bug 819204CVE-2013-1674openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.
ImportantCVE-2013-1674SUSE bug 819204CVE-2013-1675openSUSE Leap 42.1
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
ImportantCVE-2013-1675SUSE bug 819204CVE-2013-1676openSUSE Leap 42.1
The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-1676SUSE bug 819204CVE-2013-1677openSUSE Leap 42.1
The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CriticalCVE-2013-1677SUSE bug 819204CVE-2013-1678openSUSE Leap 42.1
The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.
CriticalCVE-2013-1678SUSE bug 819204CVE-2013-1679openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1679SUSE bug 819204CVE-2013-1680openSUSE Leap 42.1
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CriticalCVE-2013-1680SUSE bug 819204CVE-2013-1681openSUSE Leap 42.1
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2013-1681SUSE bug 819204CVE-2013-1682openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1682SUSE bug 825935CVE-2013-1683openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1683SUSE bug 825935CVE-2013-1684openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CriticalCVE-2013-1684SUSE bug 825935CVE-2013-1685openSUSE Leap 42.1
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CriticalCVE-2013-1685SUSE bug 825935CVE-2013-1686openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2013-1686SUSE bug 825935CVE-2013-1687openSUSE Leap 42.1
The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.
ImportantCVE-2013-1687SUSE bug 825935CVE-2013-1688openSUSE Leap 42.1
The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.
ModerateCVE-2013-1688SUSE bug 825935CVE-2013-1690openSUSE Leap 42.1
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
ImportantCVE-2013-1690SUSE bug 825935CVE-2013-1692openSUSE Leap 42.1
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.
ModerateCVE-2013-1692SUSE bug 825935CVE-2013-1693openSUSE Leap 42.1
The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.
ModerateCVE-2013-1693SUSE bug 825935CVE-2013-1694openSUSE Leap 42.1
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.
ModerateCVE-2013-1694SUSE bug 825935CVE-2013-1695openSUSE Leap 42.1
Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.
ModerateCVE-2013-1695SUSE bug 825935CVE-2013-1696openSUSE Leap 42.1
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
ModerateCVE-2013-1696SUSE bug 825935CVE-2013-1697openSUSE Leap 42.1
The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
ModerateCVE-2013-1697SUSE bug 825935CVE-2013-1698openSUSE Leap 42.1
The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.
ModerateCVE-2013-1698SUSE bug 825935CVE-2013-1699openSUSE Leap 42.1
The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.
ModerateCVE-2013-1699SUSE bug 825935CVE-2013-1701openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1701SUSE bug 833389CVE-2013-1702openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1702SUSE bug 833389CVE-2013-1704openSUSE Leap 42.1
Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.
ImportantCVE-2013-1704SUSE bug 833389CVE-2013-1705openSUSE Leap 42.1
Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.
ImportantCVE-2013-1705SUSE bug 840485SUSE bug 833389CVE-2013-1708openSUSE Leap 42.1
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.
ModerateCVE-2013-1708SUSE bug 833389CVE-2013-1709openSUSE Leap 42.1
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.
ModerateCVE-2013-1709SUSE bug 833389CVE-2013-1710openSUSE Leap 42.1
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
ImportantCVE-2013-1710SUSE bug 833389CVE-2013-1711openSUSE Leap 42.1
The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.
ModerateCVE-2013-1711SUSE bug 833389CVE-2013-1713openSUSE Leap 42.1
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.
ModerateCVE-2013-1713SUSE bug 833389CVE-2013-1714openSUSE Leap 42.1
The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.
ModerateCVE-2013-1714SUSE bug 833389CVE-2013-1717openSUSE Leap 42.1
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
ModerateCVE-2013-1717SUSE bug 833389CVE-2013-1718openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1718SUSE bug 840485CVE-2013-1719openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-1719SUSE bug 840485CVE-2013-1720openSUSE Leap 42.1
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
ModerateCVE-2013-1720SUSE bug 840485CVE-2013-1721openSUSE Leap 42.1
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.
ImportantCVE-2013-1721SUSE bug 840485CVE-2013-1722openSUSE Leap 42.1
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
ImportantCVE-2013-1722SUSE bug 840485CVE-2013-1723openSUSE Leap 42.1
The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.
ImportantCVE-2013-1723SUSE bug 840485CVE-2013-1724openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.
ImportantCVE-2013-1724SUSE bug 840485CVE-2013-1725openSUSE Leap 42.1
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
ModerateCVE-2013-1725SUSE bug 840485CVE-2013-1728openSUSE Leap 42.1
The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.
ImportantCVE-2013-1728SUSE bug 840485CVE-2013-1730openSUSE Leap 42.1
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
ModerateCVE-2013-1730SUSE bug 840485CVE-2013-1732openSUSE Leap 42.1
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.
ImportantCVE-2013-1732SUSE bug 840485CVE-2013-1735openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
ImportantCVE-2013-1735SUSE bug 840485CVE-2013-1736openSUSE Leap 42.1
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.
ImportantCVE-2013-1736SUSE bug 840485CVE-2013-1737openSUSE Leap 42.1
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
ModerateCVE-2013-1737SUSE bug 840485CVE-2013-1738openSUSE Leap 42.1
Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.
ImportantCVE-2013-1738SUSE bug 840485CVE-2013-1739openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
ModerateCVE-2013-1739SUSE bug 842979SUSE bug 842979SUSE bug 842979SUSE bug 842979SUSE bug 842979SUSE bug 847708SUSE bug 842979SUSE bug 842979SUSE bug 842979CVE-2013-1740openSUSE Leap 42.1
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.
ModerateCVE-2013-1740SUSE bug 859055SUSE bug 859055SUSE bug 859055SUSE bug 859055SUSE bug 859055SUSE bug 859055SUSE bug 859055CVE-2013-1752openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2013-1752SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836SUSE bug 856836CVE-2013-1753openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2013-1753SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835SUSE bug 856835CVE-2013-1775openSUSE Leap 42.1
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
CriticalCVE-2013-1775SUSE bug 806919SUSE bug 806919SUSE bug 806919SUSE bug 815325SUSE bug 806919SUSE bug 815325SUSE bug 806919SUSE bug 815325SUSE bug 806919SUSE bug 815325SUSE bug 806919SUSE bug 806919SUSE bug 806919SUSE bug 806921SUSE bug 806919SUSE bug 806919SUSE bug 806919SUSE bug 806919SUSE bug 815325SUSE bug 806919SUSE bug 806919SUSE bug 806919SUSE bug 815325SUSE bug 845568SUSE bug 854381SUSE bug 806919SUSE bug 854381SUSE bug 815325CVE-2013-1776openSUSE Leap 42.1
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
LowCVE-2013-1776SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 817349SUSE bug 817350SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921SUSE bug 806921CVE-2013-1788openSUSE Leap 42.1
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
ImportantCVE-2013-1788SUSE bug 806793CVE-2013-1789openSUSE Leap 42.1
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
ImportantCVE-2013-1789SUSE bug 806793CVE-2013-1790openSUSE Leap 42.1
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
ImportantCVE-2013-1790SUSE bug 806793SUSE bug 806793CVE-2013-1799openSUSE Leap 42.1
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the network. NOTE: this issue exists because of an incomplete fix for CVE-2013-0240.
ImportantCVE-2013-1799SUSE bug 808534SUSE bug 808534SUSE bug 808534SUSE bug 808534SUSE bug 808534CVE-2013-1824openSUSE Leap 42.1
The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.
ModerateCVE-2013-1824SUSE bug 807707SUSE bug 807707CVE-2013-1845openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
ModerateCVE-2013-1845SUSE bug 813913CVE-2013-1846openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
LowCVE-2013-1846SUSE bug 813913SUSE bug 813913CVE-2013-1847openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
LowCVE-2013-1847SUSE bug 813913SUSE bug 813913CVE-2013-1849openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.
ModerateCVE-2013-1849SUSE bug 813913CVE-2013-1863openSUSE Leap 42.1
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations.
ModerateCVE-2013-1863SUSE bug 809624SUSE bug 809624SUSE bug 809624SUSE bug 809624CVE-2013-1881openSUSE Leap 42.1
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
ImportantCVE-2013-1881SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753SUSE bug 840753CVE-2013-1884openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
ModerateCVE-2013-1884SUSE bug 813913CVE-2013-1896openSUSE Leap 42.1
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
ImportantCVE-2013-1896SUSE bug 829056SUSE bug 829057SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056SUSE bug 829056CVE-2013-1899openSUSE Leap 42.1
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a "-" (hyphen).
CriticalCVE-2013-1899SUSE bug 812525SUSE bug 812525CVE-2013-1900openSUSE Leap 42.1
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."
CriticalCVE-2013-1900SUSE bug 812525CVE-2013-1901openSUSE Leap 42.1
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.
CriticalCVE-2013-1901SUSE bug 812525CVE-2013-1914openSUSE Leap 42.1
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
ImportantCVE-2013-1914SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 826666SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 882910SUSE bug 882910SUSE bug 920055SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 813121SUSE bug 937231SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 937231SUSE bug 813121SUSE bug 813121CVE-2013-1917openSUSE Leap 42.1
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction.
ImportantCVE-2013-1917SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 813673SUSE bug 840592SUSE bug 813673CVE-2013-1918openSUSE Leap 42.1
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
ImportantCVE-2013-1918SUSE bug 816159SUSE bug 816159SUSE bug 816159SUSE bug 816159SUSE bug 813673SUSE bug 816159SUSE bug 826882SUSE bug 823011SUSE bug 826882SUSE bug 816159SUSE bug 826882SUSE bug 840592SUSE bug 826882SUSE bug 826882SUSE bug 826882SUSE bug 826882SUSE bug 816159CVE-2013-1919openSUSE Leap 42.1
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."
ImportantCVE-2013-1919SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813675SUSE bug 813673SUSE bug 813675SUSE bug 813675SUSE bug 840592SUSE bug 813675CVE-2013-1922openSUSE Leap 42.1
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004.
ImportantCVE-2013-1922SUSE bug 814059SUSE bug 814059SUSE bug 814059SUSE bug 814059SUSE bug 814059SUSE bug 814059SUSE bug 814059SUSE bug 934753SUSE bug 934768CVE-2013-1926openSUSE Leap 42.1
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.
ImportantCVE-2013-1926SUSE bug 815596SUSE bug 815596SUSE bug 815596SUSE bug 815596SUSE bug 818768SUSE bug 815596SUSE bug 815596CVE-2013-1927openSUSE Leap 42.1
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
ModerateCVE-2013-1927SUSE bug 815596SUSE bug 815596SUSE bug 815596SUSE bug 815596SUSE bug 818768SUSE bug 815596SUSE bug 815596CVE-2013-1940openSUSE Leap 42.1
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty.
ModerateCVE-2013-1940SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 815870SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 814653SUSE bug 815870SUSE bug 814653SUSE bug 815870CVE-2013-1944openSUSE Leap 42.1
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
CriticalCVE-2013-1944SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655SUSE bug 814655CVE-2013-1952openSUSE Leap 42.1
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors.
ImportantCVE-2013-1952SUSE bug 816163SUSE bug 816163SUSE bug 813673SUSE bug 816163SUSE bug 816163SUSE bug 840592SUSE bug 816163CVE-2013-1960openSUSE Leap 42.1
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
ModerateCVE-2013-1960SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 854393CVE-2013-1961openSUSE Leap 42.1
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
ModerateCVE-2013-1961SUSE bug 817573SUSE bug 817573SUSE bug 817573SUSE bug 818117SUSE bug 817573SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 818117SUSE bug 854393CVE-2013-1962openSUSE Leap 42.1
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."
ModerateCVE-2013-1962SUSE bug 820397SUSE bug 820397SUSE bug 820397SUSE bug 820397SUSE bug 820397CVE-2013-1968openSUSE Leap 42.1
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
ModerateCVE-2013-1968SUSE bug 821505SUSE bug 821505CVE-2013-1969openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
ImportantCVE-2013-1969SUSE bug 815665SUSE bug 815665SUSE bug 815665SUSE bug 815665SUSE bug 815665SUSE bug 815665CVE-2013-1976openSUSE Leap 42.1
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.
ImportantCVE-2013-1976SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 824284SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177SUSE bug 822177CVE-2013-1981openSUSE Leap 42.1
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.
ModerateCVE-2013-1981SUSE bug 815451SUSE bug 815451SUSE bug 821664CVE-2013-1982openSUSE Leap 42.1
Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.
ModerateCVE-2013-1982SUSE bug 815451SUSE bug 815451SUSE bug 821665SUSE bug 821665SUSE bug 821665SUSE bug 821665SUSE bug 821665SUSE bug 821665SUSE bug 815451SUSE bug 821665CVE-2013-1983openSUSE Leap 42.1
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
ModerateCVE-2013-1983SUSE bug 815451SUSE bug 815451SUSE bug 821667SUSE bug 821667SUSE bug 821667SUSE bug 821667SUSE bug 821667SUSE bug 821667SUSE bug 815451SUSE bug 821667SUSE bug 880221CVE-2013-1984openSUSE Leap 42.1
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.
ModerateCVE-2013-1984SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1985openSUSE Leap 42.1
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
ModerateCVE-2013-1985SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1986openSUSE Leap 42.1
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.
ModerateCVE-2013-1986SUSE bug 815451SUSE bug 815451SUSE bug 821663SUSE bug 815451SUSE bug 815451CVE-2013-1987openSUSE Leap 42.1
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.
ModerateCVE-2013-1987SUSE bug 815451SUSE bug 815451SUSE bug 821669SUSE bug 821669SUSE bug 821669SUSE bug 821669SUSE bug 821669SUSE bug 821669SUSE bug 815451SUSE bug 821669SUSE bug 880221CVE-2013-1988openSUSE Leap 42.1
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.
ModerateCVE-2013-1988SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1989openSUSE Leap 42.1
Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function.
ModerateCVE-2013-1989SUSE bug 815451SUSE bug 815451SUSE bug 821671SUSE bug 880221CVE-2013-1990openSUSE Leap 42.1
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.
ModerateCVE-2013-1990SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1991openSUSE Leap 42.1
Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.
ModerateCVE-2013-1991SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1992openSUSE Leap 42.1
Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.
ModerateCVE-2013-1992SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1995openSUSE Leap 42.1
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
ModerateCVE-2013-1995SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1996openSUSE Leap 42.1
X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function.
ModerateCVE-2013-1996SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1997openSUSE Leap 42.1
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.
ImportantCVE-2013-1997SUSE bug 815451SUSE bug 815451SUSE bug 821664SUSE bug 824294CVE-2013-1998openSUSE Leap 42.1
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.
ModerateCVE-2013-1998SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-1999openSUSE Leap 42.1
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.
ModerateCVE-2013-1999SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-2000openSUSE Leap 42.1
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.
ModerateCVE-2013-2000SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-2001openSUSE Leap 42.1
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
ModerateCVE-2013-2001SUSE bug 815451SUSE bug 815451SUSE bug 821663CVE-2013-2002openSUSE Leap 42.1
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
ModerateCVE-2013-2002SUSE bug 815451SUSE bug 815451SUSE bug 821670CVE-2013-2003openSUSE Leap 42.1
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
ModerateCVE-2013-2003SUSE bug 815451SUSE bug 815451SUSE bug 821663SUSE bug 1065386CVE-2013-2004openSUSE Leap 42.1
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.
LowCVE-2013-2004SUSE bug 815451SUSE bug 815451SUSE bug 821664CVE-2013-2005openSUSE Leap 42.1
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.
ModerateCVE-2013-2005SUSE bug 815451SUSE bug 815451SUSE bug 821670CVE-2013-2007openSUSE Leap 42.1
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
ImportantCVE-2013-2007SUSE bug 818181SUSE bug 818182SUSE bug 818183SUSE bug 818181SUSE bug 818182SUSE bug 818183SUSE bug 818183SUSE bug 818181SUSE bug 818182SUSE bug 818183SUSE bug 818182SUSE bug 818183SUSE bug 818183SUSE bug 818181SUSE bug 818181SUSE bug 818182SUSE bug 818182SUSE bug 818183SUSE bug 818183SUSE bug 818183CVE-2013-2062openSUSE Leap 42.1
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.
ModerateCVE-2013-2062SUSE bug 815451SUSE bug 821668SUSE bug 821668SUSE bug 821668SUSE bug 821668SUSE bug 821668SUSE bug 821668SUSE bug 821668SUSE bug 815451SUSE bug 821668SUSE bug 880221CVE-2013-2063openSUSE Leap 42.1
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
ModerateCVE-2013-2063SUSE bug 815451SUSE bug 821663CVE-2013-2064openSUSE Leap 42.1
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
ModerateCVE-2013-2064SUSE bug 815451SUSE bug 821584SUSE bug 821584SUSE bug 821584SUSE bug 821584SUSE bug 815451SUSE bug 815451SUSE bug 821584SUSE bug 821584SUSE bug 815451SUSE bug 821584SUSE bug 821584SUSE bug 821584SUSE bug 821584CVE-2013-2066openSUSE Leap 42.1
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.
ModerateCVE-2013-2066SUSE bug 815451SUSE bug 821671SUSE bug 880221CVE-2013-2088openSUSE Leap 42.1
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
ModerateCVE-2013-2088SUSE bug 821505SUSE bug 821505CVE-2013-2112openSUSE Leap 42.1
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
LowCVE-2013-2112SUSE bug 821505SUSE bug 821505CVE-2013-2126openSUSE Leap 42.1
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
ModerateCVE-2013-2126SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 823113SUSE bug 823114SUSE bug 823114SUSE bug 823114SUSE bug 823114SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 823113SUSE bug 823114SUSE bug 822665SUSE bug 823113SUSE bug 823113SUSE bug 823113SUSE bug 822665CVE-2013-2127openSUSE Leap 42.1
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2013-2127SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665SUSE bug 822665CVE-2013-2142openSUSE Leap 42.1
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem in /tmp/root/.config/libimobiledevice/.
LowCVE-2013-2142SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250SUSE bug 823250CVE-2013-2168openSUSE Leap 42.1
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
ModerateCVE-2013-2168SUSE bug 824607SUSE bug 824607SUSE bug 824607SUSE bug 824607SUSE bug 824607SUSE bug 824607SUSE bug 824607SUSE bug 824607CVE-2013-2174openSUSE Leap 42.1
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
ImportantCVE-2013-2174SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 824517SUSE bug 917692SUSE bug 824517CVE-2013-2186openSUSE Leap 42.1
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
ImportantCVE-2013-2186SUSE bug 846174SUSE bug 846174SUSE bug 846174SUSE bug 846174SUSE bug 846174SUSE bug 846174SUSE bug 846174CVE-2013-2207openSUSE Leap 42.1
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
ModerateCVE-2013-2207SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257SUSE bug 830257CVE-2013-2214openSUSE Leap 42.1
status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain sensitive information about hostnames via the servicegroup (1) overview, (2) summary, or (3) grid style in status.cgi. NOTE: this behavior is by design in most 3.x versions, but the upstream vendor "decided to change it for Nagios 4" and 3.5.1.
ModerateCVE-2013-2214SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020SUSE bug 827020CVE-2013-2217openSUSE Leap 42.1
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.
ModerateCVE-2013-2217SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568SUSE bug 827568CVE-2013-2218openSUSE Leap 42.1
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command.
ModerateCVE-2013-2218SUSE bug 827741CVE-2013-2230openSUSE Leap 42.1
The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."
LowCVE-2013-2230SUSE bug 827801SUSE bug 827801SUSE bug 827801SUSE bug 827801SUSE bug 827801CVE-2013-2236openSUSE Leap 42.1
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.
ImportantCVE-2013-2236SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117SUSE bug 828117CVE-2013-2249openSUSE Leap 42.1
mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
ModerateCVE-2013-2249SUSE bug 831113SUSE bug 831113SUSE bug 831113CVE-2013-2266openSUSE Leap 42.1
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
ModerateCVE-2013-2266SUSE bug 811876SUSE bug 811934SUSE bug 811876SUSE bug 811934SUSE bug 811876SUSE bug 811934SUSE bug 811876SUSE bug 811934SUSE bug 811876SUSE bug 811934SUSE bug 811876SUSE bug 811934SUSE bug 811934SUSE bug 811934SUSE bug 811934SUSE bug 811876SUSE bug 811934CVE-2013-2475openSUSE Leap 42.1
The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2475SUSE bug 807942CVE-2013-2476openSUSE Leap 42.1
The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.
ModerateCVE-2013-2476SUSE bug 807942CVE-2013-2477openSUSE Leap 42.1
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2477SUSE bug 807942CVE-2013-2478openSUSE Leap 42.1
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string.
ModerateCVE-2013-2478SUSE bug 807942CVE-2013-2479openSUSE Leap 42.1
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.
ModerateCVE-2013-2479SUSE bug 807942CVE-2013-2480openSUSE Leap 42.1
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2480SUSE bug 807942CVE-2013-2481openSUSE Leap 42.1
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
ModerateCVE-2013-2481SUSE bug 807942CVE-2013-2482openSUSE Leap 42.1
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-2482SUSE bug 807942CVE-2013-2483openSUSE Leap 42.1
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.
ModerateCVE-2013-2483SUSE bug 807942CVE-2013-2484openSUSE Leap 42.1
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-2484SUSE bug 807942CVE-2013-2485openSUSE Leap 42.1
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
ModerateCVE-2013-2485SUSE bug 807942CVE-2013-2486openSUSE Leap 42.1
The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.
ImportantCVE-2013-2486SUSE bug 807942SUSE bug 820566SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-2487openSUSE Leap 42.1
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.
ModerateCVE-2013-2487SUSE bug 807942SUSE bug 820566SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-2488openSUSE Leap 42.1
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
ModerateCVE-2013-2488SUSE bug 807942CVE-2013-2492openSUSE Leap 42.1
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
CriticalCVE-2013-2492SUSE bug 808268SUSE bug 808268SUSE bug 808268SUSE bug 808268SUSE bug 808268CVE-2013-2850openSUSE Leap 42.1
Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.
CriticalCVE-2013-2850SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560SUSE bug 821560CVE-2013-3495openSUSE Leap 42.1
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI).
ModerateCVE-2013-3495SUSE bug 826717SUSE bug 826717SUSE bug 826717SUSE bug 826717SUSE bug 826717SUSE bug 826717SUSE bug 903970SUSE bug 826717SUSE bug 826717SUSE bug 826717CVE-2013-3555openSUSE Leap 42.1
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3555SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3556openSUSE Leap 42.1
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ModerateCVE-2013-3556SUSE bug 820973SUSE bug 820566SUSE bug 820973SUSE bug 820973CVE-2013-3557openSUSE Leap 42.1
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-3557SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3558openSUSE Leap 42.1
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-3558SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3559openSUSE Leap 42.1
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
ImportantCVE-2013-3559SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3560openSUSE Leap 42.1
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-3560SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3561openSUSE Leap 42.1
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
ModerateCVE-2013-3561SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-3562openSUSE Leap 42.1
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
ImportantCVE-2013-3562SUSE bug 820973SUSE bug 820566SUSE bug 820973CVE-2013-4083openSUSE Leap 42.1
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ImportantCVE-2013-4083SUSE bug 824900SUSE bug 831718CVE-2013-4113openSUSE Leap 42.1
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.
ImportantCVE-2013-4113SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207SUSE bug 829207CVE-2013-4118openSUSE Leap 42.1
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
ImportantCVE-2013-4118SUSE bug 829013SUSE bug 829013SUSE bug 829013CVE-2013-4124openSUSE Leap 42.1
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
ModerateCVE-2013-4124SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969SUSE bug 829969CVE-2013-4131openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root.
ModerateCVE-2013-4131SUSE bug 830031SUSE bug 830031SUSE bug 830031SUSE bug 830031SUSE bug 830031CVE-2013-4143openSUSE Leap 42.1
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to invalid salts.
ModerateCVE-2013-4143SUSE bug 829859SUSE bug 829859SUSE bug 829859CVE-2013-4148openSUSE Leap 42.1
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
ModerateCVE-2013-4148SUSE bug 864812SUSE bug 871442SUSE bug 864812SUSE bug 864812SUSE bug 864812SUSE bug 864812SUSE bug 864812SUSE bug 864812SUSE bug 864812SUSE bug 964630SUSE bug 964630CVE-2013-4149openSUSE Leap 42.1
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
ModerateCVE-2013-4149SUSE bug 864649SUSE bug 864649SUSE bug 871442SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 864649SUSE bug 964443SUSE bug 864649SUSE bug 964443CVE-2013-4150openSUSE Leap 42.1
The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_queues, which triggers an out-of-bounds write.
ModerateCVE-2013-4150SUSE bug 864650SUSE bug 864650SUSE bug 871442SUSE bug 864650SUSE bug 864650SUSE bug 864650SUSE bug 864650SUSE bug 864650SUSE bug 864650SUSE bug 864650CVE-2013-4151openSUSE Leap 42.1
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
ModerateCVE-2013-4151SUSE bug 864653SUSE bug 864653SUSE bug 871442SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 864653SUSE bug 964636SUSE bug 964636CVE-2013-4153openSUSE Leap 42.1
Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command.
ImportantCVE-2013-4153SUSE bug 830497SUSE bug 830498SUSE bug 830497SUSE bug 830497CVE-2013-4154openSUSE Leap 42.1
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command.
ModerateCVE-2013-4154SUSE bug 830498SUSE bug 830498SUSE bug 830498CVE-2013-4231openSUSE Leap 42.1
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.
ModerateCVE-2013-4231SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 854393SUSE bug 834477CVE-2013-4232openSUSE Leap 42.1
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.
ModerateCVE-2013-4232SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 834477SUSE bug 854393SUSE bug 834477CVE-2013-4233openSUSE Leap 42.1
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.
ImportantCVE-2013-4233SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 1022032SUSE bug 834483CVE-2013-4234openSUSE Leap 42.1
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.
ImportantCVE-2013-4234SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 834483SUSE bug 1022032SUSE bug 834483CVE-2013-4237openSUSE Leap 42.1
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
ImportantCVE-2013-4237SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 882910SUSE bug 882910SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 834594SUSE bug 920055CVE-2013-4238openSUSE Leap 42.1
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2013-4238SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 839107SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 834601SUSE bug 882915SUSE bug 834601SUSE bug 834601SUSE bug 834601CVE-2013-4239openSUSE Leap 42.1
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
ImportantCVE-2013-4239SUSE bug 834598SUSE bug 834598SUSE bug 834598CVE-2013-4242openSUSE Leap 42.1
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
ModerateCVE-2013-4242SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359SUSE bug 831359CVE-2013-4243openSUSE Leap 42.1
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
ModerateCVE-2013-4243SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 834779SUSE bug 854393CVE-2013-4244openSUSE Leap 42.1
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.
ModerateCVE-2013-4244SUSE bug 834788SUSE bug 834788SUSE bug 834788SUSE bug 834788SUSE bug 834788SUSE bug 834788SUSE bug 854393SUSE bug 834788CVE-2013-4246openSUSE Leap 42.1
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
ImportantCVE-2013-4246SUSE bug 836245CVE-2013-4248openSUSE Leap 42.1
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2013-4248SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746SUSE bug 837746CVE-2013-4262openSUSE Leap 42.1
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foreground mode, allows local users to gain privileges via a symlink attack on the pid file. NOTE: this issue was SPLIT due to different affected versions (ADT3). The irkerbridge.py issue is covered by CVE-2013-7393.
ModerateCVE-2013-4262SUSE bug 844201SUSE bug 844201CVE-2013-4276openSUSE Leap 42.1
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
ModerateCVE-2013-4276SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716SUSE bug 843716CVE-2013-4277openSUSE Leap 42.1
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option.
ImportantCVE-2013-4277SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245SUSE bug 836245CVE-2013-4282openSUSE Leap 42.1
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
ImportantCVE-2013-4282SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279SUSE bug 848279CVE-2013-4288openSUSE Leap 42.1
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck.
ImportantCVE-2013-4288SUSE bug 835827SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 836931SUSE bug 835827SUSE bug 835827SUSE bug 844967SUSE bug 835827SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 836939SUSE bug 854144SUSE bug 852368SUSE bug 864716SUSE bug 864716CVE-2013-4289openSUSE Leap 42.1
Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow.
ImportantCVE-2013-4289SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879CVE-2013-4290openSUSE Leap 42.1
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
ImportantCVE-2013-4290SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879SUSE bug 839879CVE-2013-4296openSUSE Leap 42.1
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.
ImportantCVE-2013-4296SUSE bug 838638SUSE bug 838638SUSE bug 838638SUSE bug 836931SUSE bug 838638SUSE bug 838638SUSE bug 838638SUSE bug 838638SUSE bug 838638SUSE bug 838638SUSE bug 838638CVE-2013-4297openSUSE Leap 42.1
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
ModerateCVE-2013-4297SUSE bug 838642SUSE bug 838642CVE-2013-4311openSUSE Leap 42.1
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
ImportantCVE-2013-4311SUSE bug 836931SUSE bug 838638SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 836931SUSE bug 864716CVE-2013-4314openSUSE Leap 42.1
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2013-4314SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107SUSE bug 839107CVE-2013-4325openSUSE Leap 42.1
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.
ImportantCVE-2013-4325SUSE bug 836937SUSE bug 836937SUSE bug 836937SUSE bug 836937SUSE bug 836937SUSE bug 808355SUSE bug 836937SUSE bug 836937SUSE bug 836937SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 852368SUSE bug 836937SUSE bug 852368SUSE bug 836937SUSE bug 836937SUSE bug 836937SUSE bug 864716CVE-2013-4326openSUSE Leap 42.1
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
ImportantCVE-2013-4326SUSE bug 836939SUSE bug 836939SUSE bug 836931SUSE bug 836932SUSE bug 836937SUSE bug 836939SUSE bug 864716CVE-2013-4332openSUSE Leap 42.1
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
ModerateCVE-2013-4332SUSE bug 839870SUSE bug 839870SUSE bug 839870SUSE bug 839870SUSE bug 882910SUSE bug 882910SUSE bug 839870SUSE bug 839870SUSE bug 839870SUSE bug 839870SUSE bug 839870CVE-2013-4342openSUSE Leap 42.1
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
LowCVE-2013-4342SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 855685SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 882917SUSE bug 844230SUSE bug 882917SUSE bug 844230SUSE bug 844230SUSE bug 844230SUSE bug 882917SUSE bug 882917SUSE bug 882917SUSE bug 882917SUSE bug 844230CVE-2013-4349openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4540. Reason: This candidate was MERGED into CVE-2012-4540, since it was later discovered that it affected an additional version, but it does not constitute a regression error. Notes: All CVE users should reference CVE-2012-4540 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CriticalCVE-2013-4349SUSE bug 840572SUSE bug 840572SUSE bug 840572SUSE bug 840572SUSE bug 840572SUSE bug 840572SUSE bug 840572CVE-2013-4351openSUSE Leap 42.1
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
LowCVE-2013-4351SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510SUSE bug 840510CVE-2013-4353openSUSE Leap 42.1
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
ModerateCVE-2013-4353SUSE bug 857640SUSE bug 857640SUSE bug 857640CVE-2013-4355openSUSE Leap 42.1
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory.
ModerateCVE-2013-4355SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592SUSE bug 840592CVE-2013-4356openSUSE Leap 42.1
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).
ImportantCVE-2013-4356SUSE bug 840593SUSE bug 840593SUSE bug 840593SUSE bug 840593CVE-2013-4361openSUSE Leap 42.1
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.
ModerateCVE-2013-4361SUSE bug 841766SUSE bug 841766SUSE bug 840592SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766SUSE bug 841766CVE-2013-4375openSUSE Leap 42.1
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
LowCVE-2013-4375SUSE bug 842515SUSE bug 842515SUSE bug 842515SUSE bug 840592SUSE bug 842515SUSE bug 842515SUSE bug 842515SUSE bug 842515SUSE bug 842515CVE-2013-4396openSUSE Leap 42.1
Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.
ImportantCVE-2013-4396SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652SUSE bug 843652CVE-2013-4399openSUSE Leap 42.1
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.
ModerateCVE-2013-4399SUSE bug 844052SUSE bug 844052SUSE bug 842300SUSE bug 844052SUSE bug 844052SUSE bug 844052CVE-2013-4400openSUSE Leap 42.1
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
ImportantCVE-2013-4400SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609SUSE bug 837609CVE-2013-4401openSUSE Leap 42.1
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information.
ImportantCVE-2013-4401SUSE bug 845704SUSE bug 845704SUSE bug 845704SUSE bug 845704SUSE bug 845704CVE-2013-4402openSUSE Leap 42.1
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
CriticalCVE-2013-4402SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 844175SUSE bug 941439SUSE bug 941439SUSE bug 941439SUSE bug 941439SUSE bug 941439SUSE bug 941439CVE-2013-4408openSUSE Leap 42.1
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.
ImportantCVE-2013-4408SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 848101SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 844720SUSE bug 882906SUSE bug 844720SUSE bug 844720CVE-2013-4416openSUSE Leap 42.1
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
ModerateCVE-2013-4416SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 840592SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520SUSE bug 845520CVE-2013-4440openSUSE Leap 42.1
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.
ModerateCVE-2013-4440SUSE bug 846397SUSE bug 846397SUSE bug 846397SUSE bug 846397CVE-2013-4442openSUSE Leap 42.1
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.
ModerateCVE-2013-4442SUSE bug 846397CVE-2013-4458openSUSE Leap 42.1
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
ModerateCVE-2013-4458SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 883217SUSE bug 847227SUSE bug 847227SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 847227SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 941444SUSE bug 847227SUSE bug 941444SUSE bug 955181SUSE bug 955181SUSE bug 955181SUSE bug 955181SUSE bug 955181SUSE bug 955181SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 847227SUSE bug 967023SUSE bug 847227SUSE bug 941444SUSE bug 955181SUSE bug 980483SUSE bug 941444SUSE bug 955181SUSE bug 847227SUSE bug 847227SUSE bug 847227CVE-2013-4473openSUSE Leap 42.1
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
ModerateCVE-2013-4473SUSE bug 847907SUSE bug 847907SUSE bug 847907CVE-2013-4474openSUSE Leap 42.1
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.
ModerateCVE-2013-4474SUSE bug 847907SUSE bug 847907SUSE bug 847907CVE-2013-4475openSUSE Leap 42.1
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).
ModerateCVE-2013-4475SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 848101SUSE bug 880220SUSE bug 848101SUSE bug 848101CVE-2013-4476openSUSE Leap 42.1
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.
ModerateCVE-2013-4476SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103SUSE bug 848103CVE-2013-4494openSUSE Leap 42.1
Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.
ModerateCVE-2013-4494SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657SUSE bug 848657CVE-2013-4496openSUSE Leap 42.1
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.
ModerateCVE-2013-4496SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 849224SUSE bug 866844SUSE bug 849224SUSE bug 849224SUSE bug 849224CVE-2013-4505openSUSE Leap 42.1
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request.
LowCVE-2013-4505SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850747SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 850667SUSE bug 862459CVE-2013-4509openSUSE Leap 42.1
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
ModerateCVE-2013-4509SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718SUSE bug 847718CVE-2013-4526openSUSE Leap 42.1
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
ModerateCVE-2013-4526SUSE bug 864671SUSE bug 864671SUSE bug 871442SUSE bug 864671SUSE bug 864671SUSE bug 864671SUSE bug 864671SUSE bug 864671SUSE bug 864671SUSE bug 864671CVE-2013-4527openSUSE Leap 42.1
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
ModerateCVE-2013-4527SUSE bug 864673SUSE bug 864673SUSE bug 871442SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 864673SUSE bug 964746SUSE bug 964746SUSE bug 964746SUSE bug 964746SUSE bug 964746CVE-2013-4529openSUSE Leap 42.1
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
ModerateCVE-2013-4529SUSE bug 864678SUSE bug 864678SUSE bug 871442SUSE bug 864678SUSE bug 864678SUSE bug 864678SUSE bug 864678SUSE bug 864678SUSE bug 864678SUSE bug 864678SUSE bug 964929SUSE bug 964929SUSE bug 964929SUSE bug 964929SUSE bug 964929CVE-2013-4530openSUSE Leap 42.1
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
ModerateCVE-2013-4530SUSE bug 864682SUSE bug 864682SUSE bug 871442SUSE bug 864682SUSE bug 864682SUSE bug 864682SUSE bug 864682SUSE bug 864682SUSE bug 864682SUSE bug 864682SUSE bug 964950SUSE bug 964950SUSE bug 964950SUSE bug 964950CVE-2013-4531openSUSE Leap 42.1
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
ModerateCVE-2013-4531SUSE bug 864796SUSE bug 864796SUSE bug 871442SUSE bug 864796SUSE bug 864796SUSE bug 864796SUSE bug 864796SUSE bug 864796SUSE bug 864796SUSE bug 864796SUSE bug 864796CVE-2013-4533openSUSE Leap 42.1
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
ModerateCVE-2013-4533SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 871442SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 864655SUSE bug 964644SUSE bug 964644SUSE bug 964644SUSE bug 964644CVE-2013-4534openSUSE Leap 42.1
Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.
ModerateCVE-2013-4534SUSE bug 864811SUSE bug 871442SUSE bug 864811SUSE bug 864811SUSE bug 864811SUSE bug 864811SUSE bug 864811SUSE bug 864811SUSE bug 864811SUSE bug 964452SUSE bug 864811SUSE bug 964452SUSE bug 964452SUSE bug 964452SUSE bug 964452CVE-2013-4535openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2013-4535SUSE bug 864665SUSE bug 964676CVE-2013-4536openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2013-4536SUSE bug 864665SUSE bug 864665SUSE bug 871442SUSE bug 864665SUSE bug 864665SUSE bug 864665SUSE bug 864665SUSE bug 864665SUSE bug 864665SUSE bug 864665SUSE bug 964676SUSE bug 964676CVE-2013-4537openSUSE Leap 42.1
The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.
ModerateCVE-2013-4537SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 871442SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 864391SUSE bug 962642SUSE bug 864391SUSE bug 962642SUSE bug 962642SUSE bug 962642SUSE bug 962642CVE-2013-4538openSUSE Leap 42.1
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.
ImportantCVE-2013-4538SUSE bug 864769SUSE bug 871442SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 864769SUSE bug 962335SUSE bug 864769SUSE bug 962335SUSE bug 962335SUSE bug 962335CVE-2013-4539openSUSE Leap 42.1
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.
ModerateCVE-2013-4539SUSE bug 864805SUSE bug 871442SUSE bug 864805SUSE bug 864805SUSE bug 864805SUSE bug 864805SUSE bug 864805SUSE bug 864805SUSE bug 864805SUSE bug 962758SUSE bug 864805SUSE bug 962758SUSE bug 962758SUSE bug 962758SUSE bug 962758CVE-2013-4540openSUSE Leap 42.1
Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
ModerateCVE-2013-4540SUSE bug 864801SUSE bug 871442SUSE bug 864801SUSE bug 864801SUSE bug 864801SUSE bug 864801SUSE bug 864801SUSE bug 864801SUSE bug 880751SUSE bug 880751SUSE bug 864801SUSE bug 864801SUSE bug 864801SUSE bug 864801CVE-2013-4541openSUSE Leap 42.1
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.
ModerateCVE-2013-4541SUSE bug 864802SUSE bug 864802SUSE bug 871442SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802SUSE bug 864802CVE-2013-4542openSUSE Leap 42.1
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
ModerateCVE-2013-4542SUSE bug 864804SUSE bug 871442SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804SUSE bug 864804CVE-2013-4544openSUSE Leap 42.1
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
ModerateCVE-2013-4544SUSE bug 873613SUSE bug 873613SUSE bug 873613SUSE bug 873613CVE-2013-4545openSUSE Leap 42.1
cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
ModerateCVE-2013-4545SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 849596SUSE bug 870444SUSE bug 849596SUSE bug 882520SUSE bug 880252SUSE bug 924250SUSE bug 924250SUSE bug 924250CVE-2013-4549openSUSE Leap 42.1
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
ModerateCVE-2013-4549SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 856832SUSE bug 1039291SUSE bug 1039291SUSE bug 1039291CVE-2013-4551openSUSE Leap 42.1
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution."
ModerateCVE-2013-4551SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 848657SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 849665SUSE bug 849665CVE-2013-4553openSUSE Leap 42.1
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
ModerateCVE-2013-4553SUSE bug 849667SUSE bug 848657SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849668SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667SUSE bug 849667CVE-2013-4554openSUSE Leap 42.1
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
ImportantCVE-2013-4554SUSE bug 849668SUSE bug 848657SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668SUSE bug 849668CVE-2013-4558openSUSE Leap 42.1
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service (assertion failure and Apache process abort) via a non-canonical URL in a request, as demonstrated using a trailing /.
LowCVE-2013-4558SUSE bug 850667SUSE bug 850667SUSE bug 850747SUSE bug 862459CVE-2013-4701openSUSE Leap 42.1
Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
ModerateCVE-2013-4701SUSE bug 1082714CVE-2013-4758openSUSE Leap 42.1
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
ImportantCVE-2013-4758SUSE bug 828140SUSE bug 828140SUSE bug 828140CVE-2013-4854openSUSE Leap 42.1
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
ImportantCVE-2013-4854SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899SUSE bug 831899CVE-2013-4920openSUSE Leap 42.1
The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4920SUSE bug 831718CVE-2013-4921openSUSE Leap 42.1
Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4921SUSE bug 831718CVE-2013-4922openSUSE Leap 42.1
Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4922SUSE bug 831718CVE-2013-4923openSUSE Leap 42.1
Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.
ModerateCVE-2013-4923SUSE bug 831718CVE-2013-4924openSUSE Leap 42.1
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
ModerateCVE-2013-4924SUSE bug 831718CVE-2013-4925openSUSE Leap 42.1
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet.
ModerateCVE-2013-4925SUSE bug 831718CVE-2013-4926openSUSE Leap 42.1
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4926SUSE bug 831718CVE-2013-4927openSUSE Leap 42.1
Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.
ModerateCVE-2013-4927SUSE bug 831718CVE-2013-4928openSUSE Leap 42.1
Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2013-4928SUSE bug 831718CVE-2013-4929openSUSE Leap 42.1
The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.
ModerateCVE-2013-4929SUSE bug 831718CVE-2013-4930openSUSE Leap 42.1
The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.
ModerateCVE-2013-4930SUSE bug 831718CVE-2013-4931openSUSE Leap 42.1
epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.
ModerateCVE-2013-4931SUSE bug 831718CVE-2013-4932openSUSE Leap 42.1
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4932SUSE bug 831718CVE-2013-4933openSUSE Leap 42.1
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
ModerateCVE-2013-4933SUSE bug 831718CVE-2013-4934openSUSE Leap 42.1
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.
ModerateCVE-2013-4934SUSE bug 831718CVE-2013-4935openSUSE Leap 42.1
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-4935SUSE bug 831718CVE-2013-4936openSUSE Leap 42.1
The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2013-4936SUSE bug 831718CVE-2013-5123openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2013-5123SUSE bug 864406SUSE bug 864406SUSE bug 864406SUSE bug 864406CVE-2013-5211openSUSE Leap 42.1
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
ModerateCVE-2013-5211SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 889447SUSE bug 857195SUSE bug 889447SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 857195SUSE bug 959243SUSE bug 959243SUSE bug 959243CVE-2013-5590openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5590SUSE bug 847708CVE-2013-5591openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5591SUSE bug 847708CVE-2013-5592openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5592SUSE bug 847708CVE-2013-5593openSUSE Leap 42.1
The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.
ImportantCVE-2013-5593SUSE bug 847708CVE-2013-5595openSUSE Leap 42.1
The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.
ImportantCVE-2013-5595SUSE bug 847708CVE-2013-5596openSUSE Leap 42.1
The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
ImportantCVE-2013-5596SUSE bug 847708CVE-2013-5597openSUSE Leap 42.1
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.
ImportantCVE-2013-5597SUSE bug 847708CVE-2013-5598openSUSE Leap 42.1
PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.
ImportantCVE-2013-5598SUSE bug 847708CVE-2013-5599openSUSE Leap 42.1
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
ImportantCVE-2013-5599SUSE bug 847708CVE-2013-5600openSUSE Leap 42.1
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.
ImportantCVE-2013-5600SUSE bug 847708CVE-2013-5601openSUSE Leap 42.1
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.
ImportantCVE-2013-5601SUSE bug 847708CVE-2013-5602openSUSE Leap 42.1
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.
ImportantCVE-2013-5602SUSE bug 847708CVE-2013-5603openSUSE Leap 42.1
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.
ImportantCVE-2013-5603SUSE bug 847708CVE-2013-5604openSUSE Leap 42.1
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
ImportantCVE-2013-5604SUSE bug 847708CVE-2013-5605openSUSE Leap 42.1
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
ImportantCVE-2013-5605SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148SUSE bug 850148CVE-2013-5609openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5609SUSE bug 854370CVE-2013-5610openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2013-5610SUSE bug 854370CVE-2013-5611openSUSE Leap 42.1
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
ModerateCVE-2013-5611SUSE bug 854370CVE-2013-5612openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
ModerateCVE-2013-5612SUSE bug 854370CVE-2013-5613openSUSE Leap 42.1
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
ImportantCVE-2013-5613SUSE bug 854370CVE-2013-5614openSUSE Leap 42.1
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
ModerateCVE-2013-5614SUSE bug 854370CVE-2013-5615openSUSE Leap 42.1
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
ModerateCVE-2013-5615SUSE bug 854370CVE-2013-5616openSUSE Leap 42.1
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
ImportantCVE-2013-5616SUSE bug 854370CVE-2013-5618openSUSE Leap 42.1
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
ImportantCVE-2013-5618SUSE bug 854370CVE-2013-5619openSUSE Leap 42.1
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
ModerateCVE-2013-5619SUSE bug 854370CVE-2013-5653openSUSE Leap 42.1
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
ImportantCVE-2013-5653SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1036453SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951CVE-2013-5704openSUSE Leap 42.1
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
LowCVE-2013-5704SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 914535SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 871310SUSE bug 930944SUSE bug 930944SUSE bug 930944SUSE bug 930944SUSE bug 871310SUSE bug 915666SUSE bug 871310SUSE bug 938728SUSE bug 938728SUSE bug 938728SUSE bug 930944SUSE bug 930944SUSE bug 930944SUSE bug 930944SUSE bug 930944SUSE bug 930944CVE-2013-5717openSUSE Leap 42.1
The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.
ModerateCVE-2013-5717SUSE bug 839607CVE-2013-5718openSUSE Leap 42.1
The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5718SUSE bug 839607CVE-2013-5719openSUSE Leap 42.1
epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2013-5719SUSE bug 839607CVE-2013-5720openSUSE Leap 42.1
Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5720SUSE bug 839607CVE-2013-5721openSUSE Leap 42.1
The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5721SUSE bug 839607CVE-2013-5722openSUSE Leap 42.1
Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-5722SUSE bug 839607CVE-2013-6045openSUSE Leap 42.1
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
ImportantCVE-2013-6045SUSE bug 853644SUSE bug 853838SUSE bug 853838SUSE bug 853838SUSE bug 853838SUSE bug 853838SUSE bug 853838SUSE bug 853838CVE-2013-6052openSUSE Leap 42.1
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
ModerateCVE-2013-6052SUSE bug 853644SUSE bug 853644CVE-2013-6053openSUSE Leap 42.1
OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
ModerateCVE-2013-6053SUSE bug 853644SUSE bug 853644CVE-2013-6054openSUSE Leap 42.1
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.
ModerateCVE-2013-6054SUSE bug 853644SUSE bug 853644CVE-2013-6336openSUSE Leap 42.1
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6336CVE-2013-6337openSUSE Leap 42.1
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6337SUSE bug 848738SUSE bug 848738SUSE bug 848738SUSE bug 848738CVE-2013-6338openSUSE Leap 42.1
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6338CVE-2013-6339openSUSE Leap 42.1
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.
ModerateCVE-2013-6339CVE-2013-6340openSUSE Leap 42.1
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-6340CVE-2013-6369openSUSE Leap 42.1
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.
ModerateCVE-2013-6369SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855SUSE bug 870855CVE-2013-6370openSUSE Leap 42.1
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2013-6370SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147CVE-2013-6371openSUSE Leap 42.1
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
ModerateCVE-2013-6371SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147SUSE bug 870147CVE-2013-6393openSUSE Leap 42.1
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
ModerateCVE-2013-6393SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 911782SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617SUSE bug 860617CVE-2013-6399openSUSE Leap 42.1
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
ModerateCVE-2013-6399SUSE bug 864814SUSE bug 871442SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 864814SUSE bug 964643SUSE bug 964643CVE-2013-6402openSUSE Leap 42.1
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
ImportantCVE-2013-6402SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368SUSE bug 852368CVE-2013-6420openSUSE Leap 42.1
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
ImportantCVE-2013-6420SUSE bug 854880SUSE bug 854880SUSE bug 854880SUSE bug 854880SUSE bug 854880SUSE bug 854880SUSE bug 854880SUSE bug 854880CVE-2013-6424openSUSE Leap 42.1
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
ModerateCVE-2013-6424SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846SUSE bug 853846CVE-2013-6427openSUSE Leap 42.1
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream.
ModerateCVE-2013-6427SUSE bug 853405SUSE bug 853405SUSE bug 853405SUSE bug 852368SUSE bug 853405SUSE bug 853405SUSE bug 853405SUSE bug 853405SUSE bug 853405SUSE bug 900460SUSE bug 853405SUSE bug 933191CVE-2013-6435openSUSE Leap 42.1
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
ImportantCVE-2013-6435SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 906803SUSE bug 908128SUSE bug 908128SUSE bug 906803SUSE bug 906803CVE-2013-6436openSUSE Leap 42.1
The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) via a guest in the shutdown status, as demonstrated by the "virsh memtune" command.
ModerateCVE-2013-6436SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486SUSE bug 854486CVE-2013-6438openSUSE Leap 42.1
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
ModerateCVE-2013-6438SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 887765SUSE bug 869105SUSE bug 869105SUSE bug 869106SUSE bug 869105SUSE bug 869105SUSE bug 869106SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 869105SUSE bug 869105CVE-2013-6442openSUSE Leap 42.1
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.
ImportantCVE-2013-6442SUSE bug 855866SUSE bug 855866SUSE bug 855866SUSE bug 855866SUSE bug 855866SUSE bug 855866CVE-2013-6449openSUSE Leap 42.1
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.
ImportantCVE-2013-6449SUSE bug 856687SUSE bug 856687CVE-2013-6450openSUSE Leap 42.1
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
ModerateCVE-2013-6450SUSE bug 857203SUSE bug 857203SUSE bug 857203SUSE bug 861384SUSE bug 857203SUSE bug 857203SUSE bug 986238CVE-2013-6456openSUSE Leap 42.1
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.
ModerateCVE-2013-6456SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 868943SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490SUSE bug 857490CVE-2013-6457openSUSE Leap 42.1
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.
ModerateCVE-2013-6457SUSE bug 858824SUSE bug 858824SUSE bug 858824SUSE bug 858824CVE-2013-6458openSUSE Leap 42.1
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
ImportantCVE-2013-6458SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492SUSE bug 857492CVE-2013-6462openSUSE Leap 42.1
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file.
ImportantCVE-2013-6462SUSE bug 854915SUSE bug 854915SUSE bug 854915SUSE bug 854915SUSE bug 854915SUSE bug 854915SUSE bug 882908SUSE bug 882908SUSE bug 854915SUSE bug 854915CVE-2013-6473openSUSE Leap 42.1
Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.
ModerateCVE-2013-6473SUSE bug 866302SUSE bug 866302SUSE bug 866302CVE-2013-6474openSUSE Leap 42.1
Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
ModerateCVE-2013-6474SUSE bug 866302SUSE bug 866302SUSE bug 866302CVE-2013-6475openSUSE Leap 42.1
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
ModerateCVE-2013-6475SUSE bug 866302SUSE bug 866302SUSE bug 866302CVE-2013-6476openSUSE Leap 42.1
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
ModerateCVE-2013-6476SUSE bug 866302SUSE bug 866302SUSE bug 866302CVE-2013-6477openSUSE Leap 42.1
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.
ModerateCVE-2013-6477SUSE bug 861019SUSE bug 861019CVE-2013-6478openSUSE Leap 42.1
gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip.
ModerateCVE-2013-6478SUSE bug 861019CVE-2013-6479openSUSE Leap 42.1
util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.
ModerateCVE-2013-6479SUSE bug 861019SUSE bug 861019CVE-2013-6481openSUSE Leap 42.1
libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read.
ModerateCVE-2013-6481SUSE bug 861019SUSE bug 861019CVE-2013-6482openSUSE Leap 42.1
Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.
ModerateCVE-2013-6482SUSE bug 861019SUSE bug 861019CVE-2013-6483openSUSE Leap 42.1
The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.
ModerateCVE-2013-6483SUSE bug 861019SUSE bug 861019CVE-2013-6484openSUSE Leap 42.1
The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service (out-of-bounds write operation and application crash) by triggering a socket read error.
ModerateCVE-2013-6484SUSE bug 861019SUSE bug 861019CVE-2013-6485openSUSE Leap 42.1
Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data.
ModerateCVE-2013-6485SUSE bug 861019SUSE bug 861019CVE-2013-6486openSUSE Leap 42.1
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.
ImportantCVE-2013-6486SUSE bug 861019SUSE bug 861019CVE-2013-6487openSUSE Leap 42.1
Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.
ModerateCVE-2013-6487SUSE bug 861019SUSE bug 861019SUSE bug 878540SUSE bug 878540CVE-2013-6497openSUSE Leap 42.1
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
ModerateCVE-2013-6497SUSE bug 906077SUSE bug 906077SUSE bug 906077SUSE bug 906077SUSE bug 906077SUSE bug 906077SUSE bug 1040662SUSE bug 906077CVE-2013-6629openSUSE Leap 42.1
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
ImportantCVE-2013-6629SUSE bug 850430SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430CVE-2013-6630openSUSE Leap 42.1
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
ModerateCVE-2013-6630SUSE bug 850430CVE-2013-6671openSUSE Leap 42.1
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
ImportantCVE-2013-6671SUSE bug 854370CVE-2013-6672openSUSE Leap 42.1
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.
ModerateCVE-2013-6672SUSE bug 854370CVE-2013-6673openSUSE Leap 42.1
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
ModerateCVE-2013-6673SUSE bug 854370CVE-2013-6712openSUSE Leap 42.1
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
LowCVE-2013-6712SUSE bug 853045SUSE bug 853045SUSE bug 853045SUSE bug 853045SUSE bug 853045SUSE bug 853045SUSE bug 853045SUSE bug 853045CVE-2013-6887openSUSE Leap 42.1
OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
ModerateCVE-2013-6887SUSE bug 853644SUSE bug 853644CVE-2013-6954openSUSE Leap 42.1
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
ModerateCVE-2013-6954SUSE bug 856522SUSE bug 856522SUSE bug 856522SUSE bug 856522SUSE bug 856522SUSE bug 873872SUSE bug 873873SUSE bug 877429SUSE bug 877430CVE-2013-7073openSUSE Leap 42.1
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters.
ModerateCVE-2013-7073SUSE bug 1082714CVE-2013-7098openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2013-7098CVE-2013-7107openSUSE Leap 42.1
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and earlier allows remote attackers to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requirements for CVE-2013-7106.
ImportantCVE-2013-7107SUSE bug 859424SUSE bug 859424SUSE bug 859424SUSE bug 859424CVE-2013-7108openSUSE Leap 42.1
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read.
ModerateCVE-2013-7108SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837SUSE bug 856837CVE-2013-7112openSUSE Leap 42.1
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ImportantCVE-2013-7112SUSE bug 856498SUSE bug 856498SUSE bug 856498CVE-2013-7113openSUSE Leap 42.1
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2013-7113SUSE bug 856495SUSE bug 856495SUSE bug 856495SUSE bug 856495SUSE bug 856495CVE-2013-7114openSUSE Leap 42.1
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.
ImportantCVE-2013-7114SUSE bug 856496SUSE bug 856496SUSE bug 856496CVE-2013-7327openSUSE Leap 42.1
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.
ImportantCVE-2013-7327SUSE bug 864879SUSE bug 864879SUSE bug 864879SUSE bug 864879SUSE bug 864879CVE-2013-7345openSUSE Leap 42.1
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.
ModerateCVE-2013-7345SUSE bug 869906SUSE bug 869906SUSE bug 869906SUSE bug 869906SUSE bug 869906SUSE bug 869906SUSE bug 883306SUSE bug 883306SUSE bug 987530CVE-2013-7353openSUSE Leap 42.1
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
ModerateCVE-2013-7353SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124SUSE bug 873124CVE-2013-7354openSUSE Leap 42.1
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
ModerateCVE-2013-7354SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123SUSE bug 873123CVE-2013-7423openSUSE Leap 42.1
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
ModerateCVE-2013-7423SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526SUSE bug 915526CVE-2013-7437openSUSE Leap 42.1
Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service (crash) via large dimensions in a BMP image, which triggers a buffer overflow.
LowCVE-2013-7437SUSE bug 924904SUSE bug 924904SUSE bug 924904SUSE bug 924904SUSE bug 924904SUSE bug 924904SUSE bug 924904CVE-2013-7446openSUSE Leap 42.1
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
ImportantCVE-2013-7446SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955837SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955837SUSE bug 955654SUSE bug 955654SUSE bug 955654CVE-2013-7447openSUSE Leap 42.1
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.
ModerateCVE-2013-7447SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682SUSE bug 966682CVE-2013-7456openSUSE Leap 42.1
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.
ModerateCVE-2013-7456SUSE bug 982009SUSE bug 982009SUSE bug 982009SUSE bug 982009SUSE bug 982009CVE-2013-7458openSUSE Leap 42.1
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history, which allows local users to obtain sensitive information by reading the file.
LowCVE-2013-7458SUSE bug 991250SUSE bug 991250SUSE bug 991387SUSE bug 991250CVE-2013-7459openSUSE Leap 42.1
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
ImportantCVE-2013-7459SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1047666SUSE bug 1047666SUSE bug 1047666SUSE bug 1047666SUSE bug 1047666SUSE bug 1047666SUSE bug 1017420SUSE bug 1047666SUSE bug 1017420SUSE bug 1047666SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1017420SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1087140SUSE bug 1017420CVE-2014-0004openSUSE Leap 42.1
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
ImportantCVE-2014-0004SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854SUSE bug 865854CVE-2014-0011openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0011SUSE bug 869307SUSE bug 869307SUSE bug 869307SUSE bug 869307SUSE bug 900896CVE-2014-0015openSUSE Leap 42.1
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
ImportantCVE-2014-0015SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 858673SUSE bug 868627SUSE bug 858673SUSE bug 868627SUSE bug 880252SUSE bug 882520SUSE bug 880252SUSE bug 880252SUSE bug 880252SUSE bug 880252SUSE bug 858673SUSE bug 880252SUSE bug 858673SUSE bug 927556SUSE bug 858673SUSE bug 962983SUSE bug 858673CVE-2014-0017openSUSE Leap 42.1
The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision.
ModerateCVE-2014-0017SUSE bug 866278SUSE bug 866286SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866286SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866278SUSE bug 866286CVE-2014-0020openSUSE Leap 42.1
The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.
ModerateCVE-2014-0020SUSE bug 861019SUSE bug 861019SUSE bug 861019CVE-2014-0028openSUSE Leap 42.1
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
ModerateCVE-2014-0028SUSE bug 859051SUSE bug 859051SUSE bug 859051CVE-2014-0032openSUSE Leap 42.1
The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via vectors related to the server root and request methods other than GET, as demonstrated by the "svn ls http://svn.example.com" command.
ModerateCVE-2014-0032SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459SUSE bug 862459CVE-2014-0038openSUSE Leap 42.1
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
CriticalCVE-2014-0038SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993SUSE bug 860993CVE-2014-0050openSUSE Leap 42.1
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
ImportantCVE-2014-0050SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781SUSE bug 862781CVE-2014-0060openSUSE Leap 42.1
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
ModerateCVE-2014-0060SUSE bug 864845SUSE bug 864856SUSE bug 864845SUSE bug 864845SUSE bug 864845SUSE bug 864856SUSE bug 864845CVE-2014-0061openSUSE Leap 42.1
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
ModerateCVE-2014-0061SUSE bug 864846SUSE bug 864856SUSE bug 864846SUSE bug 864846SUSE bug 864846SUSE bug 864846SUSE bug 864856SUSE bug 864846SUSE bug 864846SUSE bug 864846SUSE bug 864856CVE-2014-0062openSUSE Leap 42.1
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
ModerateCVE-2014-0062SUSE bug 864847SUSE bug 864856SUSE bug 864847SUSE bug 864847SUSE bug 864847SUSE bug 864847SUSE bug 864856SUSE bug 864847SUSE bug 864847SUSE bug 864847SUSE bug 864856CVE-2014-0063openSUSE Leap 42.1
Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
ModerateCVE-2014-0063SUSE bug 864850SUSE bug 864856SUSE bug 864850SUSE bug 864850SUSE bug 864850SUSE bug 864850SUSE bug 864850SUSE bug 864850SUSE bug 864850SUSE bug 864856CVE-2014-0064openSUSE Leap 42.1
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
ModerateCVE-2014-0064SUSE bug 864851SUSE bug 864856SUSE bug 864851SUSE bug 864851SUSE bug 871307SUSE bug 864851SUSE bug 864851SUSE bug 864851SUSE bug 864851SUSE bug 864851SUSE bug 864856CVE-2014-0065openSUSE Leap 42.1
Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
ModerateCVE-2014-0065SUSE bug 864852SUSE bug 864856SUSE bug 864852SUSE bug 864852SUSE bug 864852SUSE bug 864852SUSE bug 864852SUSE bug 864852SUSE bug 864852SUSE bug 864856CVE-2014-0066openSUSE Leap 42.1
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
ModerateCVE-2014-0066SUSE bug 864853SUSE bug 864856SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864853SUSE bug 864856CVE-2014-0067openSUSE Leap 42.1
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
LowCVE-2014-0067SUSE bug 864856SUSE bug 872783SUSE bug 872783SUSE bug 872783SUSE bug 872783CVE-2014-00691openSUSE Leap 42.1
Unknown.
CVE-2014-00691CVE-2014-0076openSUSE Leap 42.1
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
ModerateCVE-2014-0076SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 869945SUSE bug 880891SUSE bug 869945SUSE bug 880891SUSE bug 869945SUSE bug 883126SUSE bug 905106CVE-2014-0092openSUSE Leap 42.1
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
ImportantCVE-2014-0092SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 865804SUSE bug 915878SUSE bug 915878SUSE bug 865804SUSE bug 915878SUSE bug 915878CVE-2014-0098openSUSE Leap 42.1
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
ImportantCVE-2014-0098SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 887765SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106SUSE bug 869106CVE-2014-0107openSUSE Leap 42.1
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
ImportantCVE-2014-0107SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082SUSE bug 870082CVE-2014-0117openSUSE Leap 42.1
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
ModerateCVE-2014-0117SUSE bug 887767SUSE bug 887767SUSE bug 887767SUSE bug 887767CVE-2014-0118openSUSE Leap 42.1
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
ModerateCVE-2014-0118SUSE bug 887769SUSE bug 887769SUSE bug 887769SUSE bug 887769SUSE bug 1078450CVE-2014-0138openSUSE Leap 42.1
The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.
ImportantCVE-2014-0138SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 868627SUSE bug 882520SUSE bug 880252SUSE bug 868627SUSE bug 868627SUSE bug 868627CVE-2014-0139openSUSE Leap 42.1
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ImportantCVE-2014-0139SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 868629SUSE bug 882520SUSE bug 880252SUSE bug 868629SUSE bug 868629SUSE bug 868629CVE-2014-0142openSUSE Leap 42.1
QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.
ImportantCVE-2014-0142SUSE bug 870439SUSE bug 871442CVE-2014-0143openSUSE Leap 42.1
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.
ModerateCVE-2014-0143SUSE bug 870439SUSE bug 871442SUSE bug 870439CVE-2014-0144openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0144SUSE bug 870439SUSE bug 871442CVE-2014-0145openSUSE Leap 42.1
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).
ModerateCVE-2014-0145SUSE bug 870439SUSE bug 871442CVE-2014-0146openSUSE Leap 42.1
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.
ModerateCVE-2014-0146SUSE bug 870439SUSE bug 871442CVE-2014-0147openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0147SUSE bug 870439SUSE bug 871442SUSE bug 870439CVE-2014-0150openSUSE Leap 42.1
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
ModerateCVE-2014-0150SUSE bug 873235SUSE bug 873235SUSE bug 873235SUSE bug 873235SUSE bug 873235CVE-2014-0160openSUSE Leap 42.1
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
ImportantCVE-2014-0160SUSE bug 872299SUSE bug 872299SUSE bug 872299SUSE bug 872299SUSE bug 872299SUSE bug 872299CVE-2014-0172openSUSE Leap 42.1
Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.
ModerateCVE-2014-0172SUSE bug 872785SUSE bug 872785CVE-2014-0178openSUSE Leap 42.1
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.
ModerateCVE-2014-0178SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396SUSE bug 872396CVE-2014-0179openSUSE Leap 42.1
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods.
ModerateCVE-2014-0179SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705SUSE bug 873705CVE-2014-0182openSUSE Leap 42.1
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
ModerateCVE-2014-0182SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 874788SUSE bug 964693SUSE bug 964693SUSE bug 874788SUSE bug 874788CVE-2014-0185openSUSE Leap 42.1
sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
ModerateCVE-2014-0185SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 868624SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 875826SUSE bug 992991CVE-2014-0190openSUSE Leap 42.1
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
LowCVE-2014-0190SUSE bug 875470SUSE bug 875470SUSE bug 875470CVE-2014-0191openSUSE Leap 42.1
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
ModerateCVE-2014-0191SUSE bug 876652SUSE bug 876652SUSE bug 877506SUSE bug 876652SUSE bug 877506SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 877506SUSE bug 876652SUSE bug 876652SUSE bug 877506SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 996079SUSE bug 996079SUSE bug 996079SUSE bug 996079SUSE bug 996079SUSE bug 996079SUSE bug 876652SUSE bug 1014873SUSE bug 1014873SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652SUSE bug 876652CVE-2014-0195openSUSE Leap 42.1
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.
ModerateCVE-2014-0195SUSE bug 880891SUSE bug 880891SUSE bug 880891SUSE bug 915913CVE-2014-0196openSUSE Leap 42.1
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
CriticalCVE-2014-0196SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 871252SUSE bug 875690SUSE bug 877345SUSE bug 875690SUSE bug 875690SUSE bug 877345SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 876463SUSE bug 876463SUSE bug 879878SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 875690SUSE bug 933423CVE-2014-0198openSUSE Leap 42.1
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
ModerateCVE-2014-0198SUSE bug 876282SUSE bug 876282SUSE bug 876282SUSE bug 880891SUSE bug 876282SUSE bug 880891SUSE bug 876282SUSE bug 876282SUSE bug 876282SUSE bug 876282SUSE bug 915913SUSE bug 876282SUSE bug 876282CVE-2014-0209openSUSE Leap 42.1
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata.
ImportantCVE-2014-0209SUSE bug 857544CVE-2014-0210openSUSE Leap 42.1
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function.
ModerateCVE-2014-0210SUSE bug 857544CVE-2014-0211openSUSE Leap 42.1
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow.
ModerateCVE-2014-0211SUSE bug 857544CVE-2014-0221openSUSE Leap 42.1
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
ModerateCVE-2014-0221SUSE bug 880891SUSE bug 880891SUSE bug 880891SUSE bug 883126SUSE bug 905106SUSE bug 915913CVE-2014-0222openSUSE Leap 42.1
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
ModerateCVE-2014-0222SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 877642SUSE bug 950367SUSE bug 950367SUSE bug 877642SUSE bug 877642SUSE bug 964925SUSE bug 964925SUSE bug 964925SUSE bug 964925CVE-2014-0223openSUSE Leap 42.1
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.
ImportantCVE-2014-0223SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645SUSE bug 877645CVE-2014-0224openSUSE Leap 42.1
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
CriticalCVE-2014-0224SUSE bug 880891SUSE bug 880891SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 885777SUSE bug 892403SUSE bug 901237SUSE bug 901237SUSE bug 905018SUSE bug 905106SUSE bug 914447SUSE bug 915913SUSE bug 916239SUSE bug 916239SUSE bug 916239SUSE bug 916239SUSE bug 916239SUSE bug 916239SUSE bug 916239CVE-2014-0226openSUSE Leap 42.1
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
ImportantCVE-2014-0226SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765SUSE bug 887765CVE-2014-0231openSUSE Leap 42.1
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
ModerateCVE-2014-0231SUSE bug 887768SUSE bug 887768SUSE bug 887768SUSE bug 887768SUSE bug 887768SUSE bug 887768SUSE bug 887768CVE-2014-0237openSUSE Leap 42.1
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
ModerateCVE-2014-0237SUSE bug 880905SUSE bug 880905SUSE bug 880905SUSE bug 880905SUSE bug 880905SUSE bug 992991CVE-2014-0238openSUSE Leap 42.1
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
ModerateCVE-2014-0238SUSE bug 880904SUSE bug 880904SUSE bug 880904SUSE bug 880904SUSE bug 880904SUSE bug 992991CVE-2014-0239openSUSE Leap 42.1
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.
ModerateCVE-2014-0239SUSE bug 878642SUSE bug 878642SUSE bug 878642SUSE bug 878642SUSE bug 878642SUSE bug 878642CVE-2014-0244openSUSE Leap 42.1
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
ModerateCVE-2014-0244SUSE bug 880962SUSE bug 880962SUSE bug 880962SUSE bug 880962SUSE bug 883758SUSE bug 880962SUSE bug 880962SUSE bug 880962SUSE bug 880962SUSE bug 880962CVE-2014-0247openSUSE Leap 42.1
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
ModerateCVE-2014-0247SUSE bug 879996SUSE bug 879996SUSE bug 879996SUSE bug 879996CVE-2014-0249openSUSE Leap 42.1
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
LowCVE-2014-0249SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245SUSE bug 880245CVE-2014-0250openSUSE Leap 42.1
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.
ImportantCVE-2014-0250SUSE bug 880317SUSE bug 880317SUSE bug 880317SUSE bug 880317SUSE bug 880317SUSE bug 880317SUSE bug 880317SUSE bug 975218SUSE bug 880317SUSE bug 880317CVE-2014-0333openSUSE Leap 42.1
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
ModerateCVE-2014-0333SUSE bug 866298SUSE bug 866298SUSE bug 866298SUSE bug 866298SUSE bug 866298SUSE bug 866298CVE-2014-0466openSUSE Leap 42.1
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file.
ModerateCVE-2014-0466SUSE bug 871097SUSE bug 871097SUSE bug 871097SUSE bug 871097SUSE bug 871097CVE-2014-0467openSUSE Leap 42.1
Buffer overflow in copy.c in Mutt before 1.5.23 allows remote attackers to cause a denial of service (crash) via a crafted RFC2047 header line, related to address expansion.
ImportantCVE-2014-0467SUSE bug 868115SUSE bug 868115SUSE bug 868115SUSE bug 868115SUSE bug 868115SUSE bug 868115SUSE bug 868115SUSE bug 868115CVE-2014-0475openSUSE Leap 42.1
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
ModerateCVE-2014-0475SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 896776SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 916222SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022SUSE bug 887022CVE-2014-0591openSUSE Leap 42.1
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
ModerateCVE-2014-0591SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639SUSE bug 858639CVE-2014-0593openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-0593SUSE bug 866966SUSE bug 866966SUSE bug 866966CVE-2014-0791openSUSE Leap 42.1
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.
ImportantCVE-2014-0791SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 857491SUSE bug 975218SUSE bug 857491SUSE bug 857491CVE-2014-1344openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.
ModerateCVE-2014-1344SUSE bug 879607CVE-2014-1384openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1384SUSE bug 892084CVE-2014-1385openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1385SUSE bug 892084CVE-2014-1386openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1386SUSE bug 892084CVE-2014-1387openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1387SUSE bug 892084CVE-2014-1388openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1388SUSE bug 892084CVE-2014-1389openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1389SUSE bug 892084CVE-2014-1390openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
ModerateCVE-2014-1390SUSE bug 892084CVE-2014-1447openSUSE Leap 42.1
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
ModerateCVE-2014-1447SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817SUSE bug 858817CVE-2014-1477openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2014-1477SUSE bug 862345SUSE bug 861847SUSE bug 862345CVE-2014-1478openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
ModerateCVE-2014-1478SUSE bug 861847CVE-2014-1479openSUSE Leap 42.1
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
ModerateCVE-2014-1479SUSE bug 862348SUSE bug 861847SUSE bug 862348CVE-2014-1480openSUSE Leap 42.1
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
ModerateCVE-2014-1480SUSE bug 861847CVE-2014-1481openSUSE Leap 42.1
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
ModerateCVE-2014-1481SUSE bug 861847SUSE bug 862309SUSE bug 861847SUSE bug 862309SUSE bug 862309CVE-2014-1482openSUSE Leap 42.1
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
CriticalCVE-2014-1482SUSE bug 862356SUSE bug 861847SUSE bug 862356CVE-2014-1483openSUSE Leap 42.1
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
ModerateCVE-2014-1483SUSE bug 862360SUSE bug 861847SUSE bug 862360CVE-2014-1484openSUSE Leap 42.1
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.
ModerateCVE-2014-1484SUSE bug 861847CVE-2014-1485openSUSE Leap 42.1
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
ModerateCVE-2014-1485SUSE bug 861847CVE-2014-1486openSUSE Leap 42.1
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
ImportantCVE-2014-1486SUSE bug 861847CVE-2014-1487openSUSE Leap 42.1
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
ModerateCVE-2014-1487SUSE bug 861847CVE-2014-1488openSUSE Leap 42.1
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.
ImportantCVE-2014-1488SUSE bug 861847CVE-2014-1489openSUSE Leap 42.1
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
ModerateCVE-2014-1489SUSE bug 861847CVE-2014-1490openSUSE Leap 42.1
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
ModerateCVE-2014-1490SUSE bug 861847SUSE bug 862300SUSE bug 861847SUSE bug 862300SUSE bug 862300CVE-2014-1491openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.
ModerateCVE-2014-1491SUSE bug 861847SUSE bug 862289SUSE bug 861847SUSE bug 862289CVE-2014-1492openSUSE Leap 42.1
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
ModerateCVE-2014-1492SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 869827SUSE bug 926974CVE-2014-1493openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1493SUSE bug 868603CVE-2014-1494openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1494SUSE bug 868603CVE-2014-1497openSUSE Leap 42.1
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
ImportantCVE-2014-1497SUSE bug 868603CVE-2014-1498openSUSE Leap 42.1
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.
ImportantCVE-2014-1498SUSE bug 868603CVE-2014-1499openSUSE Leap 42.1
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.
ImportantCVE-2014-1499SUSE bug 868603CVE-2014-1500openSUSE Leap 42.1
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
ImportantCVE-2014-1500SUSE bug 868603CVE-2014-1502openSUSE Leap 42.1
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
ImportantCVE-2014-1502SUSE bug 868603CVE-2014-1504openSUSE Leap 42.1
The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.
ImportantCVE-2014-1504SUSE bug 868603CVE-2014-1505openSUSE Leap 42.1
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.
ImportantCVE-2014-1505SUSE bug 868603CVE-2014-1508openSUSE Leap 42.1
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
ImportantCVE-2014-1508SUSE bug 868603CVE-2014-1509openSUSE Leap 42.1
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
ImportantCVE-2014-1509SUSE bug 868603SUSE bug 869339CVE-2014-1510openSUSE Leap 42.1
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
ImportantCVE-2014-1510SUSE bug 868603CVE-2014-1511openSUSE Leap 42.1
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
ImportantCVE-2014-1511SUSE bug 868603CVE-2014-1512openSUSE Leap 42.1
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
ImportantCVE-2014-1512SUSE bug 868603CVE-2014-1513openSUSE Leap 42.1
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
ImportantCVE-2014-1513SUSE bug 868603CVE-2014-1514openSUSE Leap 42.1
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
ImportantCVE-2014-1514SUSE bug 868603CVE-2014-1518openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1518SUSE bug 875803CVE-2014-1519openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2014-1519CVE-2014-1522openSUSE Leap 42.1
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.
ImportantCVE-2014-1522CVE-2014-1523openSUSE Leap 42.1
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.
ModerateCVE-2014-1523SUSE bug 875803CVE-2014-1524openSUSE Leap 42.1
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.
ImportantCVE-2014-1524SUSE bug 875803CVE-2014-1525openSUSE Leap 42.1
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
ImportantCVE-2014-1525CVE-2014-1526openSUSE Leap 42.1
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.
ModerateCVE-2014-1526CVE-2014-1528openSUSE Leap 42.1
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.
ModerateCVE-2014-1528CVE-2014-1529openSUSE Leap 42.1
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.
ImportantCVE-2014-1529SUSE bug 875803CVE-2014-1530openSUSE Leap 42.1
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.
ModerateCVE-2014-1530SUSE bug 875803CVE-2014-1531openSUSE Leap 42.1
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.
ImportantCVE-2014-1531SUSE bug 875803CVE-2014-1532openSUSE Leap 42.1
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.
ImportantCVE-2014-1532SUSE bug 875803CVE-2014-1533openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1533SUSE bug 881874CVE-2014-1534openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1534CVE-2014-1536openSUSE Leap 42.1
The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
ImportantCVE-2014-1536CVE-2014-1537openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2014-1537CVE-2014-1538openSUSE Leap 42.1
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
ImportantCVE-2014-1538CVE-2014-1539openSUSE Leap 42.1
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.
ModerateCVE-2014-1539CVE-2014-1540openSUSE Leap 42.1
Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
ImportantCVE-2014-1540CVE-2014-1541openSUSE Leap 42.1
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
ImportantCVE-2014-1541CVE-2014-1542openSUSE Leap 42.1
Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
ImportantCVE-2014-1542CVE-2014-1543openSUSE Leap 42.1
Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.
ImportantCVE-2014-1543CVE-2014-1544openSUSE Leap 42.1
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
ImportantCVE-2014-1544SUSE bug 887746CVE-2014-1545openSUSE Leap 42.1
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.
ModerateCVE-2014-1545CVE-2014-1547openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1547CVE-2014-1548openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1548SUSE bug 887746CVE-2014-1549openSUSE Leap 42.1
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
ImportantCVE-2014-1549SUSE bug 887746CVE-2014-1550openSUSE Leap 42.1
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.
ImportantCVE-2014-1550SUSE bug 887746CVE-2014-1552openSUSE Leap 42.1
Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
ImportantCVE-2014-1552SUSE bug 887746CVE-2014-1553openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1553SUSE bug 894370CVE-2014-1554openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1554SUSE bug 894370CVE-2014-1555openSUSE Leap 42.1
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.
ImportantCVE-2014-1555SUSE bug 887746CVE-2014-1556openSUSE Leap 42.1
Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
ImportantCVE-2014-1556SUSE bug 887746CVE-2014-1557openSUSE Leap 42.1
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.
ImportantCVE-2014-1557SUSE bug 887746CVE-2014-1558openSUSE Leap 42.1
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
ImportantCVE-2014-1558SUSE bug 887746CVE-2014-1559openSUSE Leap 42.1
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.
ImportantCVE-2014-1559SUSE bug 887746CVE-2014-1560openSUSE Leap 42.1
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
ImportantCVE-2014-1560SUSE bug 887746CVE-2014-1561openSUSE Leap 42.1
Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.
ImportantCVE-2014-1561SUSE bug 887746CVE-2014-1562openSUSE Leap 42.1
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1562SUSE bug 894370CVE-2014-1563openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
ImportantCVE-2014-1563SUSE bug 894370CVE-2014-1564openSUSE Leap 42.1
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
ImportantCVE-2014-1564SUSE bug 894370CVE-2014-1565openSUSE Leap 42.1
The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.
ImportantCVE-2014-1565SUSE bug 894370CVE-2014-1567openSUSE Leap 42.1
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
ImportantCVE-2014-1567SUSE bug 894370CVE-2014-1568openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
ImportantCVE-2014-1568SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890SUSE bug 897890CVE-2014-1569openSUSE Leap 42.1
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.
ModerateCVE-2014-1569SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 913096SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 910647SUSE bug 917597CVE-2014-1574openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1574SUSE bug 900941SUSE bug 900941CVE-2014-1575openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.
ImportantCVE-2014-1575SUSE bug 900941CVE-2014-1576openSUSE Leap 42.1
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.
ImportantCVE-2014-1576SUSE bug 900941CVE-2014-1577openSUSE Leap 42.1
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
ImportantCVE-2014-1577SUSE bug 900941CVE-2014-1578openSUSE Leap 42.1
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.
ImportantCVE-2014-1578SUSE bug 900941CVE-2014-1580openSUSE Leap 42.1
Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.
ImportantCVE-2014-1580SUSE bug 900941CVE-2014-1581openSUSE Leap 42.1
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
ImportantCVE-2014-1581SUSE bug 900941CVE-2014-1582openSUSE Leap 42.1
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.
ImportantCVE-2014-1582SUSE bug 900941CVE-2014-1583openSUSE Leap 42.1
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.
ImportantCVE-2014-1583SUSE bug 900941CVE-2014-1584openSUSE Leap 42.1
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user.
ImportantCVE-2014-1584SUSE bug 900941CVE-2014-1585openSUSE Leap 42.1
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.
ImportantCVE-2014-1585SUSE bug 900941CVE-2014-1586openSUSE Leap 42.1
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.
ModerateCVE-2014-1586SUSE bug 900941CVE-2014-1587openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1587SUSE bug 908009CVE-2014-1588openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-1588SUSE bug 908009CVE-2014-1589openSUSE Leap 42.1
Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
ImportantCVE-2014-1589SUSE bug 908009CVE-2014-1590openSUSE Leap 42.1
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.
ModerateCVE-2014-1590SUSE bug 908009CVE-2014-1591openSUSE Leap 42.1
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
ImportantCVE-2014-1591SUSE bug 908009CVE-2014-1592openSUSE Leap 42.1
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
ImportantCVE-2014-1592SUSE bug 908009CVE-2014-1593openSUSE Leap 42.1
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
ImportantCVE-2014-1593SUSE bug 908009CVE-2014-1594openSUSE Leap 42.1
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
ModerateCVE-2014-1594SUSE bug 908009CVE-2014-1748openSUSE Leap 42.1
The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.
ImportantCVE-2014-1748SUSE bug 909707SUSE bug 971460CVE-2014-1829openSUSE Leap 42.1
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.
LowCVE-2014-1829SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658CVE-2014-1830openSUSE Leap 42.1
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
LowCVE-2014-1830SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658SUSE bug 897658CVE-2014-1875openSUSE Leap 42.1
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
LowCVE-2014-1875SUSE bug 862743SUSE bug 862743SUSE bug 862743CVE-2014-1909openSUSE Leap 42.1
Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow.
ImportantCVE-2014-1909SUSE bug 863074SUSE bug 863074SUSE bug 863074SUSE bug 863074SUSE bug 863074CVE-2014-1912openSUSE Leap 42.1
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
ImportantCVE-2014-1912SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 882915SUSE bug 882915SUSE bug 882915SUSE bug 882915SUSE bug 882915SUSE bug 882915SUSE bug 863741SUSE bug 882915SUSE bug 882915SUSE bug 882915SUSE bug 863741SUSE bug 863741SUSE bug 863741SUSE bug 882915SUSE bug 882915SUSE bug 863741SUSE bug 1049392SUSE bug 1049422SUSE bug 1049392SUSE bug 1049422CVE-2014-1943openSUSE Leap 42.1
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
ImportantCVE-2014-1943SUSE bug 864343SUSE bug 864343SUSE bug 864589SUSE bug 864589SUSE bug 864589SUSE bug 864589SUSE bug 883306SUSE bug 883306SUSE bug 864589SUSE bug 864589CVE-2014-1959openSUSE Leap 42.1
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
ModerateCVE-2014-1959SUSE bug 863989SUSE bug 863989SUSE bug 863989SUSE bug 865993CVE-2014-2240openSUSE Leap 42.1
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
ImportantCVE-2014-2240SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 916867SUSE bug 916867CVE-2014-2241openSUSE Leap 42.1
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.
ImportantCVE-2014-2241SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620SUSE bug 867620CVE-2014-2270openSUSE Leap 42.1
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
ImportantCVE-2014-2270SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 866750SUSE bug 883306SUSE bug 883306SUSE bug 866750CVE-2014-2281openSUSE Leap 42.1
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
ImportantCVE-2014-2281SUSE bug 867485CVE-2014-2282openSUSE Leap 42.1
The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.
ModerateCVE-2014-2282SUSE bug 867485CVE-2014-2283openSUSE Leap 42.1
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.
ModerateCVE-2014-2283SUSE bug 867485CVE-2014-2284openSUSE Leap 42.1
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.
ImportantCVE-2014-2284SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 875217SUSE bug 875217SUSE bug 875217SUSE bug 866942SUSE bug 875217SUSE bug 866942SUSE bug 875217SUSE bug 866942CVE-2014-2285openSUSE Leap 42.1
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.
ImportantCVE-2014-2285SUSE bug 866942SUSE bug 866942SUSE bug 866942SUSE bug 875217SUSE bug 875217SUSE bug 875217SUSE bug 866942SUSE bug 875217SUSE bug 866942SUSE bug 875217SUSE bug 866942CVE-2014-2299openSUSE Leap 42.1
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.
ImportantCVE-2014-2299SUSE bug 867485CVE-2014-2386openSUSE Leap 42.1
Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service (crash) via unspecified vectors to the (1) display_nav_table, (2) print_export_link, (3) page_num_selector, or (4) page_limit_selector function in cgi/cgiutils.c or (5) status_page_num_selector function in cgi/status.c, which triggers a stack-based buffer overflow.
ModerateCVE-2014-2386SUSE bug 868426SUSE bug 868426SUSE bug 868426SUSE bug 868426CVE-2014-2494openSUSE Leap 42.1
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.
ImportantCVE-2014-2494SUSE bug 887580SUSE bug 915914SUSE bug 915914SUSE bug 915914SUSE bug 915914SUSE bug 915914SUSE bug 915914CVE-2014-2497openSUSE Leap 42.1
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
LowCVE-2014-2497SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624SUSE bug 868624CVE-2014-2524openSUSE Leap 42.1
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
LowCVE-2014-2524SUSE bug 868822SUSE bug 868822SUSE bug 868822SUSE bug 868822SUSE bug 868822SUSE bug 868822CVE-2014-2525openSUSE Leap 42.1
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
ImportantCVE-2014-2525SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 911782SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944SUSE bug 868944CVE-2014-2583openSUSE Leap 42.1
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
ImportantCVE-2014-2583SUSE bug 870433SUSE bug 870433SUSE bug 870433SUSE bug 870433SUSE bug 870433SUSE bug 870433SUSE bug 870433SUSE bug 870433CVE-2014-2653openSUSE Leap 42.1
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
ImportantCVE-2014-2653SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 870532SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 916239SUSE bug 916239SUSE bug 913479SUSE bug 916239SUSE bug 913479SUSE bug 913479SUSE bug 916239SUSE bug 916239SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 916239SUSE bug 916239SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 870532SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2014-2667openSUSE Leap 42.1
Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.
ModerateCVE-2014-2667SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152SUSE bug 871152CVE-2014-2707openSUSE Leap 42.1
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
ModerateCVE-2014-2707SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 871327SUSE bug 883543SUSE bug 871327SUSE bug 883543SUSE bug 883543SUSE bug 871327SUSE bug 883543SUSE bug 871327SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 937018SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753CVE-2014-2855openSUSE Leap 42.1
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
ModerateCVE-2014-2855SUSE bug 873740SUSE bug 873740SUSE bug 873740SUSE bug 873740SUSE bug 873740CVE-2014-2856openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
ModerateCVE-2014-2856SUSE bug 873899SUSE bug 873899SUSE bug 873899CVE-2014-2892openSUSE Leap 42.1
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
ImportantCVE-2014-2892SUSE bug 874723SUSE bug 874723SUSE bug 874723CVE-2014-2907openSUSE Leap 42.1
The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-2907SUSE bug 874693SUSE bug 874760SUSE bug 874760SUSE bug 874760CVE-2014-2977openSUSE Leap 42.1
Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.
CriticalCVE-2014-2977SUSE bug 878345SUSE bug 878345SUSE bug 878345SUSE bug 878345SUSE bug 878345SUSE bug 878345SUSE bug 878345SUSE bug 878345CVE-2014-2978openSUSE Leap 42.1
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.
ImportantCVE-2014-2978SUSE bug 878349SUSE bug 878349SUSE bug 878349SUSE bug 878349SUSE bug 878349SUSE bug 878349SUSE bug 878349SUSE bug 878349CVE-2014-3121openSUSE Leap 42.1
rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.
ImportantCVE-2014-3121SUSE bug 876101SUSE bug 876101SUSE bug 876101SUSE bug 876101SUSE bug 876101SUSE bug 876101SUSE bug 876101CVE-2014-3124openSUSE Leap 42.1
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types.
ModerateCVE-2014-3124SUSE bug 875668SUSE bug 875668SUSE bug 875668SUSE bug 880751SUSE bug 903970CVE-2014-3158openSUSE Leap 42.1
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."
ModerateCVE-2014-3158SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 891489SUSE bug 969773CVE-2014-3230openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-3230SUSE bug 876862SUSE bug 876862SUSE bug 876862CVE-2014-3421openSUSE Leap 42.1
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
ModerateCVE-2014-3421SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847CVE-2014-3422openSUSE Leap 42.1
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
ModerateCVE-2014-3422SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847CVE-2014-3423openSUSE Leap 42.1
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
ModerateCVE-2014-3423SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847CVE-2014-3424openSUSE Leap 42.1
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
ModerateCVE-2014-3424SUSE bug 876847SUSE bug 876847SUSE bug 876847SUSE bug 876847CVE-2014-3461openSUSE Leap 42.1
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
ModerateCVE-2014-3461SUSE bug 878541SUSE bug 878541SUSE bug 878541SUSE bug 878541SUSE bug 878541CVE-2014-3462openSUSE Leap 42.1
The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes".
ModerateCVE-2014-3462SUSE bug 878257SUSE bug 878257SUSE bug 878257SUSE bug 878257SUSE bug 878257SUSE bug 878257SUSE bug 878257CVE-2014-3466openSUSE Leap 42.1
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
ImportantCVE-2014-3466SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730SUSE bug 880730CVE-2014-3467openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.
ModerateCVE-2014-3467SUSE bug 880737SUSE bug 880737SUSE bug 880910SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737SUSE bug 880737CVE-2014-3468openSUSE Leap 42.1
The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.
ImportantCVE-2014-3468SUSE bug 880735SUSE bug 880735SUSE bug 880910SUSE bug 880735SUSE bug 880735SUSE bug 880735SUSE bug 880735SUSE bug 880735SUSE bug 880735CVE-2014-3469openSUSE Leap 42.1
The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
ModerateCVE-2014-3469SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880910SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738SUSE bug 880738CVE-2014-3470openSUSE Leap 42.1
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
ImportantCVE-2014-3470SUSE bug 880891SUSE bug 880891SUSE bug 880891SUSE bug 883126SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 885777SUSE bug 905106SUSE bug 915913SUSE bug 885777SUSE bug 885777CVE-2014-3477openSUSE Leap 42.1
The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service (initialization failure and exit) or possibly conduct a side-channel attack via a D-Bus message to an inactive service.
ModerateCVE-2014-3477SUSE bug 881137SUSE bug 881137SUSE bug 881137SUSE bug 881137SUSE bug 881137SUSE bug 1010769CVE-2014-3493openSUSE Leap 42.1
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.
ModerateCVE-2014-3493SUSE bug 880962SUSE bug 883758SUSE bug 883758SUSE bug 883758SUSE bug 883758SUSE bug 883758SUSE bug 883758SUSE bug 883758SUSE bug 878642CVE-2014-3494openSUSE Leap 42.1
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.
CriticalCVE-2014-3494SUSE bug 883374SUSE bug 883374SUSE bug 883374SUSE bug 883374SUSE bug 883374CVE-2014-3504openSUSE Leap 42.1
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
ModerateCVE-2014-3504SUSE bug 890510SUSE bug 890511SUSE bug 890510SUSE bug 890510SUSE bug 890510SUSE bug 890510CVE-2014-3505openSUSE Leap 42.1
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition.
ImportantCVE-2014-3505SUSE bug 890759SUSE bug 890767SUSE bug 890759SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890764SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890764SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 890767SUSE bug 905106SUSE bug 890767SUSE bug 890767CVE-2014-3506openSUSE Leap 42.1
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
ImportantCVE-2014-3506SUSE bug 890759SUSE bug 890768SUSE bug 890759SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 890764SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 890764SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 890768SUSE bug 905106SUSE bug 890768SUSE bug 890768CVE-2014-3507openSUSE Leap 42.1
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.
ImportantCVE-2014-3507SUSE bug 890759SUSE bug 890769SUSE bug 890759SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890764SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890764SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 890769SUSE bug 905106SUSE bug 890769SUSE bug 890769CVE-2014-3508openSUSE Leap 42.1
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline, X509_name_print_ex, and unspecified other functions.
ImportantCVE-2014-3508SUSE bug 890759SUSE bug 890764SUSE bug 890759SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 905106SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 890764SUSE bug 950708CVE-2014-3509openSUSE Leap 42.1
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
ImportantCVE-2014-3509SUSE bug 890759SUSE bug 890766SUSE bug 890759SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766SUSE bug 890766CVE-2014-3510openSUSE Leap 42.1
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.
ImportantCVE-2014-3510SUSE bug 890759SUSE bug 890770SUSE bug 890759SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890764SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890764SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 890770SUSE bug 905106SUSE bug 890770SUSE bug 890770CVE-2014-3511openSUSE Leap 42.1
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.
ImportantCVE-2014-3511SUSE bug 890759SUSE bug 890771SUSE bug 890759SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771SUSE bug 890771CVE-2014-3512openSUSE Leap 42.1
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter.
ImportantCVE-2014-3512SUSE bug 890759SUSE bug 890772SUSE bug 890759SUSE bug 890772SUSE bug 890772SUSE bug 890772SUSE bug 890772SUSE bug 890772SUSE bug 890772SUSE bug 890772SUSE bug 890772CVE-2014-3513openSUSE Leap 42.1
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.
CriticalCVE-2014-3513SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 902912SUSE bug 901277SUSE bug 902912SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 901277SUSE bug 901277CVE-2014-3522openSUSE Leap 42.1
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
ModerateCVE-2014-3522SUSE bug 890511SUSE bug 890511SUSE bug 890511SUSE bug 890511SUSE bug 890511SUSE bug 890511SUSE bug 890511SUSE bug 890511CVE-2014-3523openSUSE Leap 42.1
Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
ModerateCVE-2014-3523CVE-2014-3524openSUSE Leap 42.1
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
ImportantCVE-2014-3524SUSE bug 893133SUSE bug 893133SUSE bug 893133SUSE bug 893133SUSE bug 893133CVE-2014-3528openSUSE Leap 42.1
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.
ModerateCVE-2014-3528SUSE bug 889849SUSE bug 889849SUSE bug 890511SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849SUSE bug 889849CVE-2014-3532openSUSE Leap 42.1
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
ModerateCVE-2014-3532SUSE bug 885241SUSE bug 885241CVE-2014-3533openSUSE Leap 42.1
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
ModerateCVE-2014-3533SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241SUSE bug 885241CVE-2014-3537openSUSE Leap 42.1
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
ModerateCVE-2014-3537SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240CVE-2014-3540openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0114. Reason: This candidate is a duplicate of CVE-2014-0114. CVE abstraction content decisions did not require a second ID. Notes: All CVE users should reference CVE-2014-0114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2014-3540SUSE bug 885963SUSE bug 885963SUSE bug 885963SUSE bug 885963SUSE bug 885963SUSE bug 885963CVE-2014-3560openSUSE Leap 42.1
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.
ImportantCVE-2014-3560SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429SUSE bug 889429CVE-2014-3564openSUSE Leap 42.1
Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."
ModerateCVE-2014-3564SUSE bug 890123SUSE bug 890123SUSE bug 890123SUSE bug 890123SUSE bug 890123SUSE bug 890123CVE-2014-3565openSUSE Leap 42.1
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.
ModerateCVE-2014-3565SUSE bug 894361SUSE bug 894361SUSE bug 894361SUSE bug 894361SUSE bug 894361SUSE bug 894361CVE-2014-3566openSUSE Leap 42.1
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
ModerateCVE-2014-3566SUSE bug 901223SUSE bug 901254SUSE bug 901277SUSE bug 901223SUSE bug 901748SUSE bug 901757SUSE bug 901759SUSE bug 901223SUSE bug 901254SUSE bug 901748SUSE bug 901757SUSE bug 901759SUSE bug 901757SUSE bug 901889SUSE bug 901223SUSE bug 901277SUSE bug 901223SUSE bug 901254SUSE bug 901223SUSE bug 901968SUSE bug 901889SUSE bug 902476SUSE bug 902912SUSE bug 902912SUSE bug 901968SUSE bug 902229SUSE bug 901223SUSE bug 901223SUSE bug 903684SUSE bug 901223SUSE bug 902229SUSE bug 903684SUSE bug 901223SUSE bug 902229SUSE bug 903690SUSE bug 903692SUSE bug 903690SUSE bug 903692SUSE bug 901223SUSE bug 901748SUSE bug 901748SUSE bug 901223SUSE bug 904889SUSE bug 901223SUSE bug 901223SUSE bug 903684SUSE bug 903684SUSE bug 903690SUSE bug 903692SUSE bug 901223SUSE bug 901757SUSE bug 903684SUSE bug 901223SUSE bug 902229SUSE bug 903684SUSE bug 901757SUSE bug 901223SUSE bug 901757SUSE bug 902229SUSE bug 903690SUSE bug 903692SUSE bug 905106SUSE bug 901223SUSE bug 903690SUSE bug 903692SUSE bug 905106SUSE bug 901223SUSE bug 903690SUSE bug 901223SUSE bug 902229SUSE bug 903684SUSE bug 903684SUSE bug 901223SUSE bug 903684SUSE bug 901757SUSE bug 914041SUSE bug 901759SUSE bug 901223SUSE bug 901223SUSE bug 901223SUSE bug 901254SUSE bug 902229SUSE bug 903405SUSE bug 901759SUSE bug 901759SUSE bug 903405SUSE bug 903405SUSE bug 901968SUSE bug 901889SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 901748SUSE bug 1011293SUSE bug 1031023SUSE bug 901223SUSE bug 1031023SUSE bug 1031023SUSE bug 1031023SUSE bug 1031023SUSE bug 901223SUSE bug 1031023SUSE bug 901889SUSE bug 901889CVE-2014-3567openSUSE Leap 42.1
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
ModerateCVE-2014-3567SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 902912SUSE bug 901277SUSE bug 902912SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 903692SUSE bug 905106SUSE bug 901277SUSE bug 901277SUSE bug 903690SUSE bug 901277SUSE bug 901277SUSE bug 877506CVE-2014-3568openSUSE Leap 42.1
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
LowCVE-2014-3568SUSE bug 901277SUSE bug 901277SUSE bug 902912SUSE bug 905106SUSE bug 911399SUSE bug 986238CVE-2014-3569openSUSE Leap 42.1
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.
ModerateCVE-2014-3569SUSE bug 911399SUSE bug 911399SUSE bug 911399SUSE bug 912316SUSE bug 911399SUSE bug 911399SUSE bug 911399SUSE bug 920339SUSE bug 927623SUSE bug 986238SUSE bug 986238CVE-2014-3570openSUSE Leap 42.1
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
ModerateCVE-2014-3570SUSE bug 912296SUSE bug 912296SUSE bug 912316SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 920339SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 927623SUSE bug 937891SUSE bug 912296SUSE bug 912296SUSE bug 912296SUSE bug 944456SUSE bug 912296CVE-2014-3571openSUSE Leap 42.1
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.
ModerateCVE-2014-3571SUSE bug 912294SUSE bug 912294SUSE bug 912316SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 912294SUSE bug 920339SUSE bug 927623SUSE bug 912294CVE-2014-3572openSUSE Leap 42.1
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
ModerateCVE-2014-3572SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 920339SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 927623SUSE bug 937891SUSE bug 912015SUSE bug 912015SUSE bug 912015SUSE bug 912015CVE-2014-3575openSUSE Leap 42.1
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
ImportantCVE-2014-3575SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 893141SUSE bug 934423SUSE bug 893141SUSE bug 893141CVE-2014-3580openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.
ModerateCVE-2014-3580SUSE bug 909935SUSE bug 910376SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 910376SUSE bug 909935SUSE bug 910376SUSE bug 910376SUSE bug 909935CVE-2014-3581openSUSE Leap 42.1
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
LowCVE-2014-3581SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 914956SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 899836SUSE bug 914956SUSE bug 914956SUSE bug 899836SUSE bug 914956CVE-2014-3583openSUSE Leap 42.1
The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.
LowCVE-2014-3583CVE-2014-3587openSUSE Leap 42.1
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.
ModerateCVE-2014-3587SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 992991SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 987530SUSE bug 998845SUSE bug 987530SUSE bug 987530SUSE bug 987530CVE-2014-3589openSUSE Leap 42.1
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
ModerateCVE-2014-3589SUSE bug 921566SUSE bug 921566CVE-2014-3591openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-3591SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 949135SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057CVE-2014-3597openSUSE Leap 42.1
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
ModerateCVE-2014-3597SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 980366SUSE bug 893853SUSE bug 893853SUSE bug 992991CVE-2014-3598openSUSE Leap 42.1
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
ModerateCVE-2014-3598SUSE bug 921566SUSE bug 921566CVE-2014-3613openSUSE Leap 42.1
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1.
ModerateCVE-2014-3613SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575SUSE bug 894575CVE-2014-3615openSUSE Leap 42.1
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
ModerateCVE-2014-3615SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 918998SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528SUSE bug 895528CVE-2014-3618openSUSE Leap 42.1
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
ImportantCVE-2014-3618SUSE bug 894999SUSE bug 894999SUSE bug 894999SUSE bug 894999SUSE bug 894999SUSE bug 898303SUSE bug 898303SUSE bug 898303SUSE bug 898303SUSE bug 894999SUSE bug 898303SUSE bug 898303SUSE bug 898303SUSE bug 1068648CVE-2014-3620openSUSE Leap 42.1
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
ImportantCVE-2014-3620SUSE bug 894575SUSE bug 895991SUSE bug 895991SUSE bug 895991SUSE bug 895991SUSE bug 895991SUSE bug 894575CVE-2014-3633openSUSE Leap 42.1
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.
LowCVE-2014-3633SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 897783CVE-2014-3634openSUSE Leap 42.1
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
ImportantCVE-2014-3634SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 897262SUSE bug 899756SUSE bug 899756SUSE bug 897262SUSE bug 899756SUSE bug 897262SUSE bug 897262SUSE bug 899756SUSE bug 897262SUSE bug 899756SUSE bug 897262SUSE bug 899756SUSE bug 899756SUSE bug 899756SUSE bug 899756SUSE bug 897262SUSE bug 899756CVE-2014-3635openSUSE Leap 42.1
Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.
ModerateCVE-2014-3635SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453CVE-2014-3636openSUSE Leap 42.1
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call.
ModerateCVE-2014-3636SUSE bug 896453SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017CVE-2014-3637openSUSE Leap 42.1
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
ModerateCVE-2014-3637SUSE bug 896453CVE-2014-3638openSUSE Leap 42.1
The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.
ModerateCVE-2014-3638SUSE bug 896453SUSE bug 902912SUSE bug 903057SUSE bug 903055SUSE bug 903055SUSE bug 903055SUSE bug 903055CVE-2014-3639openSUSE Leap 42.1
The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.
ModerateCVE-2014-3639SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 896453SUSE bug 902912SUSE bug 903057SUSE bug 896453SUSE bug 896453SUSE bug 903055SUSE bug 903055SUSE bug 903055SUSE bug 903055CVE-2014-3640openSUSE Leap 42.1
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
CVE-2014-3640SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 965112SUSE bug 965112SUSE bug 965112SUSE bug 897654SUSE bug 897654SUSE bug 897654SUSE bug 965112SUSE bug 897654SUSE bug 965112SUSE bug 897654SUSE bug 965112SUSE bug 897654SUSE bug 897654SUSE bug 965112SUSE bug 897654SUSE bug 897654SUSE bug 965112SUSE bug 897654SUSE bug 965112SUSE bug 965112SUSE bug 897654SUSE bug 965112SUSE bug 965112SUSE bug 965112SUSE bug 965112SUSE bug 965112SUSE bug 897654SUSE bug 897654CVE-2014-3657openSUSE Leap 42.1
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
ModerateCVE-2014-3657SUSE bug 897783SUSE bug 897783SUSE bug 897783SUSE bug 899484SUSE bug 899484SUSE bug 899484SUSE bug 899484SUSE bug 899484SUSE bug 899484SUSE bug 899484CVE-2014-3660openSUSE Leap 42.1
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack.
ImportantCVE-2014-3660SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546SUSE bug 901546CVE-2014-3668openSUSE Leap 42.1
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.
ModerateCVE-2014-3668SUSE bug 902368SUSE bug 902368SUSE bug 902368SUSE bug 902368SUSE bug 980366SUSE bug 992991CVE-2014-3669openSUSE Leap 42.1
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.
ModerateCVE-2014-3669SUSE bug 902360SUSE bug 902360SUSE bug 902360SUSE bug 902360SUSE bug 980366SUSE bug 992991CVE-2014-3670openSUSE Leap 42.1
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.
ImportantCVE-2014-3670SUSE bug 902357SUSE bug 902357SUSE bug 902357SUSE bug 902357SUSE bug 980366SUSE bug 992991CVE-2014-3672openSUSE Leap 42.1
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.
ModerateCVE-2014-3672SUSE bug 981264SUSE bug 981264SUSE bug 981264SUSE bug 981264CVE-2014-3675openSUSE Leap 42.1
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.
ImportantCVE-2014-3675SUSE bug 889332CVE-2014-3676openSUSE Leap 42.1
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."
ImportantCVE-2014-3676SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332SUSE bug 889332CVE-2014-3677openSUSE Leap 42.1
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.
ImportantCVE-2014-3677SUSE bug 889332CVE-2014-3683openSUSE Leap 42.1
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.
ImportantCVE-2014-3683SUSE bug 897262SUSE bug 899756SUSE bug 899756SUSE bug 897262SUSE bug 899756SUSE bug 899756SUSE bug 897262SUSE bug 899756SUSE bug 899756SUSE bug 899756SUSE bug 899756SUSE bug 899756SUSE bug 899756CVE-2014-3686openSUSE Leap 42.1
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
ImportantCVE-2014-3686SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 900611SUSE bug 1063667CVE-2014-3689openSUSE Leap 42.1
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
ModerateCVE-2014-3689SUSE bug 901508SUSE bug 901508SUSE bug 901508SUSE bug 901508SUSE bug 962611SUSE bug 901508SUSE bug 962611SUSE bug 901508SUSE bug 962611SUSE bug 962611CVE-2014-3693openSUSE Leap 42.1
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
ModerateCVE-2014-3693SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214SUSE bug 900214CVE-2014-3694openSUSE Leap 42.1
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
ModerateCVE-2014-3694SUSE bug 902495SUSE bug 902495SUSE bug 902495CVE-2014-3695openSUSE Leap 42.1
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
ModerateCVE-2014-3695SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409SUSE bug 902409CVE-2014-3696openSUSE Leap 42.1
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
ModerateCVE-2014-3696SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410SUSE bug 902410CVE-2014-3697openSUSE Leap 42.1
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.
ImportantCVE-2014-3697CVE-2014-3698openSUSE Leap 42.1
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
ModerateCVE-2014-3698SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408SUSE bug 902408CVE-2014-3707openSUSE Leap 42.1
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
ModerateCVE-2014-3707SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 901924SUSE bug 951391CVE-2014-3710openSUSE Leap 42.1
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
ImportantCVE-2014-3710SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 910252SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367SUSE bug 902367CVE-2014-3775openSUSE Leap 42.1
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
ModerateCVE-2014-3775SUSE bug 878540SUSE bug 878540SUSE bug 878540SUSE bug 878540CVE-2014-3941openSUSE Leap 42.1
TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."
ModerateCVE-2014-3941SUSE bug 881282SUSE bug 881282SUSE bug 1082714CVE-2014-3970openSUSE Leap 42.1
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure and abort) via an empty UDP packet.
CVE-2014-3970SUSE bug 881524SUSE bug 881524SUSE bug 881524SUSE bug 881524SUSE bug 881524SUSE bug 881524SUSE bug 881524CVE-2014-3985openSUSE Leap 42.1
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.
ModerateCVE-2014-3985SUSE bug 881990SUSE bug 881990SUSE bug 881990SUSE bug 881990CVE-2014-4000openSUSE Leap 42.1
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
ImportantCVE-2014-4000SUSE bug 1022564SUSE bug 1022564CVE-2014-4020openSUSE Leap 42.1
The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-4020SUSE bug 882602SUSE bug 882602SUSE bug 882602SUSE bug 882602SUSE bug 882602SUSE bug 882602CVE-2014-4043openSUSE Leap 42.1
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
ModerateCVE-2014-4043SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 882600SUSE bug 939797SUSE bug 882600SUSE bug 882600CVE-2014-4049openSUSE Leap 42.1
Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
ModerateCVE-2014-4049SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 882992SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853SUSE bug 893853CVE-2014-4207openSUSE Leap 42.1
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
ImportantCVE-2014-4207SUSE bug 887580SUSE bug 915914CVE-2014-4258openSUSE Leap 42.1
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.
ImportantCVE-2014-4258SUSE bug 887580SUSE bug 915914CVE-2014-4260openSUSE Leap 42.1
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.
ImportantCVE-2014-4260SUSE bug 887580SUSE bug 915914CVE-2014-4274openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.
ModerateCVE-2014-4274SUSE bug 896400SUSE bug 896400SUSE bug 857678SUSE bug 896400SUSE bug 896400SUSE bug 901237SUSE bug 896400SUSE bug 896400SUSE bug 896400SUSE bug 896400SUSE bug 901237SUSE bug 857678SUSE bug 915913SUSE bug 857678SUSE bug 896400SUSE bug 857678SUSE bug 896400SUSE bug 896400SUSE bug 857678SUSE bug 857678SUSE bug 857678SUSE bug 857678SUSE bug 896400SUSE bug 896400SUSE bug 896400CVE-2014-4287openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.
ModerateCVE-2014-4287SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-4336openSUSE Leap 42.1
The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
ModerateCVE-2014-4336SUSE bug 883543SUSE bug 871327SUSE bug 883543SUSE bug 883543SUSE bug 883543CVE-2014-4337openSUSE Leap 42.1
The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.
ModerateCVE-2014-4337SUSE bug 883543SUSE bug 871327SUSE bug 883543SUSE bug 883543CVE-2014-4338openSUSE Leap 42.1
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.
ModerateCVE-2014-4338SUSE bug 883536SUSE bug 871327SUSE bug 883536SUSE bug 883536CVE-2014-4341openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
ModerateCVE-2014-4341SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 770172CVE-2014-4342openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
ModerateCVE-2014-4342SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 886016SUSE bug 770172CVE-2014-4343openSUSE Leap 42.1
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
ModerateCVE-2014-4343SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 770172CVE-2014-4344openSUSE Leap 42.1
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
ModerateCVE-2014-4344SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697SUSE bug 888697CVE-2014-4345openSUSE Leap 42.1
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
ImportantCVE-2014-4345SUSE bug 891082SUSE bug 891082SUSE bug 891082SUSE bug 891082SUSE bug 770172CVE-2014-4607openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-4607SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947SUSE bug 883947CVE-2014-4617openSUSE Leap 42.1
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
ImportantCVE-2014-4617SUSE bug 884130SUSE bug 884130SUSE bug 884130SUSE bug 884130SUSE bug 884130SUSE bug 884130CVE-2014-4650openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-4650SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882SUSE bug 885882CVE-2014-4670openSUSE Leap 42.1
Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.
ModerateCVE-2014-4670SUSE bug 886059SUSE bug 886059SUSE bug 886059SUSE bug 886059SUSE bug 886059SUSE bug 886059SUSE bug 980366SUSE bug 992991CVE-2014-4698openSUSE Leap 42.1
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.
ModerateCVE-2014-4698SUSE bug 886060SUSE bug 886060SUSE bug 886060SUSE bug 886060SUSE bug 886060SUSE bug 886060SUSE bug 980366CVE-2014-4877openSUSE Leap 42.1
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.
ImportantCVE-2014-4877SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 902709SUSE bug 910180SUSE bug 902709SUSE bug 910180SUSE bug 911056SUSE bug 911056SUSE bug 910180SUSE bug 910180SUSE bug 910180SUSE bug 911056SUSE bug 910180SUSE bug 915835SUSE bug 915835SUSE bug 915835SUSE bug 915835SUSE bug 902709CVE-2014-4909openSUSE Leap 42.1
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
ImportantCVE-2014-4909SUSE bug 887079SUSE bug 887079SUSE bug 887079CVE-2014-4910openSUSE Leap 42.1
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.
ModerateCVE-2014-4910CVE-2014-4975openSUSE Leap 42.1
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
LowCVE-2014-4975SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877SUSE bug 887877CVE-2014-5029openSUSE Leap 42.1
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
CVE-2014-5029SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240CVE-2014-5030openSUSE Leap 42.1
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
CVE-2014-5030SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240CVE-2014-5031openSUSE Leap 42.1
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
CVE-2014-5031SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240SUSE bug 887240CVE-2014-5044openSUSE Leap 42.1
Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation.
ModerateCVE-2014-5044SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791SUSE bug 888791CVE-2014-5119openSUSE Leap 42.1
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
ImportantCVE-2014-5119SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 892073SUSE bug 903057SUSE bug 903057SUSE bug 916222SUSE bug 920055CVE-2014-5120openSUSE Leap 42.1
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.
ModerateCVE-2014-5120SUSE bug 893855SUSE bug 893855SUSE bug 893855SUSE bug 893855SUSE bug 893855SUSE bug 893855SUSE bug 1067090CVE-2014-5139openSUSE Leap 42.1
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.
ImportantCVE-2014-5139SUSE bug 890759SUSE bug 890765SUSE bug 890759SUSE bug 890765SUSE bug 886831SUSE bug 890765SUSE bug 890765SUSE bug 890765SUSE bug 890765SUSE bug 890765SUSE bug 890765SUSE bug 890765SUSE bug 890765CVE-2014-5146openSUSE Leap 42.1
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149.
ModerateCVE-2014-5146SUSE bug 889526SUSE bug 889526SUSE bug 889526SUSE bug 903970SUSE bug 889526SUSE bug 918998SUSE bug 889526SUSE bug 950367SUSE bug 889526SUSE bug 889526CVE-2014-5149openSUSE Leap 42.1
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146.
ModerateCVE-2014-5149SUSE bug 889526SUSE bug 889526SUSE bug 889526SUSE bug 903970SUSE bug 889526SUSE bug 918998SUSE bug 889526SUSE bug 950367SUSE bug 889526SUSE bug 889526CVE-2014-5161openSUSE Leap 42.1
The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5161SUSE bug 889854SUSE bug 889901SUSE bug 889901CVE-2014-5162openSUSE Leap 42.1
The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5162SUSE bug 889854SUSE bug 889901SUSE bug 889901CVE-2014-5163openSUSE Leap 42.1
The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-5163SUSE bug 889854SUSE bug 889906SUSE bug 889906CVE-2014-5164openSUSE Leap 42.1
The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-5164SUSE bug 889854SUSE bug 889900SUSE bug 889900CVE-2014-5165openSUSE Leap 42.1
The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
ModerateCVE-2014-5165SUSE bug 889854SUSE bug 889899SUSE bug 889899CVE-2014-5351openSUSE Leap 42.1
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
ImportantCVE-2014-5351SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874SUSE bug 897874CVE-2014-5352openSUSE Leap 42.1
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.
ImportantCVE-2014-5352SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 1005509SUSE bug 1005509SUSE bug 1005509SUSE bug 770172SUSE bug 912002CVE-2014-5353openSUSE Leap 42.1
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
LowCVE-2014-5353SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457SUSE bug 910457CVE-2014-5354openSUSE Leap 42.1
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
LowCVE-2014-5354SUSE bug 910458SUSE bug 910458SUSE bug 910458SUSE bug 910458SUSE bug 910458SUSE bug 910458CVE-2014-5355openSUSE Leap 42.1
MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.
ModerateCVE-2014-5355SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 770172SUSE bug 918595SUSE bug 918595SUSE bug 918595SUSE bug 918595CVE-2014-5459openSUSE Leap 42.1
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
ModerateCVE-2014-5459SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 893849SUSE bug 980366SUSE bug 893849SUSE bug 893849SUSE bug 992991CVE-2014-5461openSUSE Leap 42.1
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
ModerateCVE-2014-5461SUSE bug 893824SUSE bug 893824SUSE bug 893824SUSE bug 893824SUSE bug 893824SUSE bug 893824CVE-2014-6040openSUSE Leap 42.1
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
ModerateCVE-2014-6040SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 903057SUSE bug 903057SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 894553SUSE bug 916222CVE-2014-6051openSUSE Leap 42.1
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.
ModerateCVE-2014-6051SUSE bug 897031SUSE bug 897031SUSE bug 897031SUSE bug 900896CVE-2014-6052openSUSE Leap 42.1
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.
ModerateCVE-2014-6052SUSE bug 897031SUSE bug 897031SUSE bug 897031CVE-2014-6053openSUSE Leap 42.1
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
ModerateCVE-2014-6053SUSE bug 897031SUSE bug 897031SUSE bug 897031CVE-2014-6054openSUSE Leap 42.1
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
ModerateCVE-2014-6054SUSE bug 897031SUSE bug 897031SUSE bug 897031CVE-2014-6055openSUSE Leap 42.1
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
ModerateCVE-2014-6055SUSE bug 897031SUSE bug 897031SUSE bug 897031CVE-2014-6268openSUSE Leap 42.1
The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU.
ModerateCVE-2014-6268SUSE bug 895804SUSE bug 895804SUSE bug 895804CVE-2014-6271openSUSE Leap 42.1
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CriticalCVE-2014-6271SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 898346SUSE bug 898604SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 896776SUSE bug 898664SUSE bug 898762SUSE bug 896776SUSE bug 898664SUSE bug 898812SUSE bug 898884SUSE bug 896776SUSE bug 898346SUSE bug 898664SUSE bug 896776SUSE bug 898664SUSE bug 898664SUSE bug 898664SUSE bug 896776SUSE bug 900127SUSE bug 900057SUSE bug 896776SUSE bug 900057SUSE bug 900057SUSE bug 896776SUSE bug 896776SUSE bug 898664SUSE bug 896776SUSE bug 898664SUSE bug 896776SUSE bug 896776SUSE bug 898812SUSE bug 900127SUSE bug 900454SUSE bug 1024628SUSE bug 870618CVE-2014-6272openSUSE Leap 42.1
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the (1) evbuffer_add, (2) evbuffer_expand, or (3) bufferevent_write function, which triggers a heap-based buffer overflow or an infinite loop. NOTE: this identifier has been SPLIT per ADT3 due to different affected versions. See CVE-2015-6525 for the functions that are only affected in 2.0 and later.
ModerateCVE-2014-6272SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 897243SUSE bug 943011SUSE bug 947373SUSE bug 947373SUSE bug 947373SUSE bug 947373SUSE bug 947373SUSE bug 897243SUSE bug 947373SUSE bug 897243SUSE bug 943011SUSE bug 1041410SUSE bug 897243SUSE bug 943011CVE-2014-6277openSUSE Leap 42.1
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.
CriticalCVE-2014-6277SUSE bug 898812SUSE bug 898812SUSE bug 898664SUSE bug 898812SUSE bug 898812SUSE bug 898884SUSE bug 898762SUSE bug 898812SUSE bug 898812SUSE bug 898812SUSE bug 900127SUSE bug 900127SUSE bug 898762SUSE bug 900057SUSE bug 900454SUSE bug 898762SUSE bug 898812SUSE bug 900057SUSE bug 900454SUSE bug 900057SUSE bug 900454SUSE bug 900454SUSE bug 900454SUSE bug 898812SUSE bug 900127SUSE bug 900454SUSE bug 898812SUSE bug 900454SUSE bug 898812SUSE bug 898812SUSE bug 900127SUSE bug 900454SUSE bug 898812SUSE bug 900127SUSE bug 900454SUSE bug 898884SUSE bug 900057SUSE bug 900454SUSE bug 898812SUSE bug 898812SUSE bug 898812SUSE bug 898812SUSE bug 898812SUSE bug 898812SUSE bug 898812CVE-2014-6278openSUSE Leap 42.1
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
ImportantCVE-2014-6278SUSE bug 898884SUSE bug 898884SUSE bug 898664SUSE bug 898812SUSE bug 898884SUSE bug 898812SUSE bug 898884SUSE bug 898762SUSE bug 898884SUSE bug 898884SUSE bug 898604SUSE bug 898884SUSE bug 900057SUSE bug 900127SUSE bug 900057SUSE bug 898884SUSE bug 900057SUSE bug 900057SUSE bug 900057SUSE bug 898884SUSE bug 900057SUSE bug 898884SUSE bug 900057SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 900057SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884SUSE bug 898884CVE-2014-6423openSUSE Leap 42.1
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.
ModerateCVE-2014-6423SUSE bug 897055CVE-2014-6424openSUSE Leap 42.1
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.
ModerateCVE-2014-6424SUSE bug 897055CVE-2014-6425openSUSE Leap 42.1
The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a CUPS packet that lacks a trailing '\0' character.
ModerateCVE-2014-6425CVE-2014-6426openSUSE Leap 42.1
The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2014-6426CVE-2014-6427openSUSE Leap 42.1
Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.
ModerateCVE-2014-6427SUSE bug 897055CVE-2014-6428openSUSE Leap 42.1
The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-6428SUSE bug 897055CVE-2014-6429openSUSE Leap 42.1
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2014-6429SUSE bug 897055CVE-2014-6430openSUSE Leap 42.1
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2014-6430SUSE bug 897055CVE-2014-6431openSUSE Leap 42.1
Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.
ModerateCVE-2014-6431SUSE bug 897055CVE-2014-6432openSUSE Leap 42.1
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2014-6432SUSE bug 897055CVE-2014-6463openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.
ModerateCVE-2014-6463SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6464openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.
ModerateCVE-2014-6464SUSE bug 901237SUSE bug 901237SUSE bug 915912SUSE bug 915912SUSE bug 915912SUSE bug 915912SUSE bug 915912SUSE bug 915912CVE-2014-6469openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.
ModerateCVE-2014-6469SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6474openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.
ModerateCVE-2014-6474SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6478openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
ModerateCVE-2014-6478SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6484openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.
ModerateCVE-2014-6484SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6489openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.
ModerateCVE-2014-6489SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6491openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.
ModerateCVE-2014-6491SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6494openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.
ModerateCVE-2014-6494SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6495openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
ModerateCVE-2014-6495SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6496openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.
ModerateCVE-2014-6496SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6500openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.
ModerateCVE-2014-6500SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6505openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.
ModerateCVE-2014-6505SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6507openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
ModerateCVE-2014-6507SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6520openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.
ModerateCVE-2014-6520SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6530openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.
ModerateCVE-2014-6530SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6551openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.
ModerateCVE-2014-6551SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6555openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
ModerateCVE-2014-6555SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6559openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
ModerateCVE-2014-6559SUSE bug 901237SUSE bug 901237SUSE bug 915912CVE-2014-6564openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.
ModerateCVE-2014-6564SUSE bug 901237SUSE bug 901237SUSE bug 915913CVE-2014-6568openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
ImportantCVE-2014-6568SUSE bug 914058SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911SUSE bug 915911CVE-2014-6588openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6589, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427.
ModerateCVE-2014-6588SUSE bug 914447CVE-2014-6589openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427.
ModerateCVE-2014-6589SUSE bug 914447CVE-2014-6590openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6595, and CVE-2015-0427.
ModerateCVE-2014-6590SUSE bug 914447CVE-2014-6595openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2015-0427.
ModerateCVE-2014-6595SUSE bug 914447CVE-2014-7154openSUSE Leap 42.1
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
ModerateCVE-2014-7154SUSE bug 895798SUSE bug 895798SUSE bug 880751SUSE bug 880751SUSE bug 895798SUSE bug 895798SUSE bug 895798SUSE bug 895798SUSE bug 895798SUSE bug 895798SUSE bug 895798SUSE bug 895798CVE-2014-7155openSUSE Leap 42.1
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction.
ImportantCVE-2014-7155SUSE bug 895799SUSE bug 895799SUSE bug 880751SUSE bug 880751SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799SUSE bug 895799CVE-2014-7156openSUSE Leap 42.1
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors.
ModerateCVE-2014-7156SUSE bug 895802SUSE bug 895802SUSE bug 880751SUSE bug 880751SUSE bug 895802SUSE bug 895802SUSE bug 895802SUSE bug 895802SUSE bug 895802SUSE bug 895802SUSE bug 895802SUSE bug 895802CVE-2014-7169openSUSE Leap 42.1
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
ImportantCVE-2014-7169SUSE bug 898346SUSE bug 898346SUSE bug 898762SUSE bug 896776SUSE bug 898346SUSE bug 898762SUSE bug 898346SUSE bug 898762SUSE bug 898346SUSE bug 898762SUSE bug 898346SUSE bug 898664SUSE bug 898762SUSE bug 898346SUSE bug 898762SUSE bug 898812SUSE bug 898884SUSE bug 898346SUSE bug 898762SUSE bug 898762SUSE bug 898664SUSE bug 898346SUSE bug 900057SUSE bug 900127SUSE bug 898762SUSE bug 900057SUSE bug 898346SUSE bug 898762SUSE bug 900057SUSE bug 900057SUSE bug 898346SUSE bug 898346SUSE bug 898762SUSE bug 902237SUSE bug 899266SUSE bug 902237SUSE bug 902237SUSE bug 898346SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 926146SUSE bug 898812SUSE bug 900127SUSE bug 900454SUSE bug 898884SUSE bug 900057SUSE bug 1024628SUSE bug 870618CVE-2014-7185openSUSE Leap 42.1
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
ImportantCVE-2014-7185SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 898572SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 898572SUSE bug 955182SUSE bug 955182SUSE bug 955182SUSE bug 955182SUSE bug 955182SUSE bug 955182SUSE bug 955182SUSE bug 913479SUSE bug 898572SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 955182SUSE bug 913479CVE-2014-7186openSUSE Leap 42.1
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here documents, aka the "redir_stack" issue.
ImportantCVE-2014-7186SUSE bug 898603SUSE bug 898603SUSE bug 898603SUSE bug 898762SUSE bug 898603SUSE bug 898603SUSE bug 898664SUSE bug 898762SUSE bug 898603SUSE bug 898664SUSE bug 898812SUSE bug 898884SUSE bug 898603SUSE bug 898664SUSE bug 898603SUSE bug 900057SUSE bug 900057SUSE bug 898603SUSE bug 898884SUSE bug 900057SUSE bug 898603SUSE bug 1024628CVE-2014-7187openSUSE Leap 42.1
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deeply nested for loops, aka the "word_lineno" issue.
CriticalCVE-2014-7187SUSE bug 898603SUSE bug 898603SUSE bug 898603SUSE bug 898762SUSE bug 898603SUSE bug 898603SUSE bug 898664SUSE bug 898762SUSE bug 898603SUSE bug 898664SUSE bug 898762SUSE bug 898812SUSE bug 898884SUSE bug 898603SUSE bug 898762SUSE bug 898762SUSE bug 898664SUSE bug 898603SUSE bug 900057SUSE bug 900057SUSE bug 900057SUSE bug 898603SUSE bug 898603SUSE bug 1024628CVE-2014-7188openSUSE Leap 42.1
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.
ImportantCVE-2014-7188SUSE bug 897657SUSE bug 880751SUSE bug 880751SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 903970SUSE bug 897657SUSE bug 897657SUSE bug 897657SUSE bug 897657CVE-2014-7204openSUSE Leap 42.1
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
LowCVE-2014-7204SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486SUSE bug 899486CVE-2014-7271openSUSE Leap 42.1
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.
ModerateCVE-2014-7271SUSE bug 897788CVE-2014-7272openSUSE Leap 42.1
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
ImportantCVE-2014-7272SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788SUSE bug 897788CVE-2014-7815openSUSE Leap 42.1
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
ModerateCVE-2014-7815SUSE bug 902737SUSE bug 902737SUSE bug 902737SUSE bug 902737SUSE bug 902737SUSE bug 902737SUSE bug 962627SUSE bug 962627SUSE bug 962627SUSE bug 962627SUSE bug 902737SUSE bug 902737CVE-2014-7817openSUSE Leap 42.1
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
ModerateCVE-2014-7817SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371SUSE bug 906371CVE-2014-7823openSUSE Leap 42.1
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.
LowCVE-2014-7823SUSE bug 904176SUSE bug 904176SUSE bug 904176SUSE bug 904176SUSE bug 904176CVE-2014-7824openSUSE Leap 42.1
D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1.
ModerateCVE-2014-7824SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017SUSE bug 904017CVE-2014-7840openSUSE Leap 42.1
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
ModerateCVE-2014-7840SUSE bug 905097SUSE bug 905097SUSE bug 905097SUSE bug 905097SUSE bug 905097SUSE bug 905097CVE-2014-7844openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-7844SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208SUSE bug 909208CVE-2014-8080openSUSE Leap 42.1
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.
ModerateCVE-2014-8080SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851SUSE bug 902851CVE-2014-8090openSUSE Leap 42.1
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.
ModerateCVE-2014-8090SUSE bug 905326SUSE bug 905326SUSE bug 905326SUSE bug 905326SUSE bug 905326SUSE bug 905326SUSE bug 905326CVE-2014-8104openSUSE Leap 42.1
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
ModerateCVE-2014-8104SUSE bug 907764SUSE bug 907764SUSE bug 907764SUSE bug 907764SUSE bug 907764SUSE bug 907764CVE-2014-8106openSUSE Leap 42.1
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.
ModerateCVE-2014-8106SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 907805SUSE bug 1023004SUSE bug 1023004CVE-2014-8108openSUSE Leap 42.1
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.
ModerateCVE-2014-8108SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935SUSE bug 909935CVE-2014-8109openSUSE Leap 42.1
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.
ModerateCVE-2014-8109SUSE bug 909715SUSE bug 909715SUSE bug 909715CVE-2014-8116openSUSE Leap 42.1
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
ModerateCVE-2014-8116SUSE bug 910252SUSE bug 910253SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 910252SUSE bug 917152CVE-2014-8117openSUSE Leap 42.1
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
ModerateCVE-2014-8117SUSE bug 910252SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 910253SUSE bug 917152CVE-2014-8118openSUSE Leap 42.1
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
CriticalCVE-2014-8118SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 906803SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128SUSE bug 908128CVE-2014-8119openSUSE Leap 42.1
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
ModerateCVE-2014-8119SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225SUSE bug 925225CVE-2014-8121openSUSE Leap 42.1
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
ModerateCVE-2014-8121SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 939211SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 945779SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187SUSE bug 918187CVE-2014-8127openSUSE Leap 42.1
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.
LowCVE-2014-8127SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 916925SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 942690SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890CVE-2014-8128openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-8128SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 916925SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 942690SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 983436SUSE bug 983436SUSE bug 1017690SUSE bug 1017690SUSE bug 983436SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341CVE-2014-8129openSUSE Leap 42.1
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
ImportantCVE-2014-8129SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 916925SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 942690SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890CVE-2014-8130openSUSE Leap 42.1
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
LowCVE-2014-8130SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 916925SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 942690SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890SUSE bug 914890CVE-2014-8131openSUSE Leap 42.1
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
LowCVE-2014-8131SUSE bug 909274SUSE bug 909274SUSE bug 909274SUSE bug 909274CVE-2014-8132openSUSE Leap 42.1
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.
ModerateCVE-2014-8132SUSE bug 910790SUSE bug 910790SUSE bug 910790SUSE bug 910790SUSE bug 910790SUSE bug 910790SUSE bug 910790SUSE bug 928323CVE-2014-8133openSUSE Leap 42.1
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.
ModerateCVE-2014-8133SUSE bug 907818SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 817142SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 906545SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 923485SUSE bug 923485SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077SUSE bug 909077CVE-2014-8137openSUSE Leap 42.1
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
ModerateCVE-2014-8137SUSE bug 909474SUSE bug 909475SUSE bug 909474SUSE bug 909474SUSE bug 909474SUSE bug 909474SUSE bug 909474SUSE bug 909474SUSE bug 911837SUSE bug 909474SUSE bug 909474SUSE bug 968373CVE-2014-8138openSUSE Leap 42.1
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
ImportantCVE-2014-8138SUSE bug 909475SUSE bug 909474SUSE bug 909475SUSE bug 909475SUSE bug 909475SUSE bug 909475SUSE bug 909475SUSE bug 909475SUSE bug 911837SUSE bug 909475SUSE bug 909475CVE-2014-8139openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-8139SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 909214SUSE bug 915880SUSE bug 909214SUSE bug 915880CVE-2014-8140openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-8140SUSE bug 909214SUSE bug 909214SUSE bug 914442SUSE bug 915880SUSE bug 915880CVE-2014-8141openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-8141SUSE bug 909214SUSE bug 909214SUSE bug 915880SUSE bug 915880CVE-2014-8142openSUSE Leap 42.1
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019.
LowCVE-2014-8142SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 910659SUSE bug 980366SUSE bug 910659SUSE bug 910659CVE-2014-8143openSUSE Leap 42.1
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.
ModerateCVE-2014-8143SUSE bug 914279CVE-2014-8146openSUSE Leap 42.1
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
ModerateCVE-2014-8146SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 927951SUSE bug 927951SUSE bug 910805SUSE bug 927951SUSE bug 910805SUSE bug 929629SUSE bug 929629SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 910805SUSE bug 959178SUSE bug 959178SUSE bug 910805SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 929629CVE-2014-8147openSUSE Leap 42.1
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
ModerateCVE-2014-8147SUSE bug 910806SUSE bug 910806SUSE bug 910806SUSE bug 910806SUSE bug 927951SUSE bug 927951SUSE bug 910805SUSE bug 927951SUSE bug 910805SUSE bug 929629SUSE bug 910806SUSE bug 929629SUSE bug 910805SUSE bug 910806SUSE bug 910806SUSE bug 910805SUSE bug 910806SUSE bug 910806SUSE bug 910806SUSE bug 910806SUSE bug 910806SUSE bug 959178SUSE bug 959178SUSE bug 910806SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 929629SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1079317SUSE bug 1079317SUSE bug 1079317SUSE bug 1066493SUSE bug 1079317SUSE bug 1066493SUSE bug 1079317SUSE bug 1079317SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1079317SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1079317SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 1066493SUSE bug 929629CVE-2014-8148openSUSE Leap 42.1
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
ImportantCVE-2014-8148SUSE bug 912023CVE-2014-8150openSUSE Leap 42.1
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
ModerateCVE-2014-8150SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 911363SUSE bug 951391SUSE bug 911363CVE-2014-8157openSUSE Leap 42.1
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
ModerateCVE-2014-8157SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837CVE-2014-8158openSUSE Leap 42.1
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
ModerateCVE-2014-8158SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837SUSE bug 911837CVE-2014-8169openSUSE Leap 42.1
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory.
ModerateCVE-2014-8169SUSE bug 917977SUSE bug 917977SUSE bug 917977SUSE bug 917977SUSE bug 917977SUSE bug 917977SUSE bug 917977CVE-2014-8178openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-8178SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660CVE-2014-8179openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2014-8179SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660SUSE bug 949660CVE-2014-8240openSUSE Leap 42.1
Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-based buffer overflow, a similar issue to CVE-2014-6051.
ImportantCVE-2014-8240SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896SUSE bug 900896CVE-2014-8242openSUSE Leap 42.1
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
LowCVE-2014-8242SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 922710SUSE bug 900914SUSE bug 900914SUSE bug 922710SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914SUSE bug 900914CVE-2014-8275openSUSE Leap 42.1
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.
ModerateCVE-2014-8275SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 911906SUSE bug 911906SUSE bug 911906SUSE bug 920339SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 927623SUSE bug 937891SUSE bug 912018SUSE bug 912018SUSE bug 912018SUSE bug 912018CVE-2014-8354openSUSE Leap 42.1
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
LowCVE-2014-8354SUSE bug 903204SUSE bug 903204SUSE bug 903204SUSE bug 903204SUSE bug 903638SUSE bug 903204SUSE bug 903204SUSE bug 903204CVE-2014-8355openSUSE Leap 42.1
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
LowCVE-2014-8355SUSE bug 903216SUSE bug 903216SUSE bug 903216SUSE bug 903216SUSE bug 903638SUSE bug 903216SUSE bug 903216SUSE bug 903216CVE-2014-8483openSUSE Leap 42.1
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.
LowCVE-2014-8483SUSE bug 902670SUSE bug 902670SUSE bug 902670SUSE bug 902670SUSE bug 902670SUSE bug 902670SUSE bug 902670SUSE bug 902670CVE-2014-8484openSUSE Leap 42.1
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
ModerateCVE-2014-8484SUSE bug 902677SUSE bug 902677SUSE bug 902677SUSE bug 902677SUSE bug 902677SUSE bug 902676CVE-2014-8485openSUSE Leap 42.1
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
ModerateCVE-2014-8485SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676SUSE bug 902676CVE-2014-8500openSUSE Leap 42.1
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
ImportantCVE-2014-8500SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994SUSE bug 908994CVE-2014-8501openSUSE Leap 42.1
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable.
ModerateCVE-2014-8501SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655SUSE bug 903655CVE-2014-8502openSUSE Leap 42.1
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.
ModerateCVE-2014-8502SUSE bug 903655CVE-2014-8503openSUSE Leap 42.1
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
ModerateCVE-2014-8503SUSE bug 903655CVE-2014-8504openSUSE Leap 42.1
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
ModerateCVE-2014-8504SUSE bug 903655CVE-2014-8517openSUSE Leap 42.1
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
ModerateCVE-2014-8517SUSE bug 903011SUSE bug 903011SUSE bug 903011SUSE bug 903011CVE-2014-8562openSUSE Leap 42.1
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
ImportantCVE-2014-8562SUSE bug 903638SUSE bug 903638SUSE bug 903638SUSE bug 903638SUSE bug 903638SUSE bug 903638CVE-2014-8564openSUSE Leap 42.1
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.
ImportantCVE-2014-8564SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603SUSE bug 904603CVE-2014-8600openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message.
LowCVE-2014-8600SUSE bug 905742SUSE bug 905742SUSE bug 905742SUSE bug 905742SUSE bug 905742SUSE bug 905742CVE-2014-8634openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-8634SUSE bug 913064SUSE bug 913064SUSE bug 913064SUSE bug 913096SUSE bug 913064SUSE bug 913064CVE-2014-8635openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2014-8635CVE-2014-8636openSUSE Leap 42.1
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
ModerateCVE-2014-8636SUSE bug 913102SUSE bug 913096SUSE bug 913102SUSE bug 913102SUSE bug 913102CVE-2014-8637openSUSE Leap 42.1
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.
ModerateCVE-2014-8637SUSE bug 913103SUSE bug 913096SUSE bug 913103SUSE bug 913103SUSE bug 913103CVE-2014-8638openSUSE Leap 42.1
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
ModerateCVE-2014-8638SUSE bug 913068SUSE bug 913068SUSE bug 913068SUSE bug 913096SUSE bug 913068SUSE bug 913068SUSE bug 913068SUSE bug 913068CVE-2014-8639openSUSE Leap 42.1
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.
ModerateCVE-2014-8639SUSE bug 913066SUSE bug 913066SUSE bug 913096SUSE bug 913066SUSE bug 913066CVE-2014-8640openSUSE Leap 42.1
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
ModerateCVE-2014-8640SUSE bug 913104SUSE bug 913104SUSE bug 913096SUSE bug 913104SUSE bug 913104SUSE bug 913104CVE-2014-8641openSUSE Leap 42.1
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.
ImportantCVE-2014-8641SUSE bug 913067SUSE bug 913067SUSE bug 913067SUSE bug 913096SUSE bug 913067SUSE bug 913067CVE-2014-8642openSUSE Leap 42.1
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.
ModerateCVE-2014-8642SUSE bug 913222SUSE bug 913222CVE-2014-8643openSUSE Leap 42.1
Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.
ImportantCVE-2014-8643CVE-2014-8651openSUSE Leap 42.1
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
LowCVE-2014-8651SUSE bug 904625SUSE bug 904625SUSE bug 904625SUSE bug 904625SUSE bug 904625SUSE bug 904625CVE-2014-8710openSUSE Leap 42.1
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.
ModerateCVE-2014-8710SUSE bug 905246SUSE bug 905246SUSE bug 905246SUSE bug 905246CVE-2014-8711openSUSE Leap 42.1
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.
ModerateCVE-2014-8711SUSE bug 905245SUSE bug 905245SUSE bug 905245SUSE bug 905245CVE-2014-8712openSUSE Leap 42.1
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-8712SUSE bug 905248SUSE bug 905248SUSE bug 905248SUSE bug 905248CVE-2014-8713openSUSE Leap 42.1
Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2014-8713SUSE bug 905248SUSE bug 905248SUSE bug 905248SUSE bug 905248CVE-2014-8714openSUSE Leap 42.1
The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2014-8714SUSE bug 905247SUSE bug 905247SUSE bug 905247SUSE bug 905247CVE-2014-8716openSUSE Leap 42.1
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
ImportantCVE-2014-8716SUSE bug 905260SUSE bug 905260SUSE bug 905260SUSE bug 905260CVE-2014-8737openSUSE Leap 42.1
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.
ModerateCVE-2014-8737SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 912408SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736SUSE bug 905736CVE-2014-8738openSUSE Leap 42.1
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
ModerateCVE-2014-8738SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735SUSE bug 905735CVE-2014-8767openSUSE Leap 42.1
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
LowCVE-2014-8767SUSE bug 905870SUSE bug 905870SUSE bug 905870SUSE bug 905871SUSE bug 905870SUSE bug 905870SUSE bug 905870CVE-2014-8768openSUSE Leap 42.1
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
LowCVE-2014-8768SUSE bug 905871SUSE bug 905871SUSE bug 905871SUSE bug 905871SUSE bug 905871SUSE bug 905871CVE-2014-8769openSUSE Leap 42.1
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
LowCVE-2014-8769SUSE bug 905872SUSE bug 905871SUSE bug 905872SUSE bug 905872SUSE bug 905872CVE-2014-8962openSUSE Leap 42.1
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
ImportantCVE-2014-8962SUSE bug 906831SUSE bug 906831SUSE bug 906831SUSE bug 906831SUSE bug 906831SUSE bug 907764CVE-2014-8964openSUSE Leap 42.1
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
ModerateCVE-2014-8964SUSE bug 906574SUSE bug 906574SUSE bug 906574SUSE bug 906574SUSE bug 906574SUSE bug 906574SUSE bug 933288SUSE bug 936408SUSE bug 906574SUSE bug 906574SUSE bug 924960SUSE bug 958373SUSE bug 906574SUSE bug 906574SUSE bug 906574CVE-2014-8991openSUSE Leap 42.1
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
LowCVE-2014-8991SUSE bug 907038SUSE bug 907038SUSE bug 907038CVE-2014-9028openSUSE Leap 42.1
Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.
ImportantCVE-2014-9028SUSE bug 907016SUSE bug 907016SUSE bug 907016SUSE bug 907016CVE-2014-9029openSUSE Leap 42.1
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
ImportantCVE-2014-9029SUSE bug 906364SUSE bug 906364SUSE bug 906364SUSE bug 906364SUSE bug 906364SUSE bug 909474SUSE bug 906364SUSE bug 906364SUSE bug 906364SUSE bug 992991CVE-2014-9050openSUSE Leap 42.1
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
ImportantCVE-2014-9050SUSE bug 906770SUSE bug 906770SUSE bug 906770SUSE bug 1040662CVE-2014-9087openSUSE Leap 42.1
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
ModerateCVE-2014-9087SUSE bug 907074SUSE bug 907074SUSE bug 907074SUSE bug 907074SUSE bug 907074SUSE bug 907074SUSE bug 907074SUSE bug 926826SUSE bug 996084CVE-2014-9092openSUSE Leap 42.1
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
ModerateCVE-2014-9092SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761SUSE bug 906761CVE-2014-9093openSUSE Leap 42.1
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
ModerateCVE-2014-9093SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636SUSE bug 907636CVE-2014-9112openSUSE Leap 42.1
Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
ModerateCVE-2014-9112SUSE bug 907456SUSE bug 907456SUSE bug 907456SUSE bug 907456SUSE bug 907456SUSE bug 907456SUSE bug 907456SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 907456SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479SUSE bug 913479CVE-2014-9114openSUSE Leap 42.1
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
ImportantCVE-2014-9114SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 906725SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 908742SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 888678SUSE bug 907434SUSE bug 907434SUSE bug 907434SUSE bug 907434CVE-2014-9116openSUSE Leap 42.1
The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.
ImportantCVE-2014-9116SUSE bug 907453SUSE bug 907453SUSE bug 907453SUSE bug 907453SUSE bug 907453SUSE bug 907453SUSE bug 907453CVE-2014-9130openSUSE Leap 42.1
scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
ModerateCVE-2014-9130SUSE bug 907809SUSE bug 907809SUSE bug 907809SUSE bug 907809SUSE bug 911782SUSE bug 907809SUSE bug 907809SUSE bug 921588SUSE bug 907809SUSE bug 907809CVE-2014-9140openSUSE Leap 42.1
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
ImportantCVE-2014-9140SUSE bug 923142SUSE bug 923142SUSE bug 923142SUSE bug 923142CVE-2014-9293openSUSE Leap 42.1
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CriticalCVE-2014-9293SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 911792SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 959243CVE-2014-9294openSUSE Leap 42.1
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CriticalCVE-2014-9294SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 911792SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 959243CVE-2014-9295openSUSE Leap 42.1
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
CriticalCVE-2014-9295SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 912826SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 911792SUSE bug 883859SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 916239SUSE bug 910764SUSE bug 916239SUSE bug 916239SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 911792SUSE bug 911792SUSE bug 910764SUSE bug 916239SUSE bug 910764SUSE bug 910764SUSE bug 916239SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 912826SUSE bug 916239SUSE bug 910764SUSE bug 916239SUSE bug 912826SUSE bug 959243CVE-2014-9296openSUSE Leap 42.1
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
ModerateCVE-2014-9296SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 910764SUSE bug 911792SUSE bug 959243SUSE bug 992991CVE-2014-9297openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
CriticalCVE-2014-9297SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 948963SUSE bug 911792SUSE bug 911792SUSE bug 959243SUSE bug 959243SUSE bug 911792SUSE bug 911792CVE-2014-9298openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
CriticalCVE-2014-9298SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 911792SUSE bug 948963SUSE bug 911792SUSE bug 911792SUSE bug 959243SUSE bug 959243SUSE bug 911792SUSE bug 911792CVE-2014-9328openSUSE Leap 42.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
ModerateCVE-2014-9328SUSE bug 915512SUSE bug 915512SUSE bug 915512SUSE bug 915512SUSE bug 915512SUSE bug 1040662SUSE bug 915512CVE-2014-9390openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2014-9390SUSE bug 910756SUSE bug 910756SUSE bug 910756SUSE bug 910756SUSE bug 910756SUSE bug 925040SUSE bug 925040SUSE bug 925040SUSE bug 910756SUSE bug 910756SUSE bug 910756SUSE bug 925040CVE-2014-9402openSUSE Leap 42.1
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
LowCVE-2014-9402SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599SUSE bug 910599CVE-2014-9403openSUSE Leap 42.1
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.
LowCVE-2014-9403SUSE bug 956254SUSE bug 956254CVE-2014-9421openSUSE Leap 42.1
The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.
ImportantCVE-2014-9421SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 1005509SUSE bug 770172SUSE bug 912002CVE-2014-9422openSUSE Leap 42.1
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
ImportantCVE-2014-9422SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 1005509SUSE bug 770172SUSE bug 912002CVE-2014-9423openSUSE Leap 42.1
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
ImportantCVE-2014-9423SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 912002SUSE bug 1005509SUSE bug 912002CVE-2014-9427openSUSE Leap 42.1
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.
ModerateCVE-2014-9427SUSE bug 911664SUSE bug 911664SUSE bug 911664SUSE bug 911664SUSE bug 911664SUSE bug 911664CVE-2014-9447openSUSE Leap 42.1
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.
ImportantCVE-2014-9447SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 912316SUSE bug 912408SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 912408SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 911662SUSE bug 912408CVE-2014-9449openSUSE Leap 42.1
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
ModerateCVE-2014-9449CVE-2014-9474openSUSE Leap 42.1
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
LowCVE-2014-9474SUSE bug 911812SUSE bug 911812SUSE bug 911812SUSE bug 911812SUSE bug 911812SUSE bug 911812SUSE bug 911812CVE-2014-9495openSUSE Leap 42.1
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
ImportantCVE-2014-9495SUSE bug 912076SUSE bug 912076SUSE bug 912076SUSE bug 912076SUSE bug 912929SUSE bug 912076SUSE bug 912076SUSE bug 912076SUSE bug 912076CVE-2014-9496openSUSE Leap 42.1
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
ImportantCVE-2014-9496SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796SUSE bug 911796CVE-2014-9508openSUSE Leap 42.1
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only contain anchors, allows remote attackers to change URLs to arbitrary domains for those links via unknown vectors.
ModerateCVE-2014-9508CVE-2014-9512openSUSE Leap 42.1
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
ImportantCVE-2014-9512SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 960191SUSE bug 915410SUSE bug 960191SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 960191SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410SUSE bug 915410CVE-2014-9556openSUSE Leap 42.1
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
ModerateCVE-2014-9556SUSE bug 912214SUSE bug 912316SUSE bug 912214SUSE bug 912214SUSE bug 912214SUSE bug 912214SUSE bug 912214SUSE bug 919283SUSE bug 912214SUSE bug 919283SUSE bug 912214SUSE bug 912214SUSE bug 912214SUSE bug 919283SUSE bug 919283SUSE bug 934533SUSE bug 919283SUSE bug 919283SUSE bug 919283SUSE bug 919283SUSE bug 912214SUSE bug 919283SUSE bug 919283CVE-2014-9636openSUSE Leap 42.1
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
ImportantCVE-2014-9636SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442SUSE bug 914442CVE-2014-9638openSUSE Leap 42.1
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
ModerateCVE-2014-9638SUSE bug 914439SUSE bug 914439SUSE bug 914441SUSE bug 914439SUSE bug 914439SUSE bug 914439SUSE bug 914439SUSE bug 914439SUSE bug 914439CVE-2014-9639openSUSE Leap 42.1
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
ModerateCVE-2014-9639SUSE bug 914441SUSE bug 914439SUSE bug 914441SUSE bug 914439SUSE bug 914441SUSE bug 914441SUSE bug 914441SUSE bug 914441SUSE bug 914441SUSE bug 914441SUSE bug 1081744CVE-2014-9640openSUSE Leap 42.1
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
ModerateCVE-2014-9640SUSE bug 914938SUSE bug 914938SUSE bug 914938SUSE bug 914938SUSE bug 914938SUSE bug 912214SUSE bug 919283CVE-2014-9645openSUSE Leap 42.1
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command.
ModerateCVE-2014-9645SUSE bug 914423SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914660SUSE bug 914423SUSE bug 914660SUSE bug 914423SUSE bug 914660CVE-2014-9652openSUSE Leap 42.1
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.
ModerateCVE-2014-9652SUSE bug 917150SUSE bug 918768SUSE bug 917150SUSE bug 917150SUSE bug 917150SUSE bug 917302SUSE bug 980366CVE-2014-9654openSUSE Leap 42.1
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.
ModerateCVE-2014-9654SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 929629SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 917129SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 917129SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 952260SUSE bug 969781CVE-2014-9655openSUSE Leap 42.1
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.
ModerateCVE-2014-9655SUSE bug 916927SUSE bug 916927SUSE bug 916925SUSE bug 914890SUSE bug 916927SUSE bug 916927SUSE bug 916927SUSE bug 916927SUSE bug 916927SUSE bug 916927SUSE bug 916927CVE-2014-9656openSUSE Leap 42.1
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.
ModerateCVE-2014-9656SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847SUSE bug 916847CVE-2014-9657openSUSE Leap 42.1
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
ModerateCVE-2014-9657SUSE bug 916856SUSE bug 916856SUSE bug 916856SUSE bug 916856SUSE bug 916856SUSE bug 916856CVE-2014-9658openSUSE Leap 42.1
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
ModerateCVE-2014-9658SUSE bug 916857SUSE bug 916857SUSE bug 916857SUSE bug 916857SUSE bug 916857SUSE bug 916857SUSE bug 916857CVE-2014-9659openSUSE Leap 42.1
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
ModerateCVE-2014-9659SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867SUSE bug 916867CVE-2014-9660openSUSE Leap 42.1
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
ModerateCVE-2014-9660SUSE bug 916858SUSE bug 916858SUSE bug 916858SUSE bug 916858SUSE bug 916858SUSE bug 916858SUSE bug 916858SUSE bug 916858CVE-2014-9661openSUSE Leap 42.1
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
ModerateCVE-2014-9661SUSE bug 916859SUSE bug 916859SUSE bug 916859SUSE bug 916859SUSE bug 916859SUSE bug 916859SUSE bug 916859CVE-2014-9662openSUSE Leap 42.1
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
ModerateCVE-2014-9662SUSE bug 916860SUSE bug 916860SUSE bug 916860SUSE bug 916860SUSE bug 916860SUSE bug 916860SUSE bug 916860SUSE bug 916860CVE-2014-9663openSUSE Leap 42.1
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
ModerateCVE-2014-9663SUSE bug 916865SUSE bug 916865SUSE bug 916865SUSE bug 916865SUSE bug 916865SUSE bug 916865SUSE bug 916865CVE-2014-9664openSUSE Leap 42.1
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
ModerateCVE-2014-9664SUSE bug 916864SUSE bug 916864SUSE bug 916864SUSE bug 916864SUSE bug 916864SUSE bug 916864SUSE bug 916864CVE-2014-9665openSUSE Leap 42.1
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
ModerateCVE-2014-9665SUSE bug 916863SUSE bug 916863SUSE bug 916863SUSE bug 916863SUSE bug 916863SUSE bug 916863SUSE bug 916863SUSE bug 916863CVE-2014-9666openSUSE Leap 42.1
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
ModerateCVE-2014-9666SUSE bug 916862SUSE bug 916862SUSE bug 916862SUSE bug 916862SUSE bug 916862SUSE bug 916862SUSE bug 916862SUSE bug 916862CVE-2014-9667openSUSE Leap 42.1
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
ModerateCVE-2014-9667SUSE bug 916861SUSE bug 916861SUSE bug 916861SUSE bug 916861SUSE bug 916861SUSE bug 916861SUSE bug 916861CVE-2014-9668openSUSE Leap 42.1
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
ModerateCVE-2014-9668SUSE bug 916868SUSE bug 916868SUSE bug 916868SUSE bug 916868SUSE bug 916868SUSE bug 916868SUSE bug 916868SUSE bug 916868CVE-2014-9669openSUSE Leap 42.1
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
ModerateCVE-2014-9669SUSE bug 916870SUSE bug 916870SUSE bug 916870SUSE bug 916870SUSE bug 916870SUSE bug 916870SUSE bug 916870CVE-2014-9670openSUSE Leap 42.1
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
ModerateCVE-2014-9670SUSE bug 916871SUSE bug 916871SUSE bug 916871SUSE bug 916871SUSE bug 916871SUSE bug 916871SUSE bug 916871SUSE bug 933247CVE-2014-9671openSUSE Leap 42.1
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
ModerateCVE-2014-9671SUSE bug 916872SUSE bug 916872SUSE bug 916872SUSE bug 916872SUSE bug 916872SUSE bug 916872SUSE bug 916872SUSE bug 933247SUSE bug 933247CVE-2014-9672openSUSE Leap 42.1
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
ModerateCVE-2014-9672SUSE bug 916873SUSE bug 916873SUSE bug 916873SUSE bug 916873SUSE bug 916873SUSE bug 916873SUSE bug 916873CVE-2014-9673openSUSE Leap 42.1
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
ModerateCVE-2014-9673SUSE bug 916874SUSE bug 916874SUSE bug 916874SUSE bug 916874SUSE bug 916874SUSE bug 916874SUSE bug 916874CVE-2014-9674openSUSE Leap 42.1
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
ModerateCVE-2014-9674SUSE bug 916879SUSE bug 916879SUSE bug 916879SUSE bug 916879SUSE bug 916879SUSE bug 916879SUSE bug 916879CVE-2014-9675openSUSE Leap 42.1
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
ModerateCVE-2014-9675SUSE bug 916881SUSE bug 916881SUSE bug 916881SUSE bug 916881SUSE bug 916881SUSE bug 916881CVE-2014-9679openSUSE Leap 42.1
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
ModerateCVE-2014-9679SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799SUSE bug 917799CVE-2014-9680openSUSE Leap 42.1
sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives.
LowCVE-2014-9680SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 921999SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 919737SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 917806SUSE bug 953359SUSE bug 917806CVE-2014-9687openSUSE Leap 42.1
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
ModerateCVE-2014-9687SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160SUSE bug 920160CVE-2014-9705openSUSE Leap 42.1
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.
ModerateCVE-2014-9705SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 922451SUSE bug 980366SUSE bug 922451SUSE bug 922451CVE-2014-9709openSUSE Leap 42.1
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.
ModerateCVE-2014-9709SUSE bug 923945SUSE bug 923946SUSE bug 923946SUSE bug 923945SUSE bug 923946SUSE bug 923946SUSE bug 923946SUSE bug 923946SUSE bug 923945SUSE bug 923945SUSE bug 923945SUSE bug 923946SUSE bug 923945SUSE bug 923946SUSE bug 923945SUSE bug 923946SUSE bug 923946SUSE bug 923946SUSE bug 923945SUSE bug 923945SUSE bug 923946SUSE bug 923946SUSE bug 923946SUSE bug 923945SUSE bug 923946SUSE bug 923945SUSE bug 980366SUSE bug 923945SUSE bug 923945SUSE bug 923945CVE-2014-9718openSUSE Leap 42.1
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.
ModerateCVE-2014-9718SUSE bug 928393SUSE bug 928393SUSE bug 928393SUSE bug 928393SUSE bug 964431SUSE bug 964431SUSE bug 964431SUSE bug 964431SUSE bug 964431SUSE bug 928393SUSE bug 928393CVE-2014-9749openSUSE Leap 42.1
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
ImportantCVE-2014-9749SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 993299SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942SUSE bug 949942CVE-2014-9756openSUSE Leap 42.1
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable.
ModerateCVE-2014-9756SUSE bug 953521SUSE bug 953521SUSE bug 953521SUSE bug 953521CVE-2014-9761openSUSE Leap 42.1
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
ModerateCVE-2014-9761SUSE bug 962738SUSE bug 962738SUSE bug 962738SUSE bug 962738SUSE bug 962738SUSE bug 962738SUSE bug 962738SUSE bug 986086CVE-2014-9767openSUSE Leap 42.1
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.
ModerateCVE-2014-9767SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 971612SUSE bug 980366SUSE bug 971612CVE-2014-9770openSUSE Leap 42.1
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
LowCVE-2014-9770SUSE bug 972612SUSE bug 972612SUSE bug 972612SUSE bug 972612SUSE bug 972612SUSE bug 972612SUSE bug 972612SUSE bug 972612CVE-2014-9773openSUSE Leap 42.1
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.
ModerateCVE-2014-9773SUSE bug 978170SUSE bug 978170SUSE bug 978170SUSE bug 978170CVE-2014-9805openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
ModerateCVE-2014-9805SUSE bug 982969SUSE bug 982969SUSE bug 983752SUSE bug 982969SUSE bug 983752SUSE bug 982969SUSE bug 982969SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752SUSE bug 983752CVE-2014-9806openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
ModerateCVE-2014-9806SUSE bug 982969SUSE bug 982969SUSE bug 983774SUSE bug 982969SUSE bug 983774SUSE bug 982969SUSE bug 982969SUSE bug 983774SUSE bug 983774SUSE bug 983774SUSE bug 983774SUSE bug 983774SUSE bug 983774SUSE bug 983774SUSE bug 983774CVE-2014-9807openSUSE Leap 42.1
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
ModerateCVE-2014-9807SUSE bug 982969SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794SUSE bug 983794CVE-2014-9808openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
ModerateCVE-2014-9808SUSE bug 982969SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796SUSE bug 983796CVE-2014-9809openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
ModerateCVE-2014-9809SUSE bug 982969SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799SUSE bug 983799CVE-2014-9810openSUSE Leap 42.1
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
ModerateCVE-2014-9810SUSE bug 982969SUSE bug 982969SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803SUSE bug 983803CVE-2014-9811openSUSE Leap 42.1
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
ImportantCVE-2014-9811SUSE bug 982969SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032SUSE bug 984032CVE-2014-9812openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
ModerateCVE-2014-9812SUSE bug 982969SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137SUSE bug 984137CVE-2014-9813openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
ModerateCVE-2014-9813SUSE bug 982969SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984398SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984035SUSE bug 984035CVE-2014-9814openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
ModerateCVE-2014-9814SUSE bug 982969SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984372SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984193SUSE bug 984193CVE-2014-9815openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
ModerateCVE-2014-9815SUSE bug 982969SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372SUSE bug 984372CVE-2014-9816openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
ModerateCVE-2014-9816SUSE bug 982969SUSE bug 984398SUSE bug 984398SUSE bug 984035SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398SUSE bug 984398CVE-2014-9817openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
ModerateCVE-2014-9817SUSE bug 982969SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400SUSE bug 984400CVE-2014-9818openSUSE Leap 42.1
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
ModerateCVE-2014-9818SUSE bug 982969SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 984186SUSE bug 984409SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 984181SUSE bug 1000690CVE-2014-9819openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
ModerateCVE-2014-9819SUSE bug 982969SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142SUSE bug 984142CVE-2014-9820openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
ModerateCVE-2014-9820SUSE bug 982969SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150SUSE bug 984150CVE-2014-9821openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
ModerateCVE-2014-9821SUSE bug 982969SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014SUSE bug 984014CVE-2014-9822openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
ModerateCVE-2014-9822SUSE bug 982969SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187SUSE bug 984187CVE-2014-9823openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
ModerateCVE-2014-9823SUSE bug 982969SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401SUSE bug 984401CVE-2014-9824openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
ModerateCVE-2014-9824SUSE bug 982969SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185SUSE bug 984185CVE-2014-9825openSUSE Leap 42.1
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
ModerateCVE-2014-9825SUSE bug 982969SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427SUSE bug 984427CVE-2014-9826openSUSE Leap 42.1
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
ModerateCVE-2014-9826SUSE bug 982969SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186SUSE bug 984186CVE-2014-9828openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
ModerateCVE-2014-9828SUSE bug 982969SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028SUSE bug 984028CVE-2014-9829openSUSE Leap 42.1
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
ModerateCVE-2014-9829SUSE bug 982969SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409SUSE bug 984409CVE-2014-9830openSUSE Leap 42.1
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
ModerateCVE-2014-9830SUSE bug 982969SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 984135SUSE bug 1000690CVE-2014-9831openSUSE Leap 42.1
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
ModerateCVE-2014-9831SUSE bug 982969SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375SUSE bug 984375CVE-2014-9832openSUSE Leap 42.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
ModerateCVE-2014-9832SUSE bug 982969SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183SUSE bug 984183CVE-2014-9833openSUSE Leap 42.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
ModerateCVE-2014-9833SUSE bug 982969SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984427SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984406SUSE bug 984406CVE-2014-9834openSUSE Leap 42.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
ModerateCVE-2014-9834SUSE bug 982969SUSE bug 982969SUSE bug 982969SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436SUSE bug 984436CVE-2014-9835openSUSE Leap 42.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
ModerateCVE-2014-9835SUSE bug 982969SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984375SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145SUSE bug 984145CVE-2014-9836openSUSE Leap 42.1
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
ModerateCVE-2014-9836SUSE bug 982969SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023SUSE bug 984023CVE-2014-9837openSUSE Leap 42.1
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
ModerateCVE-2014-9837SUSE bug 982969SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166SUSE bug 984166CVE-2014-9838openSUSE Leap 42.1
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
ModerateCVE-2014-9838SUSE bug 982969SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370SUSE bug 984370CVE-2014-9839openSUSE Leap 42.1
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
ModerateCVE-2014-9839SUSE bug 982969SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379SUSE bug 984379CVE-2014-9840openSUSE Leap 42.1
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
ModerateCVE-2014-9840SUSE bug 982969SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433SUSE bug 984433CVE-2014-9841openSUSE Leap 42.1
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
ModerateCVE-2014-9841SUSE bug 982969SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984186SUSE bug 984172SUSE bug 984374SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172SUSE bug 984172CVE-2014-9842openSUSE Leap 42.1
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2014-9842SUSE bug 982969SUSE bug 984374SUSE bug 984374SUSE bug 984172SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374SUSE bug 984374CVE-2014-9843openSUSE Leap 42.1
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2014-9843SUSE bug 982969SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 984179SUSE bug 1000697SUSE bug 984179CVE-2014-9844openSUSE Leap 42.1
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
ModerateCVE-2014-9844SUSE bug 982969SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984408SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984373SUSE bug 984373CVE-2014-9845openSUSE Leap 42.1
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
ModerateCVE-2014-9845SUSE bug 982969SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394SUSE bug 984394CVE-2014-9846openSUSE Leap 42.1
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
ModerateCVE-2014-9846SUSE bug 982969SUSE bug 982969SUSE bug 983521SUSE bug 982969SUSE bug 983521SUSE bug 984408SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521SUSE bug 983521CVE-2014-9847openSUSE Leap 42.1
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
ModerateCVE-2014-9847SUSE bug 982969SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 984144SUSE bug 1040304SUSE bug 984144SUSE bug 984144CVE-2014-9848openSUSE Leap 42.1
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
ModerateCVE-2014-9848SUSE bug 982969SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404SUSE bug 984404CVE-2014-9849openSUSE Leap 42.1
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
ModerateCVE-2014-9849SUSE bug 982969SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018SUSE bug 984018CVE-2014-9850openSUSE Leap 42.1
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
ModerateCVE-2014-9850SUSE bug 982969SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149SUSE bug 984149CVE-2014-9851openSUSE Leap 42.1
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
ModerateCVE-2014-9851SUSE bug 982969SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160SUSE bug 984160CVE-2014-9852openSUSE Leap 42.1
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
ModerateCVE-2014-9852SUSE bug 982969SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191SUSE bug 984191CVE-2014-9853openSUSE Leap 42.1
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
ModerateCVE-2014-9853SUSE bug 982969SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408SUSE bug 984408CVE-2014-9854openSUSE Leap 42.1
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
ModerateCVE-2014-9854SUSE bug 982969SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184SUSE bug 984184CVE-2014-9862openSUSE Leap 42.1
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
ModerateCVE-2014-9862SUSE bug 990660SUSE bug 990660SUSE bug 990660CVE-2014-9907openSUSE Leap 42.1
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
ModerateCVE-2014-9907SUSE bug 1000714SUSE bug 1000714SUSE bug 1000714SUSE bug 1000714SUSE bug 1000714SUSE bug 1074610CVE-2015-0202openSUSE Leap 42.1
The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service (memory consumption) via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes.
ImportantCVE-2015-0202SUSE bug 923793SUSE bug 923793SUSE bug 923793SUSE bug 923793SUSE bug 923793SUSE bug 923793CVE-2015-0204openSUSE Leap 42.1
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
ModerateCVE-2015-0204SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 920339SUSE bug 920484SUSE bug 912014SUSE bug 920482SUSE bug 920484SUSE bug 912014SUSE bug 912014SUSE bug 912014SUSE bug 927591SUSE bug 927623SUSE bug 912014SUSE bug 936787SUSE bug 936787SUSE bug 936787SUSE bug 952088SUSE bug 952088SUSE bug 952088SUSE bug 952088SUSE bug 952088SUSE bug 912014CVE-2015-0205openSUSE Leap 42.1
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support.
ModerateCVE-2015-0205SUSE bug 912293SUSE bug 912293SUSE bug 912316SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 920339SUSE bug 912293SUSE bug 912293SUSE bug 912293SUSE bug 927623SUSE bug 937891SUSE bug 912293SUSE bug 912293SUSE bug 912293CVE-2015-0206openSUSE Leap 42.1
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.
ModerateCVE-2015-0206SUSE bug 912292SUSE bug 912292SUSE bug 912316SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 912292SUSE bug 920339SUSE bug 927623SUSE bug 912292SUSE bug 937891SUSE bug 912292SUSE bug 912292SUSE bug 912292CVE-2015-0209openSUSE Leap 42.1
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.
ModerateCVE-2015-0209SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 919648SUSE bug 936586SUSE bug 937891SUSE bug 919648SUSE bug 919648SUSE bug 919648CVE-2015-0210openSUSE Leap 42.1
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
ModerateCVE-2015-0210SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323SUSE bug 915323CVE-2015-0228openSUSE Leap 42.1
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.
ModerateCVE-2015-0228SUSE bug 918352SUSE bug 918352SUSE bug 918352SUSE bug 918352SUSE bug 918352SUSE bug 918352SUSE bug 918352SUSE bug 918352CVE-2015-0231openSUSE Leap 42.1
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.
LowCVE-2015-0231SUSE bug 910659SUSE bug 910659SUSE bug 924972SUSE bug 924972SUSE bug 980366SUSE bug 992991CVE-2015-0232openSUSE Leap 42.1
The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.
ModerateCVE-2015-0232SUSE bug 914690SUSE bug 914690SUSE bug 914690SUSE bug 914690SUSE bug 980366SUSE bug 992991CVE-2015-0236openSUSE Leap 42.1
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.
ModerateCVE-2015-0236SUSE bug 914693SUSE bug 914693SUSE bug 914693SUSE bug 914693SUSE bug 914693SUSE bug 914693SUSE bug 914693SUSE bug 914693CVE-2015-0240openSUSE Leap 42.1
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
ImportantCVE-2015-0240SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376SUSE bug 917376CVE-2015-0245openSUSE Leap 42.1
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.
ModerateCVE-2015-0245SUSE bug 916343SUSE bug 916343SUSE bug 916343SUSE bug 916343SUSE bug 916343SUSE bug 1003898CVE-2015-0247openSUSE Leap 42.1
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
ImportantCVE-2015-0247SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 915402SUSE bug 918346CVE-2015-0248openSUSE Leap 42.1
The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.
ImportantCVE-2015-0248SUSE bug 923794SUSE bug 923794SUSE bug 923794SUSE bug 923794SUSE bug 923794SUSE bug 923794SUSE bug 923794CVE-2015-0251openSUSE Leap 42.1
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
ModerateCVE-2015-0251SUSE bug 923795SUSE bug 923795SUSE bug 923795SUSE bug 923795SUSE bug 923795SUSE bug 923795CVE-2015-0252openSUSE Leap 42.1
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
ModerateCVE-2015-0252SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810SUSE bug 920810CVE-2015-0253openSUSE Leap 42.1
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.
ModerateCVE-2015-0253CVE-2015-0255openSUSE Leap 42.1
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
ImportantCVE-2015-0255SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810SUSE bug 915810CVE-2015-0261openSUSE Leap 42.1
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
ModerateCVE-2015-0261SUSE bug 922220SUSE bug 922220SUSE bug 922220CVE-2015-0273openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.
ModerateCVE-2015-0273SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 918768SUSE bug 917302SUSE bug 980366SUSE bug 918768SUSE bug 918768CVE-2015-0286openSUSE Leap 42.1
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
ModerateCVE-2015-0286SUSE bug 922496SUSE bug 919648SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 936586SUSE bug 937891SUSE bug 922496SUSE bug 922496SUSE bug 922496SUSE bug 951391CVE-2015-0287openSUSE Leap 42.1
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
ModerateCVE-2015-0287SUSE bug 922499SUSE bug 919648SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 922499SUSE bug 936586SUSE bug 922499SUSE bug 937492SUSE bug 937492SUSE bug 937891SUSE bug 937492SUSE bug 922499SUSE bug 937492SUSE bug 937492SUSE bug 922499SUSE bug 922499SUSE bug 937492SUSE bug 937492SUSE bug 940369SUSE bug 937492SUSE bug 937492SUSE bug 922499SUSE bug 937492SUSE bug 940369SUSE bug 937492SUSE bug 940369SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 937492SUSE bug 991722SUSE bug 968888CVE-2015-0288openSUSE Leap 42.1
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
ModerateCVE-2015-0288SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 919648SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 936586SUSE bug 937891SUSE bug 920236SUSE bug 920236SUSE bug 920236SUSE bug 951391CVE-2015-0289openSUSE Leap 42.1
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.
ModerateCVE-2015-0289SUSE bug 922500SUSE bug 919648SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 922500SUSE bug 936586SUSE bug 937891SUSE bug 922500SUSE bug 922500SUSE bug 922500CVE-2015-0293openSUSE Leap 42.1
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.
ModerateCVE-2015-0293SUSE bug 922488SUSE bug 919648SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 922488SUSE bug 936586SUSE bug 968044SUSE bug 968051SUSE bug 968053SUSE bug 968053SUSE bug 968044SUSE bug 968051SUSE bug 968053SUSE bug 968044SUSE bug 986238CVE-2015-0294openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-0294SUSE bug 919938SUSE bug 919938SUSE bug 919938SUSE bug 919938SUSE bug 919938SUSE bug 919938SUSE bug 919938SUSE bug 919938CVE-2015-0295openSUSE Leap 42.1
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
LowCVE-2015-0295SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 936523SUSE bug 921999SUSE bug 921999SUSE bug 921999SUSE bug 936523SUSE bug 936523SUSE bug 921999SUSE bug 936523SUSE bug 936523SUSE bug 921999SUSE bug 921999SUSE bug 936523CVE-2015-0374openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.
ImportantCVE-2015-0374SUSE bug 914058SUSE bug 915911CVE-2015-0377openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
ModerateCVE-2015-0377SUSE bug 914447CVE-2015-0381openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
ImportantCVE-2015-0381SUSE bug 914058SUSE bug 915911CVE-2015-0382openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
ImportantCVE-2015-0382SUSE bug 914058SUSE bug 915911CVE-2015-0391openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ImportantCVE-2015-0391SUSE bug 914058SUSE bug 915913CVE-2015-0411openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
ImportantCVE-2015-0411SUSE bug 914058SUSE bug 915911CVE-2015-0418openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377.
ModerateCVE-2015-0418SUSE bug 914447SUSE bug 914447CVE-2015-0427openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2014-6595.
ModerateCVE-2015-0427SUSE bug 914447CVE-2015-0432openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
ImportantCVE-2015-0432SUSE bug 914058SUSE bug 915911CVE-2015-0433openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
ModerateCVE-2015-0433SUSE bug 927623SUSE bug 936409CVE-2015-0441openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.
ModerateCVE-2015-0441SUSE bug 927623SUSE bug 936409CVE-2015-0499openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.
ModerateCVE-2015-0499SUSE bug 927623SUSE bug 936408CVE-2015-0501openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
ModerateCVE-2015-0501SUSE bug 927623SUSE bug 936408CVE-2015-0505openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ModerateCVE-2015-0505SUSE bug 927623SUSE bug 936408CVE-2015-0552openSUSE Leap 42.1
Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."
LowCVE-2015-0552SUSE bug 911814SUSE bug 911814CVE-2015-0559openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
ModerateCVE-2015-0559SUSE bug 912365SUSE bug 912316SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365CVE-2015-0560openSUSE Leap 42.1
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-0560SUSE bug 912365SUSE bug 912316SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365SUSE bug 912365CVE-2015-0561openSUSE Leap 42.1
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
ModerateCVE-2015-0561SUSE bug 912368SUSE bug 912316SUSE bug 912368SUSE bug 912368SUSE bug 912368SUSE bug 912368SUSE bug 912368SUSE bug 912368SUSE bug 912368SUSE bug 912368CVE-2015-0562openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
ModerateCVE-2015-0562SUSE bug 912369SUSE bug 912316SUSE bug 912369SUSE bug 912369SUSE bug 912369SUSE bug 912369SUSE bug 912369SUSE bug 912369SUSE bug 912369CVE-2015-0563openSUSE Leap 42.1
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-0563SUSE bug 912370SUSE bug 912316SUSE bug 912370SUSE bug 912370SUSE bug 912370SUSE bug 912370SUSE bug 912370SUSE bug 912370SUSE bug 912370CVE-2015-0564openSUSE Leap 42.1
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.
ModerateCVE-2015-0564SUSE bug 912372SUSE bug 912316SUSE bug 912372SUSE bug 912372SUSE bug 912372SUSE bug 912372SUSE bug 912372SUSE bug 912372SUSE bug 912372CVE-2015-0778openSUSE Leap 42.1
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
CVE-2015-0778SUSE bug 901643SUSE bug 901643CVE-2015-0797openSUSE Leap 42.1
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
ImportantCVE-2015-0797SUSE bug 927559SUSE bug 927559SUSE bug 927559SUSE bug 927559SUSE bug 930622SUSE bug 927559CVE-2015-0798openSUSE Leap 42.1
The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy.
ModerateCVE-2015-0798CVE-2015-0799openSUSE Leap 42.1
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
ImportantCVE-2015-0799SUSE bug 926166SUSE bug 925368SUSE bug 926166CVE-2015-0800openSUSE Leap 42.1
The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.
ModerateCVE-2015-0800CVE-2015-0801openSUSE Leap 42.1
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.
ModerateCVE-2015-0801SUSE bug 925401SUSE bug 925368SUSE bug 925401CVE-2015-0802openSUSE Leap 42.1
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.
ModerateCVE-2015-0802SUSE bug 925402SUSE bug 925368SUSE bug 925402CVE-2015-0803openSUSE Leap 42.1
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.
CriticalCVE-2015-0803SUSE bug 925400SUSE bug 925368SUSE bug 925400CVE-2015-0804openSUSE Leap 42.1
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.
CriticalCVE-2015-0804SUSE bug 925400SUSE bug 925368SUSE bug 925400CVE-2015-0805openSUSE Leap 42.1
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.
CriticalCVE-2015-0805SUSE bug 925399SUSE bug 925368SUSE bug 925399CVE-2015-0806openSUSE Leap 42.1
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
CriticalCVE-2015-0806SUSE bug 925399SUSE bug 925368SUSE bug 925399CVE-2015-0807openSUSE Leap 42.1
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.
ImportantCVE-2015-0807SUSE bug 925398SUSE bug 913068SUSE bug 925368SUSE bug 925398CVE-2015-0808openSUSE Leap 42.1
The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
ModerateCVE-2015-0808SUSE bug 925397SUSE bug 925368SUSE bug 925397CVE-2015-0810openSUSE Leap 42.1
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.
ModerateCVE-2015-0810CVE-2015-0811openSUSE Leap 42.1
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
ModerateCVE-2015-0811SUSE bug 925396SUSE bug 925368SUSE bug 925396CVE-2015-0812openSUSE Leap 42.1
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.
ModerateCVE-2015-0812SUSE bug 925394SUSE bug 925368SUSE bug 925394CVE-2015-0813openSUSE Leap 42.1
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
ImportantCVE-2015-0813SUSE bug 925393SUSE bug 925368SUSE bug 925393CVE-2015-0814openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0814SUSE bug 925392SUSE bug 925368SUSE bug 925392CVE-2015-0815openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0815SUSE bug 925392SUSE bug 925368SUSE bug 925392CVE-2015-0816openSUSE Leap 42.1
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.
ModerateCVE-2015-0816SUSE bug 925395SUSE bug 925368SUSE bug 925395CVE-2015-0817openSUSE Leap 42.1
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
ImportantCVE-2015-0817SUSE bug 923495SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534CVE-2015-0818openSUSE Leap 42.1
Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
ImportantCVE-2015-0818SUSE bug 923495SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534SUSE bug 923534CVE-2015-0819openSUSE Leap 42.1
The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
ImportantCVE-2015-0819SUSE bug 917597CVE-2015-0820openSUSE Leap 42.1
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
ImportantCVE-2015-0820SUSE bug 917597CVE-2015-0821openSUSE Leap 42.1
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
ImportantCVE-2015-0821SUSE bug 917597CVE-2015-0822openSUSE Leap 42.1
The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.
ModerateCVE-2015-0822SUSE bug 910669SUSE bug 924515SUSE bug 917597SUSE bug 923534CVE-2015-0823openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.
ImportantCVE-2015-0823SUSE bug 917597CVE-2015-0824openSUSE Leap 42.1
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.
ImportantCVE-2015-0824SUSE bug 917597CVE-2015-0825openSUSE Leap 42.1
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.
ImportantCVE-2015-0825SUSE bug 917597CVE-2015-0826openSUSE Leap 42.1
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
ImportantCVE-2015-0826SUSE bug 917597CVE-2015-0827openSUSE Leap 42.1
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
ModerateCVE-2015-0827SUSE bug 910669SUSE bug 924515SUSE bug 917597SUSE bug 923534CVE-2015-0828openSUSE Leap 42.1
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.
ImportantCVE-2015-0828SUSE bug 917597CVE-2015-0829openSUSE Leap 42.1
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
ImportantCVE-2015-0829SUSE bug 917597CVE-2015-0830openSUSE Leap 42.1
The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.
ImportantCVE-2015-0830SUSE bug 917597CVE-2015-0831openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
ImportantCVE-2015-0831SUSE bug 910669SUSE bug 924515SUSE bug 917597SUSE bug 923534CVE-2015-0832openSUSE Leap 42.1
Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.
ImportantCVE-2015-0832SUSE bug 917597CVE-2015-0833openSUSE Leap 42.1
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.
ImportantCVE-2015-0833SUSE bug 923534CVE-2015-0834openSUSE Leap 42.1
The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.
ImportantCVE-2015-0834SUSE bug 917597CVE-2015-0835openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0835SUSE bug 910669SUSE bug 924515SUSE bug 917597CVE-2015-0836openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-0836SUSE bug 910669SUSE bug 924515SUSE bug 917597SUSE bug 923534CVE-2015-0837openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-0837SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057SUSE bug 920057CVE-2015-0847openSUSE Leap 42.1
nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors.
ModerateCVE-2015-0847SUSE bug 930173CVE-2015-0848openSUSE Leap 42.1
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
ImportantCVE-2015-0848SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109CVE-2015-0855openSUSE Leap 42.1
The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.
ModerateCVE-2015-0855SUSE bug 960339SUSE bug 960339SUSE bug 960339SUSE bug 960339CVE-2015-0856openSUSE Leap 42.1
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
ModerateCVE-2015-0856SUSE bug 950491CVE-2015-0860openSUSE Leap 42.1
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow.
ModerateCVE-2015-0860SUSE bug 957160SUSE bug 957160SUSE bug 957160SUSE bug 957160SUSE bug 957160SUSE bug 957160CVE-2015-0973openSUSE Leap 42.1
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
ImportantCVE-2015-0973SUSE bug 912929SUSE bug 912929CVE-2015-1030openSUSE Leap 42.1
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.
ModerateCVE-2015-1030SUSE bug 913094SUSE bug 907675SUSE bug 913094CVE-2015-1031openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.
ModerateCVE-2015-1031SUSE bug 913094SUSE bug 907675SUSE bug 913094CVE-2015-1038openSUSE Leap 42.1
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
LowCVE-2015-1038SUSE bug 912878SUSE bug 912878SUSE bug 912878SUSE bug 912878SUSE bug 912878SUSE bug 912878CVE-2015-1071openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ImportantCVE-2015-1071SUSE bug 923223SUSE bug 923223SUSE bug 971460CVE-2015-1076openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ImportantCVE-2015-1076SUSE bug 923223SUSE bug 923223SUSE bug 971460CVE-2015-1081openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ImportantCVE-2015-1081SUSE bug 923223SUSE bug 923223SUSE bug 971460CVE-2015-1083openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.
ImportantCVE-2015-1083SUSE bug 923223SUSE bug 923223SUSE bug 971460CVE-2015-1120openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
ImportantCVE-2015-1120SUSE bug 928380SUSE bug 928380SUSE bug 971460CVE-2015-1122openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4.
ImportantCVE-2015-1122SUSE bug 928380SUSE bug 928380SUSE bug 971460SUSE bug 1082221CVE-2015-1127openSUSE Leap 42.1
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.
ImportantCVE-2015-1127SUSE bug 928380SUSE bug 928380SUSE bug 971460CVE-2015-1152openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.
ImportantCVE-2015-1152SUSE bug 1082221CVE-2015-1153openSUSE Leap 42.1
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.
ImportantCVE-2015-1153SUSE bug 971460CVE-2015-1155openSUSE Leap 42.1
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.
ModerateCVE-2015-1155SUSE bug 971460SUSE bug 1082221CVE-2015-1158openSUSE Leap 42.1
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
CriticalCVE-2015-1158SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 976653SUSE bug 976653CVE-2015-1159openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
CriticalCVE-2015-1159SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 924208SUSE bug 976653SUSE bug 976653CVE-2015-1191openSUSE Leap 42.1
Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
ModerateCVE-2015-1191SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627SUSE bug 913627CVE-2015-1196openSUSE Leap 42.1
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
ModerateCVE-2015-1196SUSE bug 913678SUSE bug 913678SUSE bug 915329SUSE bug 913678SUSE bug 913678SUSE bug 915329SUSE bug 913678SUSE bug 913678SUSE bug 913678CVE-2015-1201openSUSE Leap 42.1
Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
ModerateCVE-2015-1201SUSE bug 914450SUSE bug 907675SUSE bug 914450CVE-2015-1283openSUSE Leap 42.1
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
ImportantCVE-2015-1283SUSE bug 939077SUSE bug 979441SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 980391SUSE bug 983985SUSE bug 983985SUSE bug 980391SUSE bug 980391SUSE bug 983985SUSE bug 1034050SUSE bug 1034050SUSE bug 983985CVE-2015-1284openSUSE Leap 42.1
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements.
ImportantCVE-2015-1284SUSE bug 939077SUSE bug 959178SUSE bug 959178CVE-2015-1290openSUSE Leap 42.1
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
CriticalCVE-2015-1290SUSE bug 959178SUSE bug 959178CVE-2015-1291openSUSE Leap 42.1
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote attackers to bypass the Same Origin Policy or cause a denial of service (DOM tree corruption) via a web site with crafted JavaScript code and IFRAME elements.
ImportantCVE-2015-1291SUSE bug 944144SUSE bug 959178SUSE bug 959178CVE-2015-1292openSUSE Leap 42.1
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker.
ImportantCVE-2015-1292SUSE bug 944144SUSE bug 959178SUSE bug 959178CVE-2015-1294openSUSE Leap 42.1
Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation.
ImportantCVE-2015-1294SUSE bug 944144SUSE bug 959178SUSE bug 959178CVE-2015-1302openSUSE Leap 42.1
The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc.
ImportantCVE-2015-1302SUSE bug 954579SUSE bug 954579CVE-2015-1333openSUSE Leap 42.1
Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.
ModerateCVE-2015-1333SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645SUSE bug 938645CVE-2015-1339openSUSE Leap 42.1
Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.
ModerateCVE-2015-1339SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356SUSE bug 969356CVE-2015-1349openSUSE Leap 42.1
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
LowCVE-2015-1349SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330SUSE bug 918330CVE-2015-1380openSUSE Leap 42.1
jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.
ModerateCVE-2015-1380SUSE bug 914934CVE-2015-1381openSUSE Leap 42.1
Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.
ModerateCVE-2015-1381SUSE bug 914934CVE-2015-1382openSUSE Leap 42.1
parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
ModerateCVE-2015-1382SUSE bug 914934CVE-2015-1395openSUSE Leap 42.1
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
LowCVE-2015-1395SUSE bug 915328SUSE bug 915328SUSE bug 915328SUSE bug 915328SUSE bug 915328SUSE bug 915328CVE-2015-1396openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-1396SUSE bug 915329SUSE bug 915329SUSE bug 915329SUSE bug 915329SUSE bug 915329SUSE bug 915329CVE-2015-1419openSUSE Leap 42.1
Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
ImportantCVE-2015-1419SUSE bug 900326SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522SUSE bug 915522CVE-2015-1461openSUSE Leap 42.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
ImportantCVE-2015-1461SUSE bug 916217SUSE bug 916217SUSE bug 916217SUSE bug 916217SUSE bug 1040662SUSE bug 916217CVE-2015-1462openSUSE Leap 42.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
ImportantCVE-2015-1462SUSE bug 916214SUSE bug 916214SUSE bug 916214SUSE bug 916214SUSE bug 1040662SUSE bug 916214CVE-2015-1463openSUSE Leap 42.1
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
ModerateCVE-2015-1463SUSE bug 916215SUSE bug 916215SUSE bug 916215SUSE bug 916215SUSE bug 1040662SUSE bug 916215CVE-2015-1472openSUSE Leap 42.1
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
ModerateCVE-2015-1472SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 920341SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 916222SUSE bug 922243SUSE bug 916222SUSE bug 916222CVE-2015-1545openSUSE Leap 42.1
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
ModerateCVE-2015-1545SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 846389SUSE bug 905959SUSE bug 916897SUSE bug 916914SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897SUSE bug 916897CVE-2015-1546openSUSE Leap 42.1
Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matched values control.
ModerateCVE-2015-1546SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914SUSE bug 916914CVE-2015-1547openSUSE Leap 42.1
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.
ModerateCVE-2015-1547SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 914890SUSE bug 916925SUSE bug 914890SUSE bug 916925SUSE bug 916925SUSE bug 914890SUSE bug 914890SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925SUSE bug 916925CVE-2015-1572openSUSE Leap 42.1
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
LowCVE-2015-1572SUSE bug 918346SUSE bug 918346SUSE bug 918346SUSE bug 915402SUSE bug 918346SUSE bug 918346SUSE bug 918346SUSE bug 918346CVE-2015-1606openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-1606SUSE bug 918089SUSE bug 918089SUSE bug 918089SUSE bug 918089SUSE bug 918089SUSE bug 918089CVE-2015-1607openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-1607SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090SUSE bug 918090CVE-2015-1779openSUSE Leap 42.1
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
ModerateCVE-2015-1779SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 924018SUSE bug 962632SUSE bug 962632SUSE bug 962632SUSE bug 924018SUSE bug 924018SUSE bug 962632SUSE bug 924018SUSE bug 924018SUSE bug 962632SUSE bug 924018SUSE bug 962632SUSE bug 924018SUSE bug 962632SUSE bug 962632SUSE bug 924018SUSE bug 962632SUSE bug 962632CVE-2015-1781openSUSE Leap 42.1
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
ModerateCVE-2015-1781SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 939211SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080SUSE bug 927080CVE-2015-1782openSUSE Leap 42.1
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
ImportantCVE-2015-1782SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070SUSE bug 921070CVE-2015-1788openSUSE Leap 42.1
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
ModerateCVE-2015-1788SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 936586SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 937891SUSE bug 934487SUSE bug 938432SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487SUSE bug 934487CVE-2015-1789openSUSE Leap 42.1
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
ModerateCVE-2015-1789SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 936586SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 937891SUSE bug 934489SUSE bug 938432SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 934489SUSE bug 951391SUSE bug 934489CVE-2015-1790openSUSE Leap 42.1
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
ModerateCVE-2015-1790SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 936586SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 938432SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491SUSE bug 934491CVE-2015-1791openSUSE Leap 42.1
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.
ModerateCVE-2015-1791SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 933911SUSE bug 986238SUSE bug 989464SUSE bug 989464SUSE bug 933911SUSE bug 989464SUSE bug 989464CVE-2015-1792openSUSE Leap 42.1
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.
ModerateCVE-2015-1792SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 937891SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 934493SUSE bug 986238CVE-2015-1793openSUSE Leap 42.1
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
ImportantCVE-2015-1793SUSE bug 936746SUSE bug 936746SUSE bug 936746SUSE bug 937637SUSE bug 951391CVE-2015-1798openSUSE Leap 42.1
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.
ImportantCVE-2015-1798SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 928321SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 957163SUSE bug 924202SUSE bug 927497SUSE bug 957163SUSE bug 924202SUSE bug 924202SUSE bug 957163SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 957163SUSE bug 924202SUSE bug 924202SUSE bug 924202CVE-2015-1799openSUSE Leap 42.1
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
ImportantCVE-2015-1799SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 927497SUSE bug 924202SUSE bug 928321SUSE bug 924202SUSE bug 924202SUSE bug 924202SUSE bug 927497SUSE bug 927497SUSE bug 927497SUSE bug 927497SUSE bug 924202SUSE bug 927497SUSE bug 927497SUSE bug 943565SUSE bug 943565SUSE bug 943565SUSE bug 943565SUSE bug 924202SUSE bug 927497SUSE bug 943565SUSE bug 943565SUSE bug 943565SUSE bug 924202SUSE bug 943565SUSE bug 943565SUSE bug 924202SUSE bug 927497SUSE bug 957163SUSE bug 957163SUSE bug 957163SUSE bug 957163SUSE bug 924202SUSE bug 957163SUSE bug 924202SUSE bug 927497SUSE bug 957163SUSE bug 924202SUSE bug 924202SUSE bug 957163SUSE bug 943565SUSE bug 924202SUSE bug 959243SUSE bug 924202SUSE bug 924202SUSE bug 957163SUSE bug 924202SUSE bug 924202SUSE bug 924202CVE-2015-1802openSUSE Leap 42.1
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.
ImportantCVE-2015-1802SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978SUSE bug 921978CVE-2015-1803openSUSE Leap 42.1
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.
ImportantCVE-2015-1803SUSE bug 921978SUSE bug 921978CVE-2015-1804openSUSE Leap 42.1
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.
ImportantCVE-2015-1804SUSE bug 921978SUSE bug 921978CVE-2015-1819openSUSE Leap 42.1
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
ImportantCVE-2015-1819SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193SUSE bug 928193CVE-2015-1855openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-1855SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974SUSE bug 926974CVE-2015-1858openSUSE Leap 42.1
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
ModerateCVE-2015-1858SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927806SUSE bug 927806SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927806SUSE bug 927806SUSE bug 921999SUSE bug 927806SUSE bug 927806SUSE bug 927806CVE-2015-1859openSUSE Leap 42.1
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
ModerateCVE-2015-1859SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927807SUSE bug 927807SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927807SUSE bug 927807SUSE bug 921999SUSE bug 927807SUSE bug 927807CVE-2015-1860openSUSE Leap 42.1
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
ModerateCVE-2015-1860SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927808SUSE bug 927808SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808SUSE bug 927808SUSE bug 927808SUSE bug 921999SUSE bug 927808SUSE bug 927808SUSE bug 927808CVE-2015-1863openSUSE Leap 42.1
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
ModerateCVE-2015-1863SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558SUSE bug 927558CVE-2015-2047openSUSE Leap 42.1
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authentication via a password that is casted to an empty value.
CriticalCVE-2015-2047SUSE bug 919006SUSE bug 919006CVE-2015-2059openSUSE Leap 42.1
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
LowCVE-2015-2059SUSE bug 923241SUSE bug 923241SUSE bug 923241SUSE bug 937096SUSE bug 937097SUSE bug 937096SUSE bug 937097SUSE bug 923241SUSE bug 923241SUSE bug 923241SUSE bug 923241SUSE bug 937097SUSE bug 923241SUSE bug 937097SUSE bug 919214SUSE bug 923241SUSE bug 937096SUSE bug 937097SUSE bug 923241SUSE bug 923241SUSE bug 937096SUSE bug 937096SUSE bug 937096SUSE bug 937096SUSE bug 923241SUSE bug 923241SUSE bug 937096SUSE bug 937096SUSE bug 923241SUSE bug 923241SUSE bug 937096SUSE bug 937097SUSE bug 937096SUSE bug 937096CVE-2015-2153openSUSE Leap 42.1
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
ModerateCVE-2015-2153SUSE bug 922221SUSE bug 922222SUSE bug 922223SUSE bug 922221SUSE bug 922221CVE-2015-2154openSUSE Leap 42.1
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.
ModerateCVE-2015-2154SUSE bug 922222SUSE bug 922222SUSE bug 922222CVE-2015-2155openSUSE Leap 42.1
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
ModerateCVE-2015-2155SUSE bug 922220SUSE bug 922221SUSE bug 922222SUSE bug 922223SUSE bug 922223SUSE bug 922223CVE-2015-2170openSUSE Leap 42.1
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2015-2170SUSE bug 922560SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 921950SUSE bug 929192SUSE bug 1040662SUSE bug 929192CVE-2015-2181openSUSE Leap 42.1
Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.
ModerateCVE-2015-2181SUSE bug 976988SUSE bug 976988CVE-2015-2187openSUSE Leap 42.1
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.
ModerateCVE-2015-2187SUSE bug 920695SUSE bug 920695SUSE bug 920695CVE-2015-2188openSUSE Leap 42.1
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
ModerateCVE-2015-2188SUSE bug 920696SUSE bug 920696SUSE bug 920696SUSE bug 920696SUSE bug 920696SUSE bug 920696SUSE bug 920696SUSE bug 920696CVE-2015-2189openSUSE Leap 42.1
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
ModerateCVE-2015-2189SUSE bug 920697SUSE bug 920697SUSE bug 920697SUSE bug 920697SUSE bug 920697SUSE bug 920697SUSE bug 920697SUSE bug 920697CVE-2015-2190openSUSE Leap 42.1
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
ModerateCVE-2015-2190SUSE bug 920698SUSE bug 920698SUSE bug 920698CVE-2015-2191openSUSE Leap 42.1
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
ModerateCVE-2015-2191SUSE bug 920699SUSE bug 920699SUSE bug 920699SUSE bug 920699SUSE bug 920699SUSE bug 920699SUSE bug 920699SUSE bug 920699CVE-2015-2192openSUSE Leap 42.1
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
ModerateCVE-2015-2192SUSE bug 920700SUSE bug 920700SUSE bug 920700CVE-2015-2221openSUSE Leap 42.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
ModerateCVE-2015-2221SUSE bug 922560SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 921950SUSE bug 929192SUSE bug 1040662SUSE bug 929192CVE-2015-2222openSUSE Leap 42.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
ModerateCVE-2015-2222SUSE bug 922560SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 921950SUSE bug 929192SUSE bug 1040662SUSE bug 929192CVE-2015-2265openSUSE Leap 42.1
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
ModerateCVE-2015-2265SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 937018SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753SUSE bug 921753CVE-2015-2296openSUSE Leap 42.1
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
ModerateCVE-2015-2296SUSE bug 922448SUSE bug 922448SUSE bug 926396SUSE bug 922448SUSE bug 922448SUSE bug 922448SUSE bug 922448SUSE bug 922448SUSE bug 922448SUSE bug 922448SUSE bug 922448CVE-2015-2301openSUSE Leap 42.1
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
ModerateCVE-2015-2301SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 922452SUSE bug 980366SUSE bug 922452SUSE bug 922452CVE-2015-2304openSUSE Leap 42.1
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.
ModerateCVE-2015-2304SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870SUSE bug 920870CVE-2015-2305openSUSE Leap 42.1
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
ModerateCVE-2015-2305SUSE bug 921950SUSE bug 922022SUSE bug 922028SUSE bug 922030SUSE bug 922043SUSE bug 922560SUSE bug 922567SUSE bug 921950SUSE bug 922567SUSE bug 922028SUSE bug 922043SUSE bug 921950SUSE bug 922028SUSE bug 922030SUSE bug 922043SUSE bug 922043SUSE bug 922043SUSE bug 921950SUSE bug 922560SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 921950SUSE bug 922043SUSE bug 929192SUSE bug 921950SUSE bug 922043SUSE bug 921950SUSE bug 922030SUSE bug 980366SUSE bug 921950SUSE bug 921950SUSE bug 921950SUSE bug 922030SUSE bug 1040662SUSE bug 929192CVE-2015-2318openSUSE Leap 42.1
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
ModerateCVE-2015-2318SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312CVE-2015-2319openSUSE Leap 42.1
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
ModerateCVE-2015-2319SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312CVE-2015-2320openSUSE Leap 42.1
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
ModerateCVE-2015-2320SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312SUSE bug 921312CVE-2015-2325openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2015-2325SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 933288SUSE bug 936408SUSE bug 924960SUSE bug 924960SUSE bug 958373SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960SUSE bug 924960CVE-2015-2326openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2015-2326SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 924961SUSE bug 933288SUSE bug 936408SUSE bug 924960SUSE bug 924961SUSE bug 958373SUSE bug 924961CVE-2015-2327openSUSE Leap 42.1
PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-2327SUSE bug 957567SUSE bug 957567SUSE bug 906574SUSE bug 906574SUSE bug 957567SUSE bug 957567SUSE bug 957567SUSE bug 957567SUSE bug 957567SUSE bug 957567SUSE bug 957567CVE-2015-2328openSUSE Leap 42.1
PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-2328SUSE bug 957600SUSE bug 957600SUSE bug 906574SUSE bug 957600SUSE bug 906574SUSE bug 957600SUSE bug 957600SUSE bug 957600SUSE bug 957600SUSE bug 957600SUSE bug 957600SUSE bug 957600CVE-2015-2331openSUSE Leap 42.1
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
ImportantCVE-2015-2331SUSE bug 922894SUSE bug 922894SUSE bug 923240SUSE bug 922894SUSE bug 923240SUSE bug 922894SUSE bug 922894SUSE bug 922894SUSE bug 923240SUSE bug 922894SUSE bug 923240SUSE bug 922894SUSE bug 922894SUSE bug 922894CVE-2015-2348openSUSE Leap 42.1
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
ModerateCVE-2015-2348SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 924970SUSE bug 935227SUSE bug 924970CVE-2015-2568openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
ModerateCVE-2015-2568SUSE bug 927623SUSE bug 936409CVE-2015-2571openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
ModerateCVE-2015-2571SUSE bug 927623SUSE bug 936408CVE-2015-2573openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
ModerateCVE-2015-2573SUSE bug 927623SUSE bug 936409CVE-2015-2575openSUSE Leap 42.1
Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.
ModerateCVE-2015-2575SUSE bug 927623SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981SUSE bug 927981CVE-2015-2590openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
ImportantCVE-2015-2590SUSE bug 938248SUSE bug 937828SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 937828SUSE bug 937828SUSE bug 937828SUSE bug 938248CVE-2015-2597openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
ImportantCVE-2015-2597SUSE bug 938248SUSE bug 937828SUSE bug 938248CVE-2015-2601openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
ModerateCVE-2015-2601SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2613openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
ModerateCVE-2015-2613SUSE bug 938248SUSE bug 938895SUSE bug 951727SUSE bug 937828SUSE bug 938248CVE-2015-2619openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2015-2619SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2621openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
ModerateCVE-2015-2621SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2625openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
LowCVE-2015-2625SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2627openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
LowCVE-2015-2627SUSE bug 938248SUSE bug 937828SUSE bug 938248CVE-2015-2628openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
ImportantCVE-2015-2628SUSE bug 938248SUSE bug 937828SUSE bug 938248CVE-2015-2632openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2015-2632SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2637openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ModerateCVE-2015-2637SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2638openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-2638SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2659openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
ImportantCVE-2015-2659SUSE bug 938248SUSE bug 937828SUSE bug 938248CVE-2015-2664openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ModerateCVE-2015-2664SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-2668openSUSE Leap 42.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
ModerateCVE-2015-2668SUSE bug 922560SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 929192SUSE bug 921950SUSE bug 929192SUSE bug 1040662SUSE bug 929192CVE-2015-2694openSUSE Leap 42.1
The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c.
ModerateCVE-2015-2694SUSE bug 928978SUSE bug 928978SUSE bug 928978SUSE bug 928978SUSE bug 928978SUSE bug 928978CVE-2015-2695openSUSE Leap 42.1
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
ImportantCVE-2015-2695SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 952188SUSE bug 969771SUSE bug 770172CVE-2015-2696openSUSE Leap 42.1
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.
ImportantCVE-2015-2696SUSE bug 952189SUSE bug 952189SUSE bug 952189SUSE bug 954204SUSE bug 952189SUSE bug 770172CVE-2015-2697openSUSE Leap 42.1
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
ImportantCVE-2015-2697SUSE bug 952190SUSE bug 952190SUSE bug 952190SUSE bug 952190SUSE bug 770172SUSE bug 952190CVE-2015-2698openSUSE Leap 42.1
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.
ImportantCVE-2015-2698SUSE bug 954204SUSE bug 954204SUSE bug 954204SUSE bug 954204SUSE bug 770172CVE-2015-2706openSUSE Leap 42.1
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
ImportantCVE-2015-2706SUSE bug 928116SUSE bug 928116SUSE bug 928116CVE-2015-2708openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-2708SUSE bug 930622CVE-2015-2709openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-2709SUSE bug 930622CVE-2015-2710openSUSE Leap 42.1
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
ImportantCVE-2015-2710SUSE bug 930622CVE-2015-2711openSUSE Leap 42.1
Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.
ImportantCVE-2015-2711SUSE bug 930622CVE-2015-2712openSUSE Leap 42.1
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.
ImportantCVE-2015-2712SUSE bug 930622CVE-2015-2713openSUSE Leap 42.1
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
ImportantCVE-2015-2713SUSE bug 930622CVE-2015-2715openSUSE Leap 42.1
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
ImportantCVE-2015-2715SUSE bug 930622CVE-2015-2716openSUSE Leap 42.1
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.
ImportantCVE-2015-2716SUSE bug 930622SUSE bug 980391SUSE bug 983985SUSE bug 983985SUSE bug 983985SUSE bug 983985CVE-2015-2717openSUSE Leap 42.1
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
ImportantCVE-2015-2717SUSE bug 930622CVE-2015-2718openSUSE Leap 42.1
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
ImportantCVE-2015-2718SUSE bug 930622CVE-2015-2721openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
ModerateCVE-2015-2721SUSE bug 935979SUSE bug 935979CVE-2015-2722openSUSE Leap 42.1
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.
ModerateCVE-2015-2722SUSE bug 935979CVE-2015-2724openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2724SUSE bug 935979SUSE bug 935979CVE-2015-2725openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2725SUSE bug 935979SUSE bug 935979CVE-2015-2726openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ModerateCVE-2015-2726SUSE bug 935979SUSE bug 935979CVE-2015-2727openSUSE Leap 42.1
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.
ModerateCVE-2015-2727SUSE bug 935979CVE-2015-2728openSUSE Leap 42.1
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.
ModerateCVE-2015-2728SUSE bug 935979CVE-2015-2729openSUSE Leap 42.1
The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
ModerateCVE-2015-2729SUSE bug 935979CVE-2015-2730openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.
ModerateCVE-2015-2730SUSE bug 935979CVE-2015-2731openSUSE Leap 42.1
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
ModerateCVE-2015-2731SUSE bug 935979SUSE bug 935979CVE-2015-2733openSUSE Leap 42.1
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.
ModerateCVE-2015-2733SUSE bug 935979CVE-2015-2734openSUSE Leap 42.1
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2734SUSE bug 935979SUSE bug 935979CVE-2015-2735openSUSE Leap 42.1
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
ModerateCVE-2015-2735SUSE bug 935979CVE-2015-2736openSUSE Leap 42.1
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
ModerateCVE-2015-2736SUSE bug 935979CVE-2015-2737openSUSE Leap 42.1
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2737SUSE bug 935979CVE-2015-2738openSUSE Leap 42.1
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2738SUSE bug 935979CVE-2015-2739openSUSE Leap 42.1
The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.
ModerateCVE-2015-2739SUSE bug 935979CVE-2015-2740openSUSE Leap 42.1
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.
ModerateCVE-2015-2740SUSE bug 935979CVE-2015-2741openSUSE Leap 42.1
Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.
ModerateCVE-2015-2741SUSE bug 935979SUSE bug 935979CVE-2015-2742openSUSE Leap 42.1
Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.
ModerateCVE-2015-2742SUSE bug 935979CVE-2015-2743openSUSE Leap 42.1
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
ModerateCVE-2015-2743SUSE bug 935979CVE-2015-2775openSUSE Leap 42.1
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
LowCVE-2015-2775SUSE bug 925502SUSE bug 925502SUSE bug 925502SUSE bug 925502CVE-2015-2783openSUSE Leap 42.1
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
ModerateCVE-2015-2783SUSE bug 928408SUSE bug 928506SUSE bug 928511SUSE bug 928511SUSE bug 928511SUSE bug 931418SUSE bug 931418SUSE bug 928511SUSE bug 928511SUSE bug 931418SUSE bug 980366CVE-2015-2787openSUSE Leap 42.1
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
ImportantCVE-2015-2787SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 924972SUSE bug 980366SUSE bug 924972SUSE bug 924972SUSE bug 924972CVE-2015-2806openSUSE Leap 42.1
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
ImportantCVE-2015-2806SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 929414SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 924828SUSE bug 961491SUSE bug 924828SUSE bug 924828CVE-2015-2808openSUSE Leap 42.1
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
ImportantCVE-2015-2808SUSE bug 925378SUSE bug 925378SUSE bug 925378SUSE bug 925378SUSE bug 938248SUSE bug 925378SUSE bug 938895SUSE bug 925378SUSE bug 925378SUSE bug 952088SUSE bug 925378SUSE bug 925378CVE-2015-2924openSUSE Leap 42.1
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.
ModerateCVE-2015-2924SUSE bug 926223SUSE bug 926223SUSE bug 926223SUSE bug 926223SUSE bug 926223SUSE bug 926223SUSE bug 926223SUSE bug 926223CVE-2015-3138openSUSE Leap 42.1
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
LowCVE-2015-3138SUSE bug 927637CVE-2015-3143openSUSE Leap 42.1
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
ModerateCVE-2015-3143SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556SUSE bug 927556CVE-2015-3144openSUSE Leap 42.1
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80."
ModerateCVE-2015-3144SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 927608SUSE bug 951391CVE-2015-3145openSUSE Leap 42.1
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
ModerateCVE-2015-3145SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607SUSE bug 927607CVE-2015-3146openSUSE Leap 42.1
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
ModerateCVE-2015-3146SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323SUSE bug 928323CVE-2015-3148openSUSE Leap 42.1
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
ModerateCVE-2015-3148SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746SUSE bug 927746CVE-2015-3152openSUSE Leap 42.1
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
ModerateCVE-2015-3152SUSE bug 928962SUSE bug 928962SUSE bug 928962SUSE bug 928962SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 936407SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 928962SUSE bug 924663SUSE bug 928962SUSE bug 936407SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 924663SUSE bug 1037590SUSE bug 1047059SUSE bug 1047059SUSE bug 924663SUSE bug 928962SUSE bug 1047059SUSE bug 1088681SUSE bug 1088681SUSE bug 1088681SUSE bug 1088681SUSE bug 1088681CVE-2015-3153openSUSE Leap 42.1
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.
ModerateCVE-2015-3153SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 928533SUSE bug 951391SUSE bug 928533CVE-2015-3164openSUSE Leap 42.1
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
ModerateCVE-2015-3164SUSE bug 934102SUSE bug 934102SUSE bug 934102SUSE bug 934102SUSE bug 934102SUSE bug 934102CVE-2015-3165openSUSE Leap 42.1
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
ModerateCVE-2015-3165SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040SUSE bug 931972SUSE bug 931972SUSE bug 932040SUSE bug 932040CVE-2015-3166openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-3166SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040SUSE bug 931973SUSE bug 931973SUSE bug 931973SUSE bug 931973SUSE bug 932040SUSE bug 932040CVE-2015-3167openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-3167SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040SUSE bug 931974SUSE bug 931974SUSE bug 932040SUSE bug 932040SUSE bug 931974SUSE bug 931974CVE-2015-3184openSUSE Leap 42.1
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.
ModerateCVE-2015-3184SUSE bug 939514SUSE bug 939516SUSE bug 939514SUSE bug 939514SUSE bug 939514SUSE bug 939514SUSE bug 939514SUSE bug 939514SUSE bug 939516SUSE bug 938723SUSE bug 938723CVE-2015-3187openSUSE Leap 42.1
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.
LowCVE-2015-3187SUSE bug 939517SUSE bug 939517SUSE bug 939517SUSE bug 939517SUSE bug 939517SUSE bug 939517SUSE bug 939517SUSE bug 939517CVE-2015-3194openSUSE Leap 42.1
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
ModerateCVE-2015-3194SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957812SUSE bug 957815SUSE bug 957815SUSE bug 958768SUSE bug 958768SUSE bug 958768SUSE bug 958768SUSE bug 957815SUSE bug 958768SUSE bug 958768SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 957815SUSE bug 976341SUSE bug 957815SUSE bug 957815SUSE bug 990370CVE-2015-3195openSUSE Leap 42.1
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
ImportantCVE-2015-3195SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957815SUSE bug 957812SUSE bug 958768SUSE bug 958768SUSE bug 958768SUSE bug 958768SUSE bug 957812SUSE bug 957812SUSE bug 958768SUSE bug 958768SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 963977SUSE bug 923755SUSE bug 957812SUSE bug 963977SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 957812SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 957812CVE-2015-3196openSUSE Leap 42.1
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
ImportantCVE-2015-3196SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813SUSE bug 957813CVE-2015-3197openSUSE Leap 42.1
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
LowCVE-2015-3197SUSE bug 963415SUSE bug 963415SUSE bug 963410SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 968044SUSE bug 968046SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 968044SUSE bug 968046SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415SUSE bug 963415CVE-2015-3202openSUSE Leap 42.1
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
ModerateCVE-2015-3202SUSE bug 931452SUSE bug 931452SUSE bug 931452SUSE bug 931452SUSE bug 931452SUSE bug 931452CVE-2015-3209openSUSE Leap 42.1
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
ImportantCVE-2015-3209SUSE bug 932770SUSE bug 932823SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932267SUSE bug 932267SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932823SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770SUSE bug 932770CVE-2015-3210openSUSE Leap 42.1
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.
LowCVE-2015-3210SUSE bug 933288SUSE bug 933288SUSE bug 957598SUSE bug 958373SUSE bug 933288SUSE bug 957598SUSE bug 958373SUSE bug 933288SUSE bug 933288SUSE bug 933288SUSE bug 933288SUSE bug 933288SUSE bug 933288CVE-2015-3216openSUSE Leap 42.1
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
ModerateCVE-2015-3216SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898SUSE bug 933898CVE-2015-3217openSUSE Leap 42.1
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.
ModerateCVE-2015-3217SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 958373SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878SUSE bug 933878CVE-2015-3218openSUSE Leap 42.1
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.
LowCVE-2015-3218SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 943816SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922SUSE bug 933922CVE-2015-3223openSUSE Leap 42.1
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
ImportantCVE-2015-3223SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581SUSE bug 958581CVE-2015-3228openSUSE Leap 42.1
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.
ModerateCVE-2015-3228SUSE bug 939342SUSE bug 939342SUSE bug 939342SUSE bug 939342SUSE bug 939342SUSE bug 939342SUSE bug 939342SUSE bug 939342CVE-2015-3247openSUSE Leap 42.1
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.
ImportantCVE-2015-3247SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460SUSE bug 944460CVE-2015-3255openSUSE Leap 42.1
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
ModerateCVE-2015-3255SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 943816SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246SUSE bug 939246CVE-2015-3256openSUSE Leap 42.1
PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."
ModerateCVE-2015-3256SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816SUSE bug 943816CVE-2015-3258openSUSE Leap 42.1
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
ModerateCVE-2015-3258SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 937018SUSE bug 921753SUSE bug 936281SUSE bug 937018SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 936281SUSE bug 937018SUSE bug 936281CVE-2015-3259openSUSE Leap 42.1
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.
ModerateCVE-2015-3259SUSE bug 935634SUSE bug 936281SUSE bug 937018SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 950367SUSE bug 935634SUSE bug 935634SUSE bug 935634SUSE bug 935634CVE-2015-3279openSUSE Leap 42.1
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
ModerateCVE-2015-3279SUSE bug 937018SUSE bug 921753SUSE bug 936281SUSE bug 937018SUSE bug 936281SUSE bug 937018CVE-2015-3294openSUSE Leap 42.1
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
ModerateCVE-2015-3294SUSE bug 923144SUSE bug 928867SUSE bug 928867SUSE bug 928867CVE-2015-3310openSUSE Leap 42.1
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.
ModerateCVE-2015-3310SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841SUSE bug 927841CVE-2015-3329openSUSE Leap 42.1
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
ModerateCVE-2015-3329SUSE bug 928408SUSE bug 928506SUSE bug 928511SUSE bug 928506SUSE bug 928506SUSE bug 928506SUSE bug 928506SUSE bug 980366CVE-2015-3330openSUSE Leap 42.1
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
ImportantCVE-2015-3330SUSE bug 928408SUSE bug 928408SUSE bug 928506SUSE bug 928511SUSE bug 928408SUSE bug 908782SUSE bug 908782SUSE bug 928408CVE-2015-3340openSUSE Leap 42.1
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
LowCVE-2015-3340SUSE bug 927967SUSE bug 929339SUSE bug 927967SUSE bug 927967SUSE bug 927967SUSE bug 927967CVE-2015-3405openSUSE Leap 42.1
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
ModerateCVE-2015-3405SUSE bug 924202SUSE bug 928321SUSE bug 928321SUSE bug 928321SUSE bug 924202SUSE bug 928321SUSE bug 928321SUSE bug 928321SUSE bug 924202SUSE bug 928321SUSE bug 928321SUSE bug 928321SUSE bug 928321SUSE bug 928321SUSE bug 928321CVE-2015-3411openSUSE Leap 42.1
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
ModerateCVE-2015-3411SUSE bug 935227SUSE bug 935229SUSE bug 935232SUSE bug 935227SUSE bug 935227SUSE bug 935229SUSE bug 935232SUSE bug 935227SUSE bug 935227SUSE bug 935227SUSE bug 935227SUSE bug 935227SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935227SUSE bug 935227SUSE bug 935227SUSE bug 980366SUSE bug 935227SUSE bug 935227SUSE bug 935227CVE-2015-3412openSUSE Leap 42.1
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
ModerateCVE-2015-3412SUSE bug 935229SUSE bug 935232SUSE bug 935229SUSE bug 935227SUSE bug 935229SUSE bug 935232SUSE bug 935229SUSE bug 935227SUSE bug 935227SUSE bug 980366SUSE bug 935229SUSE bug 935229SUSE bug 935229SUSE bug 935229CVE-2015-3451openSUSE Leap 42.1
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
LowCVE-2015-3451SUSE bug 929237SUSE bug 929237SUSE bug 929237SUSE bug 929237SUSE bug 929237SUSE bug 929237CVE-2015-3455openSUSE Leap 42.1
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
ModerateCVE-2015-3455SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493SUSE bug 929493CVE-2015-3456openSUSE Leap 42.1
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
ModerateCVE-2015-3456SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 932770SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 929339SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900SUSE bug 935900CVE-2015-3622openSUSE Leap 42.1
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
LowCVE-2015-3622SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414SUSE bug 929414CVE-2015-3658openSUSE Leap 42.1
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.
ImportantCVE-2015-3658SUSE bug 971460CVE-2015-3659openSUSE Leap 42.1
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
ImportantCVE-2015-3659SUSE bug 936835SUSE bug 936835SUSE bug 936835SUSE bug 936835SUSE bug 936836SUSE bug 971460CVE-2015-3660openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.
ModerateCVE-2015-3660SUSE bug 1082221CVE-2015-3727openSUSE Leap 42.1
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.
ImportantCVE-2015-3727SUSE bug 971460CVE-2015-3730openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3730SUSE bug 1082221CVE-2015-3731openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3731SUSE bug 971460CVE-2015-3738openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3738SUSE bug 1082221CVE-2015-3740openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3740SUSE bug 1082221CVE-2015-3741openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3741SUSE bug 971460CVE-2015-3742openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3742SUSE bug 1082221CVE-2015-3743openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3743SUSE bug 971460CVE-2015-3744openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3744SUSE bug 1082221CVE-2015-3745openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3745SUSE bug 971460CVE-2015-3746openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3746SUSE bug 1082221CVE-2015-3747openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3747SUSE bug 971460CVE-2015-3748openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3748SUSE bug 971460CVE-2015-3749openSUSE Leap 42.1
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.
ImportantCVE-2015-3749SUSE bug 971460CVE-2015-3750openSUSE Leap 42.1
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof a report by modifying the client-server data stream.
ImportantCVE-2015-3750SUSE bug 1082221CVE-2015-3751openSUSE Leap 42.1
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
ModerateCVE-2015-3751SUSE bug 1082221CVE-2015-3752openSUSE Leap 42.1
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request.
ModerateCVE-2015-3752SUSE bug 971460CVE-2015-3754openSUSE Leap 42.1
The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site.
ModerateCVE-2015-3754SUSE bug 1082221CVE-2015-3755openSUSE Leap 42.1
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
ModerateCVE-2015-3755SUSE bug 1082221CVE-2015-3808openSUSE Leap 42.1
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-3808SUSE bug 930689CVE-2015-3809openSUSE Leap 42.1
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-3809SUSE bug 930689CVE-2015-3810openSUSE Leap 42.1
epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.
ModerateCVE-2015-3810SUSE bug 930689CVE-2015-3811openSUSE Leap 42.1
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.
ModerateCVE-2015-3811SUSE bug 930689SUSE bug 930691CVE-2015-3812openSUSE Leap 42.1
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.
ModerateCVE-2015-3812SUSE bug 930689SUSE bug 930691CVE-2015-3813openSUSE Leap 42.1
The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.
ModerateCVE-2015-3813SUSE bug 930689CVE-2015-3814openSUSE Leap 42.1
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-3814SUSE bug 930689SUSE bug 930691CVE-2015-3815openSUSE Leap 42.1
The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906.
ModerateCVE-2015-3815SUSE bug 930689CVE-2015-3900openSUSE Leap 42.1
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
ImportantCVE-2015-3900SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032SUSE bug 936032CVE-2015-4000openSUSE Leap 42.1
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
ImportantCVE-2015-4000SUSE bug 931600SUSE bug 931600SUSE bug 931845SUSE bug 931600SUSE bug 932026SUSE bug 931600SUSE bug 932483SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 934789SUSE bug 931600SUSE bug 931600SUSE bug 935033SUSE bug 931845SUSE bug 931600SUSE bug 931600SUSE bug 935540SUSE bug 931600SUSE bug 936168SUSE bug 931600SUSE bug 931600SUSE bug 935979SUSE bug 931600SUSE bug 937202SUSE bug 935979SUSE bug 931600SUSE bug 937766SUSE bug 931600SUSE bug 937724SUSE bug 931600SUSE bug 938248SUSE bug 938432SUSE bug 931600SUSE bug 931723SUSE bug 931600SUSE bug 931600SUSE bug 938895SUSE bug 938905SUSE bug 938906SUSE bug 938913SUSE bug 938945SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 941696SUSE bug 941696SUSE bug 941696SUSE bug 941696SUSE bug 941696SUSE bug 941696SUSE bug 943664SUSE bug 931600SUSE bug 931600SUSE bug 944729SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 955589SUSE bug 931600SUSE bug 955589SUSE bug 945582SUSE bug 931600SUSE bug 931698SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 980406SUSE bug 980406SUSE bug 980406SUSE bug 980406SUSE bug 980406SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 931600SUSE bug 990592SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2015-4021openSUSE Leap 42.1
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
ModerateCVE-2015-4021SUSE bug 931769SUSE bug 931769SUSE bug 931769SUSE bug 931769SUSE bug 931769SUSE bug 935074SUSE bug 931769SUSE bug 931769SUSE bug 980366CVE-2015-4022openSUSE Leap 42.1
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
ModerateCVE-2015-4022SUSE bug 931772SUSE bug 931772SUSE bug 931772SUSE bug 931772SUSE bug 935275SUSE bug 935275SUSE bug 931772SUSE bug 931772SUSE bug 931769SUSE bug 980366SUSE bug 931772CVE-2015-4024openSUSE Leap 42.1
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
ModerateCVE-2015-4024SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 931421SUSE bug 980366CVE-2015-4026openSUSE Leap 42.1
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
ModerateCVE-2015-4026SUSE bug 931776SUSE bug 931776SUSE bug 931776SUSE bug 931776SUSE bug 931776SUSE bug 935227SUSE bug 931776SUSE bug 931776SUSE bug 931776SUSE bug 980366CVE-2015-4037openSUSE Leap 42.1
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
ModerateCVE-2015-4037SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 950367SUSE bug 950367SUSE bug 932267SUSE bug 932267SUSE bug 932267SUSE bug 932267CVE-2015-4041openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-4041SUSE bug 928749CVE-2015-4042openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-4042SUSE bug 928749CVE-2015-4047openSUSE Leap 42.1
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
ModerateCVE-2015-4047SUSE bug 931989SUSE bug 931989SUSE bug 931989SUSE bug 931989SUSE bug 931989SUSE bug 931989CVE-2015-4103openSUSE Leap 42.1
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.
ModerateCVE-2015-4103SUSE bug 931625SUSE bug 931625SUSE bug 931625SUSE bug 931625SUSE bug 931625CVE-2015-4104openSUSE Leap 42.1
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
ModerateCVE-2015-4104SUSE bug 931626SUSE bug 931626SUSE bug 931626SUSE bug 931626SUSE bug 931626SUSE bug 931626CVE-2015-4105openSUSE Leap 42.1
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
ModerateCVE-2015-4105SUSE bug 931627SUSE bug 931627SUSE bug 931627SUSE bug 931627SUSE bug 931627SUSE bug 931627CVE-2015-4106openSUSE Leap 42.1
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
ModerateCVE-2015-4106SUSE bug 931628SUSE bug 931628SUSE bug 931628SUSE bug 931628SUSE bug 931628SUSE bug 931628CVE-2015-4116openSUSE Leap 42.1
Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.
ImportantCVE-2015-4116SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366SUSE bug 980366CVE-2015-4141openSUSE Leap 42.1
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
LowCVE-2015-4141SUSE bug 930077SUSE bug 930077SUSE bug 915323SUSE bug 930077SUSE bug 930077SUSE bug 930077SUSE bug 930077SUSE bug 930077SUSE bug 930077SUSE bug 930077CVE-2015-4142openSUSE Leap 42.1
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
LowCVE-2015-4142SUSE bug 930078SUSE bug 930078SUSE bug 915323SUSE bug 930078SUSE bug 930078SUSE bug 930078SUSE bug 930078SUSE bug 930078SUSE bug 930078SUSE bug 930078SUSE bug 930078CVE-2015-4143openSUSE Leap 42.1
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
LowCVE-2015-4143SUSE bug 930079SUSE bug 930079SUSE bug 930079SUSE bug 930079SUSE bug 930079SUSE bug 930079SUSE bug 930079CVE-2015-4148openSUSE Leap 42.1
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
ModerateCVE-2015-4148SUSE bug 933227SUSE bug 933227SUSE bug 933227SUSE bug 935226SUSE bug 933227SUSE bug 933227SUSE bug 933227SUSE bug 933227SUSE bug 935074SUSE bug 980366CVE-2015-4473openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4473SUSE bug 940806CVE-2015-4474openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4474SUSE bug 940806CVE-2015-4475openSUSE Leap 42.1
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
ModerateCVE-2015-4475SUSE bug 940806CVE-2015-4476openSUSE Leap 42.1
Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.
ModerateCVE-2015-4476SUSE bug 947003CVE-2015-4477openSUSE Leap 42.1
Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.
CVE-2015-4477SUSE bug 940806CVE-2015-4478openSUSE Leap 42.1
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.
ModerateCVE-2015-4478SUSE bug 940806CVE-2015-4479openSUSE Leap 42.1
Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.
ImportantCVE-2015-4479SUSE bug 940806CVE-2015-4480openSUSE Leap 42.1
Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.
ImportantCVE-2015-4480SUSE bug 940806CVE-2015-4481openSUSE Leap 42.1
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
CVE-2015-4481SUSE bug 940806CVE-2015-4482openSUSE Leap 42.1
mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.
CVE-2015-4482SUSE bug 940806CVE-2015-4483openSUSE Leap 42.1
Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.
CVE-2015-4483SUSE bug 940806CVE-2015-4484openSUSE Leap 42.1
The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.
ModerateCVE-2015-4484SUSE bug 940806CVE-2015-4485openSUSE Leap 42.1
Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.
ImportantCVE-2015-4485SUSE bug 940806CVE-2015-4486openSUSE Leap 42.1
The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.
ImportantCVE-2015-4486SUSE bug 940806CVE-2015-4487openSUSE Leap 42.1
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ModerateCVE-2015-4487SUSE bug 940806CVE-2015-4488openSUSE Leap 42.1
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
ModerateCVE-2015-4488SUSE bug 940806CVE-2015-4489openSUSE Leap 42.1
The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
ModerateCVE-2015-4489SUSE bug 940806CVE-2015-4490openSUSE Leap 42.1
The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.
CVE-2015-4490SUSE bug 940806CVE-2015-4491openSUSE Leap 42.1
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
ImportantCVE-2015-4491SUSE bug 940806SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 948790SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801SUSE bug 942801CVE-2015-4492openSUSE Leap 42.1
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
ModerateCVE-2015-4492SUSE bug 940806CVE-2015-4493openSUSE Leap 42.1
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.
ImportantCVE-2015-4493SUSE bug 940806CVE-2015-4495openSUSE Leap 42.1
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
ModerateCVE-2015-4495SUSE bug 940918SUSE bug 940918SUSE bug 940918SUSE bug 940918SUSE bug 940918SUSE bug 940806SUSE bug 940918SUSE bug 940918SUSE bug 940918SUSE bug 940918CVE-2015-4497openSUSE Leap 42.1
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
ImportantCVE-2015-4497SUSE bug 943550SUSE bug 943557SUSE bug 943557SUSE bug 943557SUSE bug 943557SUSE bug 943557SUSE bug 943557SUSE bug 943608SUSE bug 943557SUSE bug 943557SUSE bug 943557CVE-2015-4498openSUSE Leap 42.1
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
ImportantCVE-2015-4498SUSE bug 943550SUSE bug 943558SUSE bug 943558SUSE bug 943558SUSE bug 943558SUSE bug 943558SUSE bug 943558SUSE bug 943608SUSE bug 943558SUSE bug 943558SUSE bug 943558CVE-2015-4500openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4500SUSE bug 947003CVE-2015-4501openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4501SUSE bug 947003CVE-2015-4502openSUSE Leap 42.1
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.
ModerateCVE-2015-4502SUSE bug 947003CVE-2015-4503openSUSE Leap 42.1
The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.
ModerateCVE-2015-4503SUSE bug 947003CVE-2015-4504openSUSE Leap 42.1
The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.
ModerateCVE-2015-4504SUSE bug 947003CVE-2015-4505openSUSE Leap 42.1
updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
ModerateCVE-2015-4505SUSE bug 947003CVE-2015-4506openSUSE Leap 42.1
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.
ModerateCVE-2015-4506SUSE bug 947003CVE-2015-4507openSUSE Leap 42.1
The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.
ModerateCVE-2015-4507SUSE bug 947003CVE-2015-4508openSUSE Leap 42.1
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.
ModerateCVE-2015-4508SUSE bug 947003CVE-2015-4509openSUSE Leap 42.1
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
ImportantCVE-2015-4509SUSE bug 947003CVE-2015-4510openSUSE Leap 42.1
Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.
ImportantCVE-2015-4510SUSE bug 947003CVE-2015-4511openSUSE Leap 42.1
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.
ImportantCVE-2015-4511SUSE bug 947003CVE-2015-4512openSUSE Leap 42.1
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.
ModerateCVE-2015-4512SUSE bug 947003CVE-2015-4513openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-4513SUSE bug 952810CVE-2015-4514openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2015-4514SUSE bug 952810CVE-2015-4515openSUSE Leap 42.1
Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.
CriticalCVE-2015-4515SUSE bug 952810CVE-2015-4516openSUSE Leap 42.1
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
ImportantCVE-2015-4516SUSE bug 947003CVE-2015-4517openSUSE Leap 42.1
NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-4517SUSE bug 947003CVE-2015-4518openSUSE Leap 42.1
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CriticalCVE-2015-4518SUSE bug 952810CVE-2015-4519openSUSE Leap 42.1
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.
ModerateCVE-2015-4519SUSE bug 947003CVE-2015-4520openSUSE Leap 42.1
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
ImportantCVE-2015-4520SUSE bug 947003CVE-2015-4521openSUSE Leap 42.1
The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-4521SUSE bug 947003CVE-2015-4522openSUSE Leap 42.1
The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-4522SUSE bug 947003CVE-2015-4588openSUSE Leap 42.1
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
ImportantCVE-2015-4588SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109SUSE bug 933109CVE-2015-4598openSUSE Leap 42.1
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
ModerateCVE-2015-4598SUSE bug 935232SUSE bug 935232SUSE bug 935227SUSE bug 935232SUSE bug 935232SUSE bug 935232SUSE bug 935232SUSE bug 935232SUSE bug 935232SUSE bug 935227SUSE bug 935232SUSE bug 935227SUSE bug 980366SUSE bug 935232SUSE bug 935232SUSE bug 935232CVE-2015-4599openSUSE Leap 42.1
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
ModerateCVE-2015-4599SUSE bug 935226SUSE bug 935226SUSE bug 935234SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935226SUSE bug 935226SUSE bug 980366SUSE bug 935226SUSE bug 935226CVE-2015-4600openSUSE Leap 42.1
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
ModerateCVE-2015-4600SUSE bug 935226SUSE bug 935226SUSE bug 935234SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 980366SUSE bug 935226SUSE bug 935226CVE-2015-4601openSUSE Leap 42.1
PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
ModerateCVE-2015-4601SUSE bug 935226SUSE bug 935226SUSE bug 935234SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 935226SUSE bug 980366SUSE bug 935226SUSE bug 935226CVE-2015-4602openSUSE Leap 42.1
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
ModerateCVE-2015-4602SUSE bug 935224SUSE bug 935226SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935224SUSE bug 935224SUSE bug 935224SUSE bug 980366SUSE bug 935224SUSE bug 935224SUSE bug 935224CVE-2015-4603openSUSE Leap 42.1
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
ModerateCVE-2015-4603SUSE bug 935234SUSE bug 935226SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935234SUSE bug 935234SUSE bug 935234SUSE bug 980366SUSE bug 935234SUSE bug 935234SUSE bug 935234CVE-2015-4620openSUSE Leap 42.1
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
ModerateCVE-2015-4620SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476SUSE bug 936476CVE-2015-4625openSUSE Leap 42.1
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
LowCVE-2015-4625SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 943816SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119SUSE bug 935119CVE-2015-4643openSUSE Leap 42.1
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.
ModerateCVE-2015-4643SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935275SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 931769SUSE bug 980366SUSE bug 935275SUSE bug 935275CVE-2015-4644openSUSE Leap 42.1
The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
ModerateCVE-2015-4644SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935274SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 980366SUSE bug 935274SUSE bug 935274CVE-2015-4651openSUSE Leap 42.1
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
LowCVE-2015-4651SUSE bug 935157SUSE bug 935157CVE-2015-4652openSUSE Leap 42.1
epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.
LowCVE-2015-4652SUSE bug 935158SUSE bug 935158SUSE bug 935158SUSE bug 935158CVE-2015-4695openSUSE Leap 42.1
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
ModerateCVE-2015-4695SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058SUSE bug 936058CVE-2015-4696openSUSE Leap 42.1
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
ModerateCVE-2015-4696SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062SUSE bug 936062CVE-2015-4729openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
ModerateCVE-2015-4729SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4730openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types.
ModerateCVE-2015-4730SUSE bug 951391CVE-2015-4731openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
ImportantCVE-2015-4731SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4732openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590.
ImportantCVE-2015-4732SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4733openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
ImportantCVE-2015-4733SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4734openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.
ImportantCVE-2015-4734SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4736openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ImportantCVE-2015-4736SUSE bug 938248SUSE bug 937828SUSE bug 938248CVE-2015-4748openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
ImportantCVE-2015-4748SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4749openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
ModerateCVE-2015-4749SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4760openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-4760SUSE bug 938248SUSE bug 938895SUSE bug 937828SUSE bug 938248CVE-2015-4766openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.
ImportantCVE-2015-4766SUSE bug 951391SUSE bug 951391CVE-2015-4792openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.
ImportantCVE-2015-4792SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4800openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.
ImportantCVE-2015-4800SUSE bug 951391SUSE bug 951391CVE-2015-4802openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
ImportantCVE-2015-4802SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4803openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
ImportantCVE-2015-4803SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4805openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
ImportantCVE-2015-4805SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4806openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ImportantCVE-2015-4806SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4807openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.
ImportantCVE-2015-4807SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4810openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
ImportantCVE-2015-4810SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4815openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
ImportantCVE-2015-4815SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4816openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ImportantCVE-2015-4816SUSE bug 951391SUSE bug 958790SUSE bug 958790SUSE bug 951391CVE-2015-4819openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
ImportantCVE-2015-4819SUSE bug 951391SUSE bug 958790SUSE bug 958790SUSE bug 951391SUSE bug 969667SUSE bug 969667SUSE bug 969667SUSE bug 969667SUSE bug 969667CVE-2015-4826openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.
ImportantCVE-2015-4826SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4830openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
ImportantCVE-2015-4830SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4833openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
ImportantCVE-2015-4833SUSE bug 951391SUSE bug 951391CVE-2015-4835openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
ImportantCVE-2015-4835SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4836openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
ImportantCVE-2015-4836SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4840openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
ImportantCVE-2015-4840SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4842openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
ImportantCVE-2015-4842SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4843openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ImportantCVE-2015-4843SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4844openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
ImportantCVE-2015-4844SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4858openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
ImportantCVE-2015-4858SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4860openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
ImportantCVE-2015-4860SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4861openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ImportantCVE-2015-4861SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4862openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2015-4862SUSE bug 951391SUSE bug 951391CVE-2015-4864openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
ImportantCVE-2015-4864SUSE bug 951391SUSE bug 951391CVE-2015-4866openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ImportantCVE-2015-4866SUSE bug 951391SUSE bug 951391CVE-2015-4868openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ImportantCVE-2015-4868SUSE bug 951376SUSE bug 951376CVE-2015-4870openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
ImportantCVE-2015-4870SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4871openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
ImportantCVE-2015-4871SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4872openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
ImportantCVE-2015-4872SUSE bug 951376SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4879openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
ImportantCVE-2015-4879SUSE bug 951391SUSE bug 958790SUSE bug 958790SUSE bug 951391CVE-2015-4881openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
ImportantCVE-2015-4881SUSE bug 951376SUSE bug 951376CVE-2015-4882openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
ImportantCVE-2015-4882SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4883openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
ImportantCVE-2015-4883SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4890openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.
ImportantCVE-2015-4890SUSE bug 951391SUSE bug 951391CVE-2015-4893openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
ImportantCVE-2015-4893SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4895openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
ImportantCVE-2015-4895SUSE bug 951391SUSE bug 958790SUSE bug 958790SUSE bug 951391CVE-2015-4901openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
ImportantCVE-2015-4901SUSE bug 951376SUSE bug 951376CVE-2015-4902openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
ImportantCVE-2015-4902SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4903openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
ImportantCVE-2015-4903SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4904openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
ImportantCVE-2015-4904SUSE bug 951391SUSE bug 951391CVE-2015-4905openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.
ImportantCVE-2015-4905SUSE bug 951391SUSE bug 951391CVE-2015-4906openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.
ImportantCVE-2015-4906SUSE bug 951376SUSE bug 951376CVE-2015-4908openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
ImportantCVE-2015-4908SUSE bug 951376SUSE bug 951376CVE-2015-4910openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
ImportantCVE-2015-4910SUSE bug 951391SUSE bug 951391CVE-2015-4911openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
ImportantCVE-2015-4911SUSE bug 951376SUSE bug 955131SUSE bug 951376CVE-2015-4913openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
ImportantCVE-2015-4913SUSE bug 951391SUSE bug 958789SUSE bug 951391CVE-2015-4916openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.
ImportantCVE-2015-4916SUSE bug 951376SUSE bug 951376CVE-2015-5073openSUSE Leap 42.1
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.
ModerateCVE-2015-5073SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227SUSE bug 936227CVE-2015-5154openSUSE Leap 42.1
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
ImportantCVE-2015-5154SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 950367SUSE bug 938344SUSE bug 950367SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344SUSE bug 938344CVE-2015-5174openSUSE Leap 42.1
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory.
ModerateCVE-2015-5174SUSE bug 967967SUSE bug 967967SUSE bug 967967SUSE bug 967967SUSE bug 967967CVE-2015-5185openSUSE Leap 42.1
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
ModerateCVE-2015-5185SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628SUSE bug 942628CVE-2015-5191openSUSE Leap 42.1
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
ImportantCVE-2015-5191SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600SUSE bug 1007600CVE-2015-5198openSUSE Leap 42.1
libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable.
ModerateCVE-2015-5198SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967SUSE bug 943967CVE-2015-5199openSUSE Leap 42.1
Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.
ModerateCVE-2015-5199SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968SUSE bug 943968CVE-2015-5200openSUSE Leap 42.1
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.
ModerateCVE-2015-5200SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969SUSE bug 943969CVE-2015-5203openSUSE Leap 42.1
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
ModerateCVE-2015-5203SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 942553SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 941919SUSE bug 941919CVE-2015-5218openSUSE Leap 42.1
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
LowCVE-2015-5218SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754SUSE bug 949754CVE-2015-5219openSUSE Leap 42.1
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
ModerateCVE-2015-5219SUSE bug 943216SUSE bug 943216SUSE bug 943216SUSE bug 943216SUSE bug 943218SUSE bug 943221SUSE bug 943218SUSE bug 943221SUSE bug 943216SUSE bug 959243SUSE bug 959243SUSE bug 959243SUSE bug 943216SUSE bug 943219SUSE bug 943221SUSE bug 943216SUSE bug 943216SUSE bug 1010964CVE-2015-5221openSUSE Leap 42.1
Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
ModerateCVE-2015-5221SUSE bug 942553SUSE bug 942553SUSE bug 942553SUSE bug 942553SUSE bug 942553CVE-2015-5225openSUSE Leap 42.1
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.
ImportantCVE-2015-5225SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845SUSE bug 942845CVE-2015-5234openSUSE Leap 42.1
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
ModerateCVE-2015-5234SUSE bug 944209SUSE bug 944209SUSE bug 944209SUSE bug 944209SUSE bug 944209SUSE bug 944209CVE-2015-5235openSUSE Leap 42.1
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
ModerateCVE-2015-5235SUSE bug 944208SUSE bug 944208SUSE bug 944208SUSE bug 944208SUSE bug 944208SUSE bug 944208SUSE bug 944208CVE-2015-5239openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-5239SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 950367SUSE bug 950367SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463SUSE bug 944463CVE-2015-5247openSUSE Leap 42.1
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
ModerateCVE-2015-5247SUSE bug 945645SUSE bug 945645SUSE bug 945645SUSE bug 945645SUSE bug 945645SUSE bug 945645SUSE bug 945645CVE-2015-5252openSUSE Leap 42.1
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
ImportantCVE-2015-5252SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582SUSE bug 958582CVE-2015-5260openSUSE Leap 42.1
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.
ModerateCVE-2015-5260SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787SUSE bug 944787CVE-2015-5261openSUSE Leap 42.1
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.
ModerateCVE-2015-5261SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 948976SUSE bug 982386SUSE bug 982386SUSE bug 948976SUSE bug 948976SUSE bug 982386SUSE bug 982386SUSE bug 948976SUSE bug 982386CVE-2015-5276openSUSE Leap 42.1
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
LowCVE-2015-5276SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842SUSE bug 945842CVE-2015-5278openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-5278SUSE bug 945989SUSE bug 945989SUSE bug 945989SUSE bug 964947SUSE bug 964947SUSE bug 964947SUSE bug 964947SUSE bug 964947SUSE bug 945989SUSE bug 945989CVE-2015-5279openSUSE Leap 42.1
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
ImportantCVE-2015-5279SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987SUSE bug 945987CVE-2015-5288openSUSE Leap 42.1
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.
ModerateCVE-2015-5288SUSE bug 949669SUSE bug 949670SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669SUSE bug 949669CVE-2015-5289openSUSE Leap 42.1
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
ModerateCVE-2015-5289SUSE bug 949669SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670SUSE bug 949670CVE-2015-5291openSUSE Leap 42.1
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.
CriticalCVE-2015-5291SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380SUSE bug 949380CVE-2015-5296openSUSE Leap 42.1
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.
ModerateCVE-2015-5296SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 973031SUSE bug 958584SUSE bug 958584SUSE bug 958584SUSE bug 1058622SUSE bug 1058622SUSE bug 1058622SUSE bug 1058622SUSE bug 1058622CVE-2015-5299openSUSE Leap 42.1
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.
ModerateCVE-2015-5299SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583SUSE bug 958583CVE-2015-5300openSUSE Leap 42.1
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
ModerateCVE-2015-5300SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 951629SUSE bug 959243SUSE bug 951629CVE-2015-5307openSUSE Leap 42.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
ModerateCVE-2015-5307SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 954405SUSE bug 953527SUSE bug 954404SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 962977SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 954405SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 954018SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527SUSE bug 953527CVE-2015-5309openSUSE Leap 42.1
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.
ModerateCVE-2015-5309SUSE bug 954191SUSE bug 954191CVE-2015-5310openSUSE Leap 42.1
The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response.
ModerateCVE-2015-5310SUSE bug 952254SUSE bug 953115SUSE bug 952254SUSE bug 952254SUSE bug 952254CVE-2015-5311openSUSE Leap 42.1
PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets.
ModerateCVE-2015-5311SUSE bug 954402SUSE bug 954402SUSE bug 954402SUSE bug 954402SUSE bug 954402CVE-2015-5312openSUSE Leap 42.1
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
ModerateCVE-2015-5312SUSE bug 957105SUSE bug 957105SUSE bug 957105SUSE bug 957105SUSE bug 957105SUSE bug 957105SUSE bug 959469SUSE bug 957105SUSE bug 957105SUSE bug 957105SUSE bug 957105CVE-2015-5313openSUSE Leap 42.1
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write to arbitrary files via a .. (dot dot) in a volume name.
ModerateCVE-2015-5313SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110SUSE bug 953110CVE-2015-5330openSUSE Leap 42.1
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.
ModerateCVE-2015-5330SUSE bug 958581SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586SUSE bug 958586CVE-2015-5333openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-5333SUSE bug 950707SUSE bug 950708SUSE bug 950707SUSE bug 950707CVE-2015-5334openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-5334SUSE bug 950707SUSE bug 950708SUSE bug 950708SUSE bug 950708CVE-2015-5343openSUSE Leap 42.1
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
ModerateCVE-2015-5343SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300SUSE bug 958300CVE-2015-5345openSUSE Leap 42.1
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
ModerateCVE-2015-5345SUSE bug 967965SUSE bug 967965SUSE bug 967965SUSE bug 967965SUSE bug 967965SUSE bug 967965CVE-2015-5346openSUSE Leap 42.1
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
ModerateCVE-2015-5346SUSE bug 967814SUSE bug 967814SUSE bug 967814SUSE bug 967814SUSE bug 967814SUSE bug 967814SUSE bug 967814SUSE bug 967814CVE-2015-5351openSUSE Leap 42.1
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
ModerateCVE-2015-5351SUSE bug 967812SUSE bug 967812SUSE bug 967812SUSE bug 967812SUSE bug 967812SUSE bug 967812SUSE bug 967812SUSE bug 967812CVE-2015-5352openSUSE Leap 42.1
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
ImportantCVE-2015-5352SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 938277SUSE bug 938277SUSE bug 938277SUSE bug 938277SUSE bug 938277SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 938277SUSE bug 938277SUSE bug 938277SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 948086SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 938277SUSE bug 936695SUSE bug 936695SUSE bug 992991SUSE bug 996040SUSE bug 936695SUSE bug 936695SUSE bug 936695SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2015-5370openSUSE Leap 42.1
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.
CriticalCVE-2015-5370SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 975276SUSE bug 936862SUSE bug 936862SUSE bug 975276SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862SUSE bug 936862CVE-2015-5400openSUSE Leap 42.1
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
ModerateCVE-2015-5400SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 967073SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715SUSE bug 938715CVE-2015-5477openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
ImportantCVE-2015-5477SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 939567SUSE bug 980168SUSE bug 1000362CVE-2015-5479openSUSE Leap 42.1
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
ModerateCVE-2015-5479SUSE bug 949760CVE-2015-5522openSUSE Leap 42.1
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.
ModerateCVE-2015-5522SUSE bug 933588SUSE bug 933588CVE-2015-5523openSUSE Leap 42.1
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.
ModerateCVE-2015-5523SUSE bug 933588SUSE bug 933588CVE-2015-5589openSUSE Leap 42.1
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.
ModerateCVE-2015-5589SUSE bug 938721SUSE bug 938721SUSE bug 935074SUSE bug 935074SUSE bug 938721SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 938721SUSE bug 938721SUSE bug 980366CVE-2015-5590openSUSE Leap 42.1
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension.
ModerateCVE-2015-5590SUSE bug 938719SUSE bug 938719SUSE bug 935074SUSE bug 935074SUSE bug 938719SUSE bug 935074SUSE bug 935074SUSE bug 935074SUSE bug 938719SUSE bug 980366CVE-2015-5600openSUSE Leap 42.1
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
ImportantCVE-2015-5600SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 943504SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 945985SUSE bug 948086SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 945985SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 945985SUSE bug 938746SUSE bug 954457SUSE bug 938746SUSE bug 957883SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 996040SUSE bug 1009988SUSE bug 1009988SUSE bug 1009988SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 938746SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2015-5621openSUSE Leap 42.1
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
ImportantCVE-2015-5621SUSE bug 940188SUSE bug 940188SUSE bug 940188SUSE bug 940188SUSE bug 940188SUSE bug 940188SUSE bug 940188CVE-2015-5722openSUSE Leap 42.1
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
ImportantCVE-2015-5722SUSE bug 944066SUSE bug 944066SUSE bug 944107SUSE bug 944066SUSE bug 944066SUSE bug 944066SUSE bug 944066SUSE bug 944066SUSE bug 944066SUSE bug 944066SUSE bug 954983SUSE bug 954983SUSE bug 944066SUSE bug 958861SUSE bug 944066SUSE bug 944066CVE-2015-5726openSUSE Leap 42.1
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
ModerateCVE-2015-5726SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025SUSE bug 968025CVE-2015-5727openSUSE Leap 42.1
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.
ModerateCVE-2015-5727SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026SUSE bug 968026CVE-2015-5745openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-5745SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 950367SUSE bug 950367SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929SUSE bug 940929CVE-2015-5788openSUSE Leap 42.1
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.
ModerateCVE-2015-5788SUSE bug 971460CVE-2015-5794openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5794SUSE bug 971460CVE-2015-5801openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5801SUSE bug 971460CVE-2015-5804openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5804SUSE bug 1082221CVE-2015-5805openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5805SUSE bug 1082221CVE-2015-5807openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5807SUSE bug 1082221CVE-2015-5809openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5809SUSE bug 971460CVE-2015-5810openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5810SUSE bug 1082221CVE-2015-5813openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5813SUSE bug 1082221CVE-2015-5814openSUSE Leap 42.1
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5814SUSE bug 1082221CVE-2015-5815openSUSE Leap 42.1
WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5815SUSE bug 1082221CVE-2015-5817openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5817SUSE bug 1082221CVE-2015-5818openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5818SUSE bug 1082221CVE-2015-5822openSUSE Leap 42.1
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.
ImportantCVE-2015-5822SUSE bug 971460CVE-2015-5825openSUSE Leap 42.1
WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code.
ModerateCVE-2015-5825SUSE bug 1082221CVE-2015-5827openSUSE Leap 42.1
WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.
ModerateCVE-2015-5827SUSE bug 1082221CVE-2015-5828openSUSE Leap 42.1
The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.
ModerateCVE-2015-5828SUSE bug 1082221CVE-2015-5928openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-5928SUSE bug 971460CVE-2015-5929openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-5929SUSE bug 1082221CVE-2015-5930openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-5930SUSE bug 1082221CVE-2015-5931openSUSE Leap 42.1
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-5931SUSE bug 1082221CVE-2015-5949openSUSE Leap 42.1
VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
ImportantCVE-2015-5949SUSE bug 965227SUSE bug 965227SUSE bug 965227SUSE bug 965227SUSE bug 965227CVE-2015-5969openSUSE Leap 42.1
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.
ModerateCVE-2015-5969SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174SUSE bug 957174CVE-2015-6031openSUSE Leap 42.1
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
ImportantCVE-2015-6031SUSE bug 950759SUSE bug 950759CVE-2015-6241openSUSE Leap 42.1
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6241SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6242openSUSE Leap 42.1
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.
ModerateCVE-2015-6242SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6243openSUSE Leap 42.1
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.
ModerateCVE-2015-6243SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6244openSUSE Leap 42.1
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6244SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6245openSUSE Leap 42.1
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-6245SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6246openSUSE Leap 42.1
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6246SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6247openSUSE Leap 42.1
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-6247SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6248openSUSE Leap 42.1
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6248SUSE bug 941500SUSE bug 941500SUSE bug 941500CVE-2015-6249openSUSE Leap 42.1
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-6249SUSE bug 941500SUSE bug 941500CVE-2015-6251openSUSE Leap 42.1
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
ModerateCVE-2015-6251SUSE bug 941794SUSE bug 941794SUSE bug 941794CVE-2015-6360openSUSE Leap 42.1
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
ModerateCVE-2015-6360SUSE bug 957376SUSE bug 957376SUSE bug 957376SUSE bug 957376SUSE bug 957376SUSE bug 957376CVE-2015-6563openSUSE Leap 42.1
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
ModerateCVE-2015-6563SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 948086SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943010SUSE bug 943006SUSE bug 943007SUSE bug 943010SUSE bug 943010SUSE bug 996040SUSE bug 943010SUSE bug 943010SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2015-6564openSUSE Leap 42.1
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
ModerateCVE-2015-6564SUSE bug 942850SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 948086SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943006SUSE bug 943007SUSE bug 943010SUSE bug 943006SUSE bug 996040SUSE bug 943006SUSE bug 943006SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631SUSE bug 1074631CVE-2015-6673openSUSE Leap 42.1
Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.
ImportantCVE-2015-6673SUSE bug 943304SUSE bug 943304SUSE bug 943304SUSE bug 943304CVE-2015-6749openSUSE Leap 42.1
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
ModerateCVE-2015-6749SUSE bug 943795SUSE bug 943795SUSE bug 943795SUSE bug 943795SUSE bug 943795SUSE bug 943795SUSE bug 943795SUSE bug 943795CVE-2015-6764openSUSE Leap 42.1
The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
LowCVE-2015-6764SUSE bug 956902SUSE bug 957519SUSE bug 956902CVE-2015-6765openSUSE Leap 42.1
Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs.
ImportantCVE-2015-6765SUSE bug 957519CVE-2015-6766openSUSE Leap 42.1
Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection.
ImportantCVE-2015-6766SUSE bug 957519CVE-2015-6767openSUSE Leap 42.1
Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks.
ImportantCVE-2015-6767SUSE bug 957519CVE-2015-6768openSUSE Leap 42.1
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770.
ImportantCVE-2015-6768SUSE bug 957519CVE-2015-6769openSUSE Leap 42.1
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing.
ImportantCVE-2015-6769SUSE bug 957519CVE-2015-6770openSUSE Leap 42.1
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768.
ImportantCVE-2015-6770SUSE bug 957519CVE-2015-6771openSUSE Leap 42.1
js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2015-6771SUSE bug 957519CVE-2015-6772openSUSE Leap 42.1
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin.
ImportantCVE-2015-6772SUSE bug 957519CVE-2015-6773openSUSE Leap 42.1
The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data.
ImportantCVE-2015-6773SUSE bug 957519CVE-2015-6774openSUSE Leap 42.1
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data.
ImportantCVE-2015-6774SUSE bug 957519CVE-2015-6775openSUSE Leap 42.1
fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
ImportantCVE-2015-6775SUSE bug 957519CVE-2015-6776openSUSE Leap 42.1
The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform.
ImportantCVE-2015-6776SUSE bug 957519CVE-2015-6777openSUSE Leap 42.1
Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions.
ImportantCVE-2015-6777SUSE bug 957519CVE-2015-6778openSUSE Leap 42.1
The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2 compression.
ImportantCVE-2015-6778SUSE bug 957519CVE-2015-6779openSUSE Leap 42.1
PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.
ImportantCVE-2015-6779SUSE bug 957519CVE-2015-6780openSUSE Leap 42.1
Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc.
ImportantCVE-2015-6780SUSE bug 957519CVE-2015-6781openSUSE Leap 42.1
Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container.
ImportantCVE-2015-6781SUSE bug 957519CVE-2015-6782openSUSE Leap 42.1
The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526.73 does not ensure that page-dismissal event handling is compatible with modal-dialog blocking, which makes it easier for remote attackers to spoof Omnibox content via a crafted web site.
ImportantCVE-2015-6782SUSE bug 957519CVE-2015-6783openSUSE Leap 42.1
The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive.
ImportantCVE-2015-6783SUSE bug 957519CVE-2015-6784openSUSE Leap 42.1
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.
ModerateCVE-2015-6784SUSE bug 957519CVE-2015-6785openSUSE Leap 42.1
The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains.
ModerateCVE-2015-6785SUSE bug 957519CVE-2015-6786openSUSE Leap 42.1
The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a * pattern, which allows remote attackers to bypass intended scheme restrictions in opportunistic circumstances by leveraging a policy that relies on this pattern.
ModerateCVE-2015-6786SUSE bug 957519CVE-2015-6787openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2015-6787SUSE bug 957519CVE-2015-6788openSUSE Leap 42.1
The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
CriticalCVE-2015-6788SUSE bug 958481SUSE bug 957519SUSE bug 957519CVE-2015-6789openSUSE Leap 42.1
Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion.
ImportantCVE-2015-6789SUSE bug 958481SUSE bug 957519SUSE bug 957519CVE-2015-6790openSUSE Leap 42.1
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character inside a single-quoted string.
ModerateCVE-2015-6790SUSE bug 958481SUSE bug 957519SUSE bug 957519CVE-2015-6791openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2015-6791SUSE bug 958481SUSE bug 957519SUSE bug 957519CVE-2015-6792openSUSE Leap 42.1
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664.
ImportantCVE-2015-6792SUSE bug 959458SUSE bug 959458SUSE bug 959458SUSE bug 959458SUSE bug 959458SUSE bug 959458SUSE bug 959458CVE-2015-6815openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-6815SUSE bug 944697SUSE bug 944697SUSE bug 944697SUSE bug 944697SUSE bug 950367SUSE bug 950367SUSE bug 944697SUSE bug 944697SUSE bug 944697SUSE bug 944697CVE-2015-6831openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
ImportantCVE-2015-6831SUSE bug 942291SUSE bug 942294SUSE bug 942295SUSE bug 945188SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 942291SUSE bug 980366SUSE bug 942291SUSE bug 942291CVE-2015-6832openSUSE Leap 42.1
Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.
ImportantCVE-2015-6832SUSE bug 942293SUSE bug 945189CVE-2015-6833openSUSE Leap 42.1
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
ModerateCVE-2015-6833SUSE bug 942296SUSE bug 980366CVE-2015-6834openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.
ModerateCVE-2015-6834SUSE bug 945403SUSE bug 945403SUSE bug 945403SUSE bug 945403SUSE bug 1015191SUSE bug 1015191CVE-2015-6835openSUSE Leap 42.1
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.
ModerateCVE-2015-6835SUSE bug 945402SUSE bug 945402SUSE bug 945402SUSE bug 945402CVE-2015-6836openSUSE Leap 42.1
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function.
ModerateCVE-2015-6836SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 945428SUSE bug 980366CVE-2015-6837openSUSE Leap 42.1
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.
ModerateCVE-2015-6837SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 980366SUSE bug 945412SUSE bug 945412CVE-2015-6838openSUSE Leap 42.1
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.
ModerateCVE-2015-6838SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 945412SUSE bug 980366SUSE bug 945412SUSE bug 945412CVE-2015-6855openSUSE Leap 42.1
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.
LowCVE-2015-6855SUSE bug 945404SUSE bug 945404SUSE bug 945404SUSE bug 945404SUSE bug 945404SUSE bug 965156SUSE bug 965156SUSE bug 965156SUSE bug 965156SUSE bug 965156SUSE bug 945404SUSE bug 945404CVE-2015-6908openSUSE Leap 42.1
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
ImportantCVE-2015-6908SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582SUSE bug 945582CVE-2015-6937openSUSE Leap 42.1
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
LowCVE-2015-6937SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 945825SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 945825SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 945825SUSE bug 953052SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 963994SUSE bug 963994SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 963994SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 963994SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 923755SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 963994SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 945825SUSE bug 952384SUSE bug 952384SUSE bug 945825SUSE bug 945825SUSE bug 952384CVE-2015-7002openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-7002SUSE bug 1082221CVE-2015-7013openSUSE Leap 42.1
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-7013SUSE bug 1082221CVE-2015-7014openSUSE Leap 42.1
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.
ImportantCVE-2015-7014SUSE bug 1082221CVE-2015-7048openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7048SUSE bug 1082221CVE-2015-7095openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7095SUSE bug 1082221CVE-2015-7096openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7096SUSE bug 1082221CVE-2015-7097openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7097SUSE bug 1082221CVE-2015-7098openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7098SUSE bug 1082221CVE-2015-7099openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7099SUSE bug 1082221CVE-2015-7100openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103.
ImportantCVE-2015-7100SUSE bug 1082221CVE-2015-7102openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7103.
ImportantCVE-2015-7102SUSE bug 1082221CVE-2015-7103openSUSE Leap 42.1
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, and CVE-2015-7102.
ImportantCVE-2015-7103SUSE bug 1082221CVE-2015-7104openSUSE Leap 42.1
WebKit in Apple Safari before 9.0.2 and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
ImportantCVE-2015-7104SUSE bug 1082221CVE-2015-7174openSUSE Leap 42.1
The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-7174SUSE bug 947003CVE-2015-7175openSUSE Leap 42.1
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
ImportantCVE-2015-7175SUSE bug 947003CVE-2015-7176openSUSE Leap 42.1
The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7176SUSE bug 947003CVE-2015-7177openSUSE Leap 42.1
The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7177SUSE bug 947003CVE-2015-7178openSUSE Leap 42.1
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.
ImportantCVE-2015-7178SUSE bug 947003CVE-2015-7179openSUSE Leap 42.1
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.
ImportantCVE-2015-7179SUSE bug 947003CVE-2015-7180openSUSE Leap 42.1
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2015-7180SUSE bug 947003CVE-2015-7181openSUSE Leap 42.1
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.
ImportantCVE-2015-7181SUSE bug 952810CVE-2015-7182openSUSE Leap 42.1
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.
ImportantCVE-2015-7182SUSE bug 952810CVE-2015-7183openSUSE Leap 42.1
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
ImportantCVE-2015-7183SUSE bug 952810SUSE bug 962977CVE-2015-7184openSUSE Leap 42.1
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2015-7184SUSE bug 950686SUSE bug 950686CVE-2015-7185openSUSE Leap 42.1
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
ModerateCVE-2015-7185SUSE bug 952810CVE-2015-7186openSUSE Leap 42.1
Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.
ModerateCVE-2015-7186SUSE bug 952810CVE-2015-7187openSUSE Leap 42.1
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.
CriticalCVE-2015-7187SUSE bug 952810CVE-2015-7188openSUSE Leap 42.1
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
ModerateCVE-2015-7188SUSE bug 952810CVE-2015-7189openSUSE Leap 42.1
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.
ModerateCVE-2015-7189SUSE bug 952810CVE-2015-7190openSUSE Leap 42.1
The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.
ModerateCVE-2015-7190SUSE bug 952810CVE-2015-7191openSUSE Leap 42.1
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."
ModerateCVE-2015-7191SUSE bug 952810CVE-2015-7192openSUSE Leap 42.1
The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.
CriticalCVE-2015-7192SUSE bug 952810CVE-2015-7193openSUSE Leap 42.1
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.
ModerateCVE-2015-7193SUSE bug 952810CVE-2015-7194openSUSE Leap 42.1
Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.
ModerateCVE-2015-7194SUSE bug 952810CVE-2015-7195openSUSE Leap 42.1
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.
CriticalCVE-2015-7195SUSE bug 952810CVE-2015-7196openSUSE Leap 42.1
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.
ModerateCVE-2015-7196SUSE bug 952810CVE-2015-7197openSUSE Leap 42.1
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.
ModerateCVE-2015-7197SUSE bug 952810CVE-2015-7198openSUSE Leap 42.1
Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.
ImportantCVE-2015-7198SUSE bug 952810CVE-2015-7199openSUSE Leap 42.1
The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.
CriticalCVE-2015-7199SUSE bug 952810CVE-2015-7200openSUSE Leap 42.1
The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.
CriticalCVE-2015-7200SUSE bug 952810CVE-2015-7201openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-7201SUSE bug 959277CVE-2015-7202openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2015-7202SUSE bug 959277CVE-2015-7203openSUSE Leap 42.1
Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.
ImportantCVE-2015-7203SUSE bug 959277CVE-2015-7204openSUSE Leap 42.1
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
ImportantCVE-2015-7204SUSE bug 959277CVE-2015-7205openSUSE Leap 42.1
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.
ModerateCVE-2015-7205SUSE bug 959277CVE-2015-7207openSUSE Leap 42.1
Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.
ImportantCVE-2015-7207SUSE bug 959277CVE-2015-7208openSUSE Leap 42.1
Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.
ImportantCVE-2015-7208SUSE bug 959277SUSE bug 963637SUSE bug 963637SUSE bug 963637SUSE bug 963637CVE-2015-7210openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
ImportantCVE-2015-7210SUSE bug 959277CVE-2015-7211openSUSE Leap 42.1
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
ImportantCVE-2015-7211SUSE bug 959277CVE-2015-7212openSUSE Leap 42.1
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
ModerateCVE-2015-7212SUSE bug 959277CVE-2015-7213openSUSE Leap 42.1
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
ModerateCVE-2015-7213SUSE bug 959277CVE-2015-7214openSUSE Leap 42.1
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
ModerateCVE-2015-7214SUSE bug 959277CVE-2015-7215openSUSE Leap 42.1
The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.
ImportantCVE-2015-7215SUSE bug 959277CVE-2015-7216openSUSE Leap 42.1
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
ImportantCVE-2015-7216SUSE bug 959277CVE-2015-7217openSUSE Leap 42.1
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.
ImportantCVE-2015-7217SUSE bug 959277CVE-2015-7218openSUSE Leap 42.1
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.
ImportantCVE-2015-7218SUSE bug 959277CVE-2015-7219openSUSE Leap 42.1
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation.
ImportantCVE-2015-7219SUSE bug 959277CVE-2015-7220openSUSE Leap 42.1
Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2015-7220SUSE bug 959277CVE-2015-7221openSUSE Leap 42.1
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
ImportantCVE-2015-7221SUSE bug 959277CVE-2015-7222openSUSE Leap 42.1
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
ModerateCVE-2015-7222SUSE bug 959277CVE-2015-7223openSUSE Leap 42.1
The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.
ImportantCVE-2015-7223SUSE bug 959277CVE-2015-7236openSUSE Leap 42.1
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
ImportantCVE-2015-7236SUSE bug 946204SUSE bug 946204SUSE bug 946204SUSE bug 946204SUSE bug 946204SUSE bug 946204SUSE bug 946204CVE-2015-7295openSUSE Leap 42.1
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface.
ModerateCVE-2015-7295SUSE bug 947159SUSE bug 947159SUSE bug 947159SUSE bug 947159SUSE bug 950367SUSE bug 950367SUSE bug 947159SUSE bug 947159SUSE bug 947159CVE-2015-7311openSUSE Leap 42.1
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
LowCVE-2015-7311SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 950367SUSE bug 950367SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165SUSE bug 947165CVE-2015-7384openSUSE Leap 42.1
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.
ImportantCVE-2015-7384SUSE bug 948602SUSE bug 948602CVE-2015-7497openSUSE Leap 42.1
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
ModerateCVE-2015-7497SUSE bug 957106SUSE bug 957106SUSE bug 957106SUSE bug 957106SUSE bug 957106SUSE bug 957106SUSE bug 959469SUSE bug 957106SUSE bug 957106SUSE bug 957106SUSE bug 957106CVE-2015-7498openSUSE Leap 42.1
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
ModerateCVE-2015-7498SUSE bug 957107SUSE bug 957107SUSE bug 957107SUSE bug 957107SUSE bug 957107SUSE bug 957107SUSE bug 959469SUSE bug 957107SUSE bug 957107SUSE bug 957107SUSE bug 957107CVE-2015-7499openSUSE Leap 42.1
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
ModerateCVE-2015-7499SUSE bug 957109SUSE bug 957109SUSE bug 957109SUSE bug 957109SUSE bug 957109SUSE bug 959469SUSE bug 957109SUSE bug 957109SUSE bug 957109SUSE bug 957109CVE-2015-7500openSUSE Leap 42.1
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
ModerateCVE-2015-7500SUSE bug 957110SUSE bug 957110SUSE bug 957110SUSE bug 957110SUSE bug 957110SUSE bug 959469SUSE bug 957110SUSE bug 957110SUSE bug 957110SUSE bug 957110CVE-2015-7504openSUSE Leap 42.1
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
ModerateCVE-2015-7504SUSE bug 956411SUSE bug 956411SUSE bug 956411SUSE bug 956411SUSE bug 956411SUSE bug 956411SUSE bug 956411CVE-2015-7511openSUSE Leap 42.1
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
ModerateCVE-2015-7511SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902SUSE bug 965902CVE-2015-7512openSUSE Leap 42.1
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
ImportantCVE-2015-7512SUSE bug 957162SUSE bug 957162SUSE bug 957162SUSE bug 957162SUSE bug 957162SUSE bug 957162SUSE bug 957162SUSE bug 962360SUSE bug 957162SUSE bug 957162SUSE bug 962360SUSE bug 962360SUSE bug 962360SUSE bug 962360SUSE bug 957162CVE-2015-7547openSUSE Leap 42.1
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
ImportantCVE-2015-7547SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 961721SUSE bug 967023SUSE bug 967061SUSE bug 967072SUSE bug 961721SUSE bug 967023SUSE bug 961721SUSE bug 967023SUSE bug 961721SUSE bug 967496SUSE bug 961721SUSE bug 967023SUSE bug 967496SUSE bug 961721SUSE bug 967023SUSE bug 847227SUSE bug 967023SUSE bug 967023SUSE bug 967023SUSE bug 969216SUSE bug 961721SUSE bug 961721SUSE bug 967023SUSE bug 969216SUSE bug 967023SUSE bug 967061SUSE bug 969216SUSE bug 967023SUSE bug 961721SUSE bug 967023SUSE bug 967061SUSE bug 967023SUSE bug 967061SUSE bug 969241SUSE bug 967023SUSE bug 967061SUSE bug 967023SUSE bug 967023SUSE bug 967023SUSE bug 967061SUSE bug 961721SUSE bug 969241SUSE bug 969241SUSE bug 986086SUSE bug 969241SUSE bug 969241SUSE bug 961721SUSE bug 1077097SUSE bug 969241SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097SUSE bug 1077097CVE-2015-7549openSUSE Leap 42.1
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
LowCVE-2015-7549SUSE bug 958917SUSE bug 958918SUSE bug 958917SUSE bug 958918SUSE bug 958917SUSE bug 958918SUSE bug 958918SUSE bug 958917SUSE bug 958918SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958918SUSE bug 958918SUSE bug 958917SUSE bug 958918SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958917SUSE bug 958918SUSE bug 958917CVE-2015-7550openSUSE Leap 42.1
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.
ModerateCVE-2015-7550SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 958951SUSE bug 1052256SUSE bug 1052256CVE-2015-7551openSUSE Leap 42.1
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.
ImportantCVE-2015-7551SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 939860SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 939860SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 959495SUSE bug 939860SUSE bug 959495CVE-2015-7552openSUSE Leap 42.1
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.
ImportantCVE-2015-7552SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963SUSE bug 958963CVE-2015-7554openSUSE Leap 42.1
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
ImportantCVE-2015-7554SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 983436SUSE bug 983436SUSE bug 1017690SUSE bug 1017690SUSE bug 983436SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341SUSE bug 960341CVE-2015-7555openSUSE Leap 42.1
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
ModerateCVE-2015-7555SUSE bug 960319SUSE bug 960319SUSE bug 960319SUSE bug 960319SUSE bug 960319CVE-2015-7560openSUSE Leap 42.1
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.
ImportantCVE-2015-7560SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222SUSE bug 968222CVE-2015-7575openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
ModerateCVE-2015-7575SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 959888SUSE bug 960996SUSE bug 959888SUSE bug 960996SUSE bug 960996SUSE bug 961280SUSE bug 961281SUSE bug 961282SUSE bug 961283SUSE bug 961284SUSE bug 961290SUSE bug 959888SUSE bug 960996SUSE bug 961284SUSE bug 961357SUSE bug 961284SUSE bug 961357SUSE bug 959888SUSE bug 960996SUSE bug 961284SUSE bug 960996SUSE bug 962743SUSE bug 959888SUSE bug 960996SUSE bug 960996SUSE bug 960996SUSE bug 960996SUSE bug 963937SUSE bug 960996SUSE bug 967521SUSE bug 959888SUSE bug 960996SUSE bug 960996SUSE bug 967521SUSE bug 960402SUSE bug 981087SUSE bug 961357SUSE bug 961357SUSE bug 960996SUSE bug 961357CVE-2015-7576openSUSE Leap 42.1
The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences.
ModerateCVE-2015-7576SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 963329SUSE bug 970715SUSE bug 963329SUSE bug 963329SUSE bug 963329CVE-2015-7577openSUSE Leap 42.1
activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature.
ModerateCVE-2015-7577SUSE bug 963330SUSE bug 963330SUSE bug 963330SUSE bug 963330SUSE bug 963330SUSE bug 963330SUSE bug 963330SUSE bug 963330CVE-2015-7578openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.
ImportantCVE-2015-7578SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326SUSE bug 963326CVE-2015-7579openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class.
ImportantCVE-2015-7579SUSE bug 963327SUSE bug 963327SUSE bug 963327SUSE bug 963326SUSE bug 963327SUSE bug 963328SUSE bug 963327SUSE bug 963327SUSE bug 963327CVE-2015-7580openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.
ImportantCVE-2015-7580SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963326SUSE bug 963327SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328SUSE bug 963328CVE-2015-7581openSUSE Leap 42.1
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
ModerateCVE-2015-7581SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335SUSE bug 963335CVE-2015-7673openSUSE Leap 42.1
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
ModerateCVE-2015-7673SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790SUSE bug 948790CVE-2015-7674openSUSE Leap 42.1
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
ModerateCVE-2015-7674SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791SUSE bug 948791CVE-2015-7691openSUSE Leap 42.1
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7691SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 992991SUSE bug 1010964CVE-2015-7692openSUSE Leap 42.1
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7692SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 992991SUSE bug 1010964CVE-2015-7701openSUSE Leap 42.1
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
ModerateCVE-2015-7701SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7702openSUSE Leap 42.1
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
ImportantCVE-2015-7702SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 992991SUSE bug 1010964CVE-2015-7703openSUSE Leap 42.1
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
ModerateCVE-2015-7703SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 943221SUSE bug 943221SUSE bug 943221SUSE bug 943218SUSE bug 943221SUSE bug 943218SUSE bug 943221SUSE bug 959243SUSE bug 959243SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 943219SUSE bug 943221SUSE bug 943216SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7704openSUSE Leap 42.1
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
ImportantCVE-2015-7704SUSE bug 951608SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 951608SUSE bug 959243SUSE bug 977446SUSE bug 952611SUSE bug 959243SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7705openSUSE Leap 42.1
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
ModerateCVE-2015-7705SUSE bug 951608SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 951608SUSE bug 959243SUSE bug 952611SUSE bug 959243SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 952611SUSE bug 951608SUSE bug 952611SUSE bug 952611SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7744openSUSE Leap 42.1
wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.
ImportantCVE-2015-7744SUSE bug 962779SUSE bug 962950SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962950SUSE bug 962950CVE-2015-7747openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2015-7747SUSE bug 949399SUSE bug 949399SUSE bug 949399SUSE bug 949399SUSE bug 949399SUSE bug 949399SUSE bug 949399SUSE bug 949399CVE-2015-7758openSUSE Leap 42.1
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.
ModerateCVE-2015-7758SUSE bug 949682SUSE bug 949682SUSE bug 949682SUSE bug 949682SUSE bug 949682CVE-2015-7799openSUSE Leap 42.1
The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.
LowCVE-2015-7799SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 951638SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 949936SUSE bug 1052256SUSE bug 1052256CVE-2015-7803openSUSE Leap 42.1
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
ModerateCVE-2015-7803SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 949961SUSE bug 980366SUSE bug 949961CVE-2015-7805openSUSE Leap 42.1
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
ImportantCVE-2015-7805SUSE bug 953516SUSE bug 953516SUSE bug 953516SUSE bug 953516CVE-2015-7830openSUSE Leap 42.1
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.
ModerateCVE-2015-7830SUSE bug 950437SUSE bug 950437SUSE bug 950437SUSE bug 950437SUSE bug 950437SUSE bug 950437SUSE bug 950437SUSE bug 960382SUSE bug 950437SUSE bug 950437SUSE bug 950437CVE-2015-7835openSUSE Leap 42.1
The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.
ImportantCVE-2015-7835SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 940929SUSE bug 947159SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 950367SUSE bug 950367CVE-2015-7848openSUSE Leap 42.1
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.
ModerateCVE-2015-7848SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7849openSUSE Leap 42.1
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
ImportantCVE-2015-7849SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7850openSUSE Leap 42.1
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
ModerateCVE-2015-7850SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7851openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-7851SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7852openSUSE Leap 42.1
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
ModerateCVE-2015-7852SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7853openSUSE Leap 42.1
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
ModerateCVE-2015-7853SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7854openSUSE Leap 42.1
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
ModerateCVE-2015-7854SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7855openSUSE Leap 42.1
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
ModerateCVE-2015-7855SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 959243SUSE bug 959243SUSE bug 951608SUSE bug 992991SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7871openSUSE Leap 42.1
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
ImportantCVE-2015-7871SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 952606SUSE bug 952606SUSE bug 951608SUSE bug 951608SUSE bug 952606SUSE bug 959243SUSE bug 951608SUSE bug 951608SUSE bug 952606SUSE bug 1010964SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-7872openSUSE Leap 42.1
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.
ImportantCVE-2015-7872SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 958463SUSE bug 951440SUSE bug 951638SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951542SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951542SUSE bug 951542SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951542SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951440SUSE bug 951440CVE-2015-7873openSUSE Leap 42.1
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter.
ModerateCVE-2015-7873SUSE bug 951960SUSE bug 951960SUSE bug 951960CVE-2015-7884openSUSE Leap 42.1
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
LowCVE-2015-7884SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626SUSE bug 951626CVE-2015-7885openSUSE Leap 42.1
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
LowCVE-2015-7885SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627SUSE bug 951627CVE-2015-7940openSUSE Leap 42.1
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
ImportantCVE-2015-7940SUSE bug 951727CVE-2015-7941openSUSE Leap 42.1
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
LowCVE-2015-7941SUSE bug 951734SUSE bug 951735SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734SUSE bug 951734CVE-2015-7942openSUSE Leap 42.1
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
LowCVE-2015-7942SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735SUSE bug 951735CVE-2015-7969openSUSE Leap 42.1
Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall.
ModerateCVE-2015-7969SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705SUSE bug 950703SUSE bug 950705CVE-2015-7970openSUSE Leap 42.1
The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand.
ModerateCVE-2015-7970SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704SUSE bug 950704CVE-2015-7971openSUSE Leap 42.1
Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c.
LowCVE-2015-7971SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706SUSE bug 950706CVE-2015-7972openSUSE Leap 42.1
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure."
ModerateCVE-2015-7972SUSE bug 951845SUSE bug 951845SUSE bug 951845SUSE bug 951845SUSE bug 950704SUSE bug 951845SUSE bug 950704SUSE bug 951845CVE-2015-7973openSUSE Leap 42.1
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
ModerateCVE-2015-7973SUSE bug 962995SUSE bug 962995SUSE bug 962995SUSE bug 975578SUSE bug 962995SUSE bug 962995SUSE bug 959243SUSE bug 962995SUSE bug 962995CVE-2015-7974openSUSE Leap 42.1
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
LowCVE-2015-7974SUSE bug 962960SUSE bug 962960SUSE bug 962960SUSE bug 962960SUSE bug 975578SUSE bug 962960SUSE bug 962995SUSE bug 959243SUSE bug 962960SUSE bug 962960CVE-2015-7975openSUSE Leap 42.1
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
LowCVE-2015-7975SUSE bug 962988SUSE bug 962988SUSE bug 962988SUSE bug 975578SUSE bug 962988SUSE bug 962995SUSE bug 959243SUSE bug 962988SUSE bug 962988CVE-2015-7976openSUSE Leap 42.1
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
LowCVE-2015-7976SUSE bug 962802SUSE bug 962802SUSE bug 962802SUSE bug 962802SUSE bug 975578SUSE bug 962802SUSE bug 962995SUSE bug 962802SUSE bug 962802CVE-2015-7977openSUSE Leap 42.1
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
ModerateCVE-2015-7977SUSE bug 962970SUSE bug 962970SUSE bug 962970SUSE bug 962970SUSE bug 975578SUSE bug 962970SUSE bug 962995SUSE bug 959243SUSE bug 962970SUSE bug 962970CVE-2015-7978openSUSE Leap 42.1
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
ModerateCVE-2015-7978SUSE bug 962970SUSE bug 963000SUSE bug 963000SUSE bug 962970SUSE bug 963000SUSE bug 963000SUSE bug 975578SUSE bug 963000SUSE bug 962995SUSE bug 959243SUSE bug 963000SUSE bug 963000CVE-2015-7979openSUSE Leap 42.1
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
ModerateCVE-2015-7979SUSE bug 962784SUSE bug 962784SUSE bug 962784SUSE bug 962784SUSE bug 975578SUSE bug 962784SUSE bug 962995SUSE bug 959243SUSE bug 962784SUSE bug 962784SUSE bug 977459SUSE bug 982065CVE-2015-7981openSUSE Leap 42.1
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
ModerateCVE-2015-7981SUSE bug 952051SUSE bug 952051SUSE bug 952051SUSE bug 952051SUSE bug 952051SUSE bug 952051SUSE bug 963937SUSE bug 960402CVE-2015-7990openSUSE Leap 42.1
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.
LowCVE-2015-7990SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 952384SUSE bug 952384SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 953052SUSE bug 953052SUSE bug 945825SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384SUSE bug 952384CVE-2015-8000openSUSE Leap 42.1
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
ImportantCVE-2015-8000SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 958861SUSE bug 944066SUSE bug 958861SUSE bug 958861SUSE bug 958861CVE-2015-8010openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
ModerateCVE-2015-8010SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777SUSE bug 952777CVE-2015-8023openSUSE Leap 42.1
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.
ImportantCVE-2015-8023SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817SUSE bug 953817CVE-2015-8025openSUSE Leap 42.1
driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.
ImportantCVE-2015-8025SUSE bug 952062SUSE bug 952062SUSE bug 952062SUSE bug 952062SUSE bug 952062SUSE bug 952062SUSE bug 952062SUSE bug 952062CVE-2015-8027openSUSE Leap 42.1
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
ModerateCVE-2015-8027SUSE bug 956901SUSE bug 956901CVE-2015-8035openSUSE Leap 42.1
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
LowCVE-2015-8035SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 954429SUSE bug 1088279SUSE bug 1088279SUSE bug 1088279CVE-2015-8041openSUSE Leap 42.1
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
LowCVE-2015-8041SUSE bug 937419SUSE bug 937419SUSE bug 937419SUSE bug 937419CVE-2015-8075openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2015-8075SUSE bug 953519SUSE bug 953519SUSE bug 953519SUSE bug 953519SUSE bug 953519SUSE bug 953519CVE-2015-8077openSUSE Leap 42.1
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.
ModerateCVE-2015-8077SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 981670SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954201SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954200SUSE bug 954200CVE-2015-8078openSUSE Leap 42.1
Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076.
ModerateCVE-2015-8078SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 981670SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201SUSE bug 954201CVE-2015-8080openSUSE Leap 42.1
Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.
ImportantCVE-2015-8080SUSE bug 954199SUSE bug 954199SUSE bug 954199CVE-2015-8104openSUSE Leap 42.1
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
ModerateCVE-2015-8104SUSE bug 953527SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954405SUSE bug 954405SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954405SUSE bug 954404SUSE bug 962977SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954404SUSE bug 954018SUSE bug 954405SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954404SUSE bug 954404SUSE bug 954405SUSE bug 954405SUSE bug 954405SUSE bug 954404CVE-2015-8126openSUSE Leap 42.1
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
ImportantCVE-2015-8126SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 958198SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 962743SUSE bug 963937SUSE bug 960402SUSE bug 954980SUSE bug 954980SUSE bug 954980SUSE bug 958198SUSE bug 969333CVE-2015-8138openSUSE Leap 42.1
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
ModerateCVE-2015-8138SUSE bug 963002SUSE bug 963002SUSE bug 951608SUSE bug 963002SUSE bug 963002SUSE bug 975578SUSE bug 963002SUSE bug 977446SUSE bug 959243SUSE bug 951608SUSE bug 963002SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 963002SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 974668SUSE bug 951608SUSE bug 974668SUSE bug 951608SUSE bug 951608SUSE bug 951608SUSE bug 951608CVE-2015-8139openSUSE Leap 42.1
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
ImportantCVE-2015-8139SUSE bug 962997SUSE bug 975578SUSE bug 959243SUSE bug 959243SUSE bug 959243SUSE bug 1010964CVE-2015-8140openSUSE Leap 42.1
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
ModerateCVE-2015-8140SUSE bug 962994SUSE bug 975578SUSE bug 959243SUSE bug 959243SUSE bug 959243SUSE bug 1010964CVE-2015-8158openSUSE Leap 42.1
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
LowCVE-2015-8158SUSE bug 962966SUSE bug 962966SUSE bug 962966SUSE bug 975578SUSE bug 962966SUSE bug 959243SUSE bug 962966SUSE bug 962966SUSE bug 962966CVE-2015-8216openSUSE Leap 42.1
The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.
ImportantCVE-2015-8216SUSE bug 955346SUSE bug 955346SUSE bug 955346CVE-2015-8217openSUSE Leap 42.1
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data.
ImportantCVE-2015-8217SUSE bug 955347SUSE bug 955347SUSE bug 955347CVE-2015-8218openSUSE Leap 42.1
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.
ImportantCVE-2015-8218SUSE bug 955348SUSE bug 955348SUSE bug 955348CVE-2015-8219openSUSE Leap 42.1
The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2015-8219SUSE bug 955350SUSE bug 955350SUSE bug 955350CVE-2015-8241openSUSE Leap 42.1
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
ModerateCVE-2015-8241SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 959469SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 956018SUSE bug 956018CVE-2015-8242openSUSE Leap 42.1
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
ModerateCVE-2015-8242SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 959469SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 956021SUSE bug 956021CVE-2015-8317openSUSE Leap 42.1
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
ModerateCVE-2015-8317SUSE bug 956260SUSE bug 956260SUSE bug 956260SUSE bug 956260SUSE bug 956260SUSE bug 956260SUSE bug 959469SUSE bug 956260SUSE bug 956260SUSE bug 956260SUSE bug 956260CVE-2015-8325openSUSE Leap 42.1
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
ModerateCVE-2015-8325SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 996040SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 1016709SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865SUSE bug 975865CVE-2015-8327openSUSE Leap 42.1
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
ModerateCVE-2015-8327SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 957531SUSE bug 1027197SUSE bug 957531SUSE bug 957531SUSE bug 957531CVE-2015-8339openSUSE Leap 42.1
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
ImportantCVE-2015-8339SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408CVE-2015-8340openSUSE Leap 42.1
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling.
ImportantCVE-2015-8340SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408SUSE bug 956408CVE-2015-8341openSUSE Leap 42.1
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.
ModerateCVE-2015-8341SUSE bug 956409SUSE bug 956409SUSE bug 956409SUSE bug 956409CVE-2015-8345openSUSE Leap 42.1
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
ModerateCVE-2015-8345SUSE bug 956829SUSE bug 956832SUSE bug 956829SUSE bug 956832SUSE bug 956829SUSE bug 956832SUSE bug 956832SUSE bug 956829SUSE bug 956829SUSE bug 956832SUSE bug 956829SUSE bug 956829SUSE bug 956829SUSE bug 956829SUSE bug 956832SUSE bug 956829SUSE bug 956829SUSE bug 956829SUSE bug 956829SUSE bug 956832SUSE bug 956832CVE-2015-8363openSUSE Leap 42.1
The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers.
ImportantCVE-2015-8363SUSE bug 957114SUSE bug 957114CVE-2015-8364openSUSE Leap 42.1
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data.
ImportantCVE-2015-8364SUSE bug 957115SUSE bug 957115CVE-2015-8365openSUSE Leap 42.1
The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data.
ImportantCVE-2015-8365SUSE bug 957116SUSE bug 957116CVE-2015-8367openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2015-8367SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 1006704SUSE bug 1006717SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517SUSE bug 957517CVE-2015-8369openSUSE Leap 42.1
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
ModerateCVE-2015-8369SUSE bug 958863SUSE bug 958863SUSE bug 958863SUSE bug 958977SUSE bug 960678SUSE bug 958863SUSE bug 958863CVE-2015-8370openSUSE Leap 42.1
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.
ImportantCVE-2015-8370SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631SUSE bug 956631CVE-2015-8377openSUSE Leap 42.1
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
ImportantCVE-2015-8377SUSE bug 958977SUSE bug 958977SUSE bug 960678SUSE bug 958863SUSE bug 958977SUSE bug 960678SUSE bug 958977SUSE bug 958977CVE-2015-8380openSUSE Leap 42.1
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8380SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566SUSE bug 957566CVE-2015-8381openSUSE Leap 42.1
The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ patterns, and related patterns with certain group references, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8381SUSE bug 957598SUSE bug 957598SUSE bug 906574SUSE bug 957598SUSE bug 958373SUSE bug 906574SUSE bug 957598SUSE bug 958373CVE-2015-8382openSUSE Leap 42.1
The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.
ModerateCVE-2015-8382SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8383openSUSE Leap 42.1
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ImportantCVE-2015-8383SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8384openSUSE Leap 42.1
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.
ImportantCVE-2015-8384SUSE bug 957598SUSE bug 957598SUSE bug 906574SUSE bug 957598SUSE bug 958373SUSE bug 906574SUSE bug 957598SUSE bug 958373CVE-2015-8385openSUSE Leap 42.1
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ImportantCVE-2015-8385SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8386openSUSE Leap 42.1
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8386SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8387openSUSE Leap 42.1
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8387SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8388openSUSE Leap 42.1
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8388SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 936227SUSE bug 957598SUSE bug 958373SUSE bug 936227CVE-2015-8389openSUSE Leap 42.1
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8389SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8390openSUSE Leap 42.1
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8390SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8391openSUSE Leap 42.1
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8391SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8392openSUSE Leap 42.1
PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395.
ImportantCVE-2015-8392SUSE bug 957598SUSE bug 957598SUSE bug 906574SUSE bug 957598SUSE bug 958373SUSE bug 906574SUSE bug 957598SUSE bug 958373CVE-2015-8393openSUSE Leap 42.1
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
ModerateCVE-2015-8393SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8394openSUSE Leap 42.1
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2015-8394SUSE bug 957598SUSE bug 957598SUSE bug 957598SUSE bug 958373SUSE bug 957598SUSE bug 958373CVE-2015-8395openSUSE Leap 42.1
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392.
ModerateCVE-2015-8395SUSE bug 957598SUSE bug 957598SUSE bug 906574SUSE bug 957598SUSE bug 958373SUSE bug 906574SUSE bug 957598SUSE bug 958373CVE-2015-8400openSUSE Leap 42.1
The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.
ImportantCVE-2015-8400SUSE bug 957748SUSE bug 957748SUSE bug 957748SUSE bug 957748SUSE bug 957748SUSE bug 957748CVE-2015-8467openSUSE Leap 42.1
The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.
ModerateCVE-2015-8467SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585SUSE bug 958585CVE-2015-8472openSUSE Leap 42.1
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.
ModerateCVE-2015-8472SUSE bug 958198SUSE bug 958198SUSE bug 958198SUSE bug 958198SUSE bug 958198SUSE bug 963937SUSE bug 960402SUSE bug 954980SUSE bug 958198CVE-2015-8504openSUSE Leap 42.1
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
ModerateCVE-2015-8504SUSE bug 958491SUSE bug 958493SUSE bug 958491SUSE bug 958493SUSE bug 958491SUSE bug 958493SUSE bug 958491SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958491SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958493SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958493SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958491SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958491SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958493SUSE bug 958491SUSE bug 958493CVE-2015-8539openSUSE Leap 42.1
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.
ImportantCVE-2015-8539SUSE bug 958463SUSE bug 958601SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958601SUSE bug 958463SUSE bug 958463SUSE bug 958601SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958601SUSE bug 958601SUSE bug 958601SUSE bug 958601SUSE bug 958601SUSE bug 958463SUSE bug 958601SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958601SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 781018SUSE bug 958463SUSE bug 781018SUSE bug 958463SUSE bug 781018SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 781018SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463SUSE bug 958463CVE-2015-8540openSUSE Leap 42.1
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
ModerateCVE-2015-8540SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 963937SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791SUSE bug 958791CVE-2015-8543openSUSE Leap 42.1
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
ModerateCVE-2015-8543SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 963994SUSE bug 958886SUSE bug 963994SUSE bug 958886SUSE bug 958886SUSE bug 963994SUSE bug 958886SUSE bug 963994SUSE bug 923755SUSE bug 958886SUSE bug 963994SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 969522SUSE bug 969522SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 969522SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 958886SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 958886SUSE bug 958886SUSE bug 969522SUSE bug 969522SUSE bug 969522SUSE bug 958886SUSE bug 1052256SUSE bug 1052256CVE-2015-8547openSUSE Leap 42.1
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
ModerateCVE-2015-8547SUSE bug 958928SUSE bug 958928SUSE bug 958928SUSE bug 958928SUSE bug 958928CVE-2015-8550openSUSE Leap 42.1
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
ImportantCVE-2015-8550SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 957988SUSE bug 1052256SUSE bug 1052256SUSE bug 1052256SUSE bug 957988SUSE bug 957988SUSE bug 957988CVE-2015-8551openSUSE Leap 42.1
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."
ModerateCVE-2015-8551SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 990058SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990CVE-2015-8552openSUSE Leap 42.1
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."
ModerateCVE-2015-8552SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 990058SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990SUSE bug 957990CVE-2015-8554openSUSE Leap 42.1
Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a "write path."
ImportantCVE-2015-8554SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007SUSE bug 958007CVE-2015-8555openSUSE Leap 42.1
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.
LowCVE-2015-8555SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009SUSE bug 958009CVE-2015-8558openSUSE Leap 42.1
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
LowCVE-2015-8558SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959006SUSE bug 959006SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959006SUSE bug 976109SUSE bug 976111SUSE bug 959005SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959005SUSE bug 959006SUSE bug 959005SUSE bug 959006SUSE bug 959006CVE-2015-8567openSUSE Leap 42.1
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
LowCVE-2015-8567SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959386SUSE bug 959386SUSE bug 959387SUSE bug 959386CVE-2015-8568openSUSE Leap 42.1
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
LowCVE-2015-8568SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959387SUSE bug 959386SUSE bug 959387SUSE bug 959386SUSE bug 959386SUSE bug 959386SUSE bug 959387SUSE bug 959386CVE-2015-8569openSUSE Leap 42.1
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
LowCVE-2015-8569SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 963994SUSE bug 959190SUSE bug 963994SUSE bug 959190SUSE bug 959190SUSE bug 963994SUSE bug 959190SUSE bug 963994SUSE bug 923755SUSE bug 959190SUSE bug 963994SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959399SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190SUSE bug 959190CVE-2015-8575openSUSE Leap 42.1
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
ModerateCVE-2015-8575SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959190SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959190SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399SUSE bug 959399CVE-2015-8604openSUSE Leap 42.1
SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.
ModerateCVE-2015-8604SUSE bug 960678SUSE bug 960678SUSE bug 960678SUSE bug 960678CVE-2015-8605openSUSE Leap 42.1
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
ModerateCVE-2015-8605SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305SUSE bug 961305CVE-2015-8613openSUSE Leap 42.1
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
LowCVE-2015-8613SUSE bug 961358SUSE bug 961556SUSE bug 961358SUSE bug 961556SUSE bug 961556SUSE bug 961358SUSE bug 961358SUSE bug 961358CVE-2015-8614openSUSE Leap 42.1
Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion.
ModerateCVE-2015-8614SUSE bug 959993SUSE bug 959993SUSE bug 959993SUSE bug 959993SUSE bug 960566SUSE bug 959993CVE-2015-8618openSUSE Leap 42.1
The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.
LowCVE-2015-8618SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 960151SUSE bug 957814CVE-2015-8619openSUSE Leap 42.1
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
LowCVE-2015-8619SUSE bug 960334SUSE bug 960334SUSE bug 960334SUSE bug 960334SUSE bug 965269SUSE bug 965269SUSE bug 960334SUSE bug 965269SUSE bug 965269CVE-2015-8629openSUSE Leap 42.1
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
LowCVE-2015-8629SUSE bug 963968SUSE bug 963968SUSE bug 963968SUSE bug 963968SUSE bug 963968SUSE bug 963968SUSE bug 770172CVE-2015-8630openSUSE Leap 42.1
The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.
LowCVE-2015-8630SUSE bug 963964SUSE bug 963964SUSE bug 963964SUSE bug 963964SUSE bug 963964CVE-2015-8631openSUSE Leap 42.1
Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.
ModerateCVE-2015-8631SUSE bug 963975SUSE bug 963975SUSE bug 963975SUSE bug 963975SUSE bug 963975SUSE bug 963975SUSE bug 963975CVE-2015-8661openSUSE Leap 42.1
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data.
ImportantCVE-2015-8661SUSE bug 960385SUSE bug 960385SUSE bug 960385SUSE bug 960385CVE-2015-8662openSUSE Leap 42.1
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2015-8662SUSE bug 960384SUSE bug 960384SUSE bug 960384SUSE bug 960384CVE-2015-8663openSUSE Leap 42.1
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file.
ImportantCVE-2015-8663SUSE bug 960383SUSE bug 960383SUSE bug 960383SUSE bug 960383CVE-2015-8669openSUSE Leap 42.1
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
ModerateCVE-2015-8669SUSE bug 960282SUSE bug 960282SUSE bug 960282SUSE bug 960282CVE-2015-8688openSUSE Leap 42.1
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
ModerateCVE-2015-8688SUSE bug 960668SUSE bug 960668SUSE bug 1014976CVE-2015-8704openSUSE Leap 42.1
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
ImportantCVE-2015-8704SUSE bug 962189SUSE bug 962190SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189SUSE bug 962189CVE-2015-8709openSUSE Leap 42.1
** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."
ImportantCVE-2015-8709SUSE bug 960561SUSE bug 960561SUSE bug 960561SUSE bug 960561SUSE bug 960563SUSE bug 959709SUSE bug 960561SUSE bug 960563SUSE bug 960561SUSE bug 960563SUSE bug 960561SUSE bug 960563SUSE bug 960563SUSE bug 960563SUSE bug 960563SUSE bug 960563SUSE bug 960561SUSE bug 960563SUSE bug 960563SUSE bug 960563SUSE bug 1010933CVE-2015-8710openSUSE Leap 42.1
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
ModerateCVE-2015-8710SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674SUSE bug 960674CVE-2015-8711openSUSE Leap 42.1
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2015-8711SUSE bug 960382CVE-2015-8712openSUSE Leap 42.1
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8712SUSE bug 960382CVE-2015-8713openSUSE Leap 42.1
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
ModerateCVE-2015-8713SUSE bug 960382CVE-2015-8714openSUSE Leap 42.1
The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8714SUSE bug 960382CVE-2015-8715openSUSE Leap 42.1
epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2015-8715SUSE bug 960382CVE-2015-8716openSUSE Leap 42.1
The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8716SUSE bug 960382CVE-2015-8717openSUSE Leap 42.1
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8717SUSE bug 960382CVE-2015-8718openSUSE Leap 42.1
Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8718SUSE bug 960382CVE-2015-8719openSUSE Leap 42.1
The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8719SUSE bug 960382CVE-2015-8720openSUSE Leap 42.1
The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2015-8720SUSE bug 960382CVE-2015-8721openSUSE Leap 42.1
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
ModerateCVE-2015-8721SUSE bug 960382CVE-2015-8722openSUSE Leap 42.1
epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2015-8722SUSE bug 960382CVE-2015-8723openSUSE Leap 42.1
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8723SUSE bug 960382CVE-2015-8724openSUSE Leap 42.1
The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8724SUSE bug 960382CVE-2015-8725openSUSE Leap 42.1
The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8725SUSE bug 960382CVE-2015-8726openSUSE Leap 42.1
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8726SUSE bug 960382CVE-2015-8727openSUSE Leap 42.1
The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
ModerateCVE-2015-8727SUSE bug 960382CVE-2015-8728openSUSE Leap 42.1
The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
ModerateCVE-2015-8728SUSE bug 960382CVE-2015-8729openSUSE Leap 42.1
The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8729SUSE bug 960382CVE-2015-8730openSUSE Leap 42.1
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
ModerateCVE-2015-8730SUSE bug 960382CVE-2015-8731openSUSE Leap 42.1
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8731SUSE bug 960382CVE-2015-8732openSUSE Leap 42.1
The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
ModerateCVE-2015-8732SUSE bug 960382CVE-2015-8733openSUSE Leap 42.1
The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
ModerateCVE-2015-8733SUSE bug 960382CVE-2015-8743openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.
ModerateCVE-2015-8743SUSE bug 960725SUSE bug 960726SUSE bug 960725SUSE bug 960726SUSE bug 960726SUSE bug 960725SUSE bug 960726SUSE bug 960726SUSE bug 960725SUSE bug 960726CVE-2015-8744openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2015-8744SUSE bug 960835SUSE bug 960836SUSE bug 960835SUSE bug 960836SUSE bug 960836SUSE bug 960835SUSE bug 960836SUSE bug 960835SUSE bug 960836SUSE bug 960835CVE-2015-8745openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2015-8745SUSE bug 960707SUSE bug 960708SUSE bug 960708SUSE bug 960707SUSE bug 960708SUSE bug 960707SUSE bug 960708SUSE bug 960708SUSE bug 960707SUSE bug 960707SUSE bug 960708SUSE bug 960707CVE-2015-8767openSUSE Leap 42.1
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
LowCVE-2015-8767SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509SUSE bug 961509CVE-2015-8770openSUSE Leap 42.1
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. (dot dot) in the _skin parameter to index.php.
ImportantCVE-2015-8770SUSE bug 962067SUSE bug 962067CVE-2015-8776openSUSE Leap 42.1
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
LowCVE-2015-8776SUSE bug 962736SUSE bug 962736SUSE bug 962736SUSE bug 962736SUSE bug 962736SUSE bug 962736SUSE bug 962736SUSE bug 986086SUSE bug 962736CVE-2015-8777openSUSE Leap 42.1
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
LowCVE-2015-8777SUSE bug 950944SUSE bug 962735SUSE bug 950944SUSE bug 962735SUSE bug 950944SUSE bug 950944SUSE bug 950944SUSE bug 950944SUSE bug 962735SUSE bug 962735SUSE bug 950944CVE-2015-8778openSUSE Leap 42.1
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
LowCVE-2015-8778SUSE bug 962737SUSE bug 962737SUSE bug 962737SUSE bug 962737SUSE bug 962737SUSE bug 962737SUSE bug 962737SUSE bug 986086SUSE bug 962737CVE-2015-8779openSUSE Leap 42.1
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
ModerateCVE-2015-8779SUSE bug 962739SUSE bug 962739SUSE bug 962739SUSE bug 962739SUSE bug 962739SUSE bug 965453SUSE bug 965453SUSE bug 965453SUSE bug 962739SUSE bug 965453SUSE bug 965453SUSE bug 962739SUSE bug 986086CVE-2015-8781openSUSE Leap 42.1
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.
ModerateCVE-2015-8781SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964225CVE-2015-8782openSUSE Leap 42.1
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.
ModerateCVE-2015-8782SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964225CVE-2015-8783openSUSE Leap 42.1
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
ModerateCVE-2015-8783SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964213SUSE bug 964225SUSE bug 964225SUSE bug 964225CVE-2015-8785openSUSE Leap 42.1
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.
LowCVE-2015-8785SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765SUSE bug 963765CVE-2015-8787openSUSE Leap 42.1
The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604.
ModerateCVE-2015-8787SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931SUSE bug 963931CVE-2015-8803openSUSE Leap 42.1
The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.
ModerateCVE-2015-8803SUSE bug 964845SUSE bug 964845SUSE bug 964845SUSE bug 964845CVE-2015-8804openSUSE Leap 42.1
x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
ModerateCVE-2015-8804SUSE bug 964847SUSE bug 964847SUSE bug 964847SUSE bug 964847CVE-2015-8805openSUSE Leap 42.1
The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8803.
ModerateCVE-2015-8805SUSE bug 964849SUSE bug 964849SUSE bug 964849SUSE bug 964849CVE-2015-8806openSUSE Leap 42.1
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
ModerateCVE-2015-8806SUSE bug 965283SUSE bug 965283SUSE bug 965283SUSE bug 981114SUSE bug 963963SUSE bug 965283SUSE bug 965283SUSE bug 965283SUSE bug 965283CVE-2015-8812openSUSE Leap 42.1
drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.
ModerateCVE-2015-8812SUSE bug 966437SUSE bug 966437SUSE bug 966683SUSE bug 966437SUSE bug 966683SUSE bug 966683SUSE bug 966437SUSE bug 966437SUSE bug 966683SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966683SUSE bug 966437SUSE bug 966683SUSE bug 966437SUSE bug 966683SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437SUSE bug 966437CVE-2015-8817openSUSE Leap 42.1
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
ModerateCVE-2015-8817SUSE bug 969121SUSE bug 969122SUSE bug 969125SUSE bug 969126SUSE bug 969121SUSE bug 969125SUSE bug 969125SUSE bug 969121SUSE bug 969125SUSE bug 969126SUSE bug 969121SUSE bug 969121SUSE bug 969125SUSE bug 969121CVE-2015-8818openSUSE Leap 42.1
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
ModerateCVE-2015-8818SUSE bug 969122SUSE bug 969126SUSE bug 969122SUSE bug 969126SUSE bug 969126SUSE bug 969122SUSE bug 969125SUSE bug 969126SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969122SUSE bug 969126SUSE bug 969122CVE-2015-8833openSUSE Leap 42.1
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
ImportantCVE-2015-8833SUSE bug 970498SUSE bug 970498SUSE bug 970498SUSE bug 970498SUSE bug 970498SUSE bug 970498SUSE bug 970498CVE-2015-8835openSUSE Leap 42.1
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c.
ModerateCVE-2015-8835SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 980366SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351SUSE bug 973351CVE-2015-8838openSUSE Leap 42.1
ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.
ModerateCVE-2015-8838SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 973792SUSE bug 980366SUSE bug 973792SUSE bug 973792CVE-2015-8842openSUSE Leap 42.1
tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.
LowCVE-2015-8842SUSE bug 972612SUSE bug 972612CVE-2015-8853openSUSE Leap 42.1
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
ModerateCVE-2015-8853SUSE bug 976584SUSE bug 976584SUSE bug 976584SUSE bug 976584SUSE bug 976584SUSE bug 976584SUSE bug 997948SUSE bug 997950SUSE bug 976584SUSE bug 997948SUSE bug 997950SUSE bug 976584CVE-2015-8863openSUSE Leap 42.1
Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.
ModerateCVE-2015-8863SUSE bug 976992SUSE bug 976992SUSE bug 976992SUSE bug 1014176SUSE bug 976992SUSE bug 976992SUSE bug 976992CVE-2015-8864openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.
ModerateCVE-2015-8864SUSE bug 976988SUSE bug 976988CVE-2015-8866openSUSE Leap 42.1
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161.
ImportantCVE-2015-8866SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 980366SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996SUSE bug 976996CVE-2015-8867openSUSE Leap 42.1
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
ImportantCVE-2015-8867SUSE bug 977005SUSE bug 977005SUSE bug 977005SUSE bug 977005SUSE bug 977005SUSE bug 977005SUSE bug 980366CVE-2015-8868openSUSE Leap 42.1
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
ModerateCVE-2015-8868SUSE bug 976844SUSE bug 976844SUSE bug 976844SUSE bug 976844SUSE bug 976844SUSE bug 976844CVE-2015-8869openSUSE Leap 42.1
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
ModerateCVE-2015-8869SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990SUSE bug 977990CVE-2015-8872openSUSE Leap 42.1
The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."
ModerateCVE-2015-8872SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364SUSE bug 980364CVE-2015-8873openSUSE Leap 42.1
Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls.
ModerateCVE-2015-8873SUSE bug 980373SUSE bug 980373SUSE bug 980373SUSE bug 980366SUSE bug 980373SUSE bug 980373SUSE bug 980373CVE-2015-8874openSUSE Leap 42.1
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
ModerateCVE-2015-8874SUSE bug 980375SUSE bug 980375SUSE bug 980366SUSE bug 980375SUSE bug 980375SUSE bug 980375CVE-2015-8876openSUSE Leap 42.1
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
ModerateCVE-2015-8876SUSE bug 981049SUSE bug 981049SUSE bug 981049SUSE bug 981049SUSE bug 981049SUSE bug 1019550CVE-2015-8877openSUSE Leap 42.1
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
ModerateCVE-2015-8877SUSE bug 981061SUSE bug 981061SUSE bug 981061SUSE bug 981061CVE-2015-8879openSUSE Leap 42.1
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
ModerateCVE-2015-8879SUSE bug 981050SUSE bug 981050SUSE bug 981050SUSE bug 981050CVE-2015-8894openSUSE Leap 42.1
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
ModerateCVE-2015-8894SUSE bug 982969SUSE bug 982969SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983533SUSE bug 983533SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523SUSE bug 983523CVE-2015-8895openSUSE Leap 42.1
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
ModerateCVE-2015-8895SUSE bug 982969SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527SUSE bug 983527CVE-2015-8896openSUSE Leap 42.1
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
ModerateCVE-2015-8896SUSE bug 982969SUSE bug 982969SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533SUSE bug 983533CVE-2015-8897openSUSE Leap 42.1
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
ModerateCVE-2015-8897SUSE bug 982969SUSE bug 982969SUSE bug 983739SUSE bug 982969SUSE bug 983739SUSE bug 983746SUSE bug 982969SUSE bug 983739SUSE bug 982969SUSE bug 983739SUSE bug 983739SUSE bug 983739SUSE bug 983746SUSE bug 983739SUSE bug 983739SUSE bug 983739SUSE bug 983739SUSE bug 983739SUSE bug 983739CVE-2015-8898openSUSE Leap 42.1
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
ModerateCVE-2015-8898SUSE bug 982969SUSE bug 982969SUSE bug 983739SUSE bug 983746SUSE bug 982969SUSE bug 983746SUSE bug 982969SUSE bug 983739SUSE bug 982969SUSE bug 983746SUSE bug 983746SUSE bug 983739SUSE bug 983746SUSE bug 983746SUSE bug 983746SUSE bug 983746SUSE bug 983746SUSE bug 983746SUSE bug 983746CVE-2015-8899openSUSE Leap 42.1
Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally.
ImportantCVE-2015-8899SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273SUSE bug 983273CVE-2015-8900openSUSE Leap 42.1
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
ModerateCVE-2015-8900SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232SUSE bug 983232CVE-2015-8901openSUSE Leap 42.1
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
ModerateCVE-2015-8901SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234SUSE bug 983234CVE-2015-8902openSUSE Leap 42.1
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
ModerateCVE-2015-8902SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 983253SUSE bug 1052711CVE-2015-8903openSUSE Leap 42.1
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
ImportantCVE-2015-8903SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259SUSE bug 983259CVE-2015-8918openSUSE Leap 42.1
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."
ModerateCVE-2015-8918SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698SUSE bug 985698CVE-2015-8919openSUSE Leap 42.1
The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.
ModerateCVE-2015-8919SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697SUSE bug 985697CVE-2015-8920openSUSE Leap 42.1
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
ModerateCVE-2015-8920SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675SUSE bug 985675CVE-2015-8921openSUSE Leap 42.1
The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
ModerateCVE-2015-8921SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682SUSE bug 985682CVE-2015-8922openSUSE Leap 42.1
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.
ModerateCVE-2015-8922SUSE bug 985685SUSE bug 985685SUSE bug 985685SUSE bug 985685SUSE bug 985685SUSE bug 985685SUSE bug 985685SUSE bug 985685CVE-2015-8923openSUSE Leap 42.1
The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.
ModerateCVE-2015-8923SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703SUSE bug 985703CVE-2015-8924openSUSE Leap 42.1
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.
ModerateCVE-2015-8924SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609SUSE bug 985609CVE-2015-8925openSUSE Leap 42.1
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
ModerateCVE-2015-8925SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706SUSE bug 985706CVE-2015-8926openSUSE Leap 42.1
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.
ModerateCVE-2015-8926SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704SUSE bug 985704CVE-2015-8928openSUSE Leap 42.1
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
ModerateCVE-2015-8928SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679SUSE bug 985679CVE-2015-8929openSUSE Leap 42.1
Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.
ModerateCVE-2015-8929SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669SUSE bug 985669CVE-2015-8930openSUSE Leap 42.1
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.
ModerateCVE-2015-8930SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700SUSE bug 985700CVE-2015-8931openSUSE Leap 42.1
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.
ModerateCVE-2015-8931SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689SUSE bug 985689CVE-2015-8932openSUSE Leap 42.1
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
ModerateCVE-2015-8932SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665SUSE bug 985665CVE-2015-8933openSUSE Leap 42.1
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
ModerateCVE-2015-8933SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688SUSE bug 985688CVE-2015-8934openSUSE Leap 42.1
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
ModerateCVE-2015-8934SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673SUSE bug 985673CVE-2015-8935openSUSE Leap 42.1
The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.
ModerateCVE-2015-8935SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004SUSE bug 986004CVE-2015-8936openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.
ImportantCVE-2015-8936SUSE bug 985612SUSE bug 985612SUSE bug 985612SUSE bug 985612SUSE bug 985612SUSE bug 985612SUSE bug 985612SUSE bug 1040287SUSE bug 985612SUSE bug 985612CVE-2015-8947openSUSE Leap 42.1
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.
ModerateCVE-2015-8947SUSE bug 963436SUSE bug 989564SUSE bug 989564SUSE bug 963436SUSE bug 989564SUSE bug 989564SUSE bug 989564CVE-2015-8948openSUSE Leap 42.1
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
ModerateCVE-2015-8948SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 1014473SUSE bug 990189SUSE bug 1014473SUSE bug 990189SUSE bug 1014473SUSE bug 990189CVE-2015-8956openSUSE Leap 42.1
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
ModerateCVE-2015-8956SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925SUSE bug 1003925CVE-2015-8957openSUSE Leap 42.1
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
ModerateCVE-2015-8957SUSE bug 1000690SUSE bug 1000690SUSE bug 1000691SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690SUSE bug 1000690CVE-2015-8958openSUSE Leap 42.1
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
ModerateCVE-2015-8958SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000694SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000690SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1000691SUSE bug 1028079CVE-2015-8959openSUSE Leap 42.1
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
ModerateCVE-2015-8959SUSE bug 1000713SUSE bug 1000713SUSE bug 1000713SUSE bug 1000713SUSE bug 1000713SUSE bug 1074610CVE-2015-8962openSUSE Leap 42.1
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.
ModerateCVE-2015-8962SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501SUSE bug 1010501CVE-2015-8963openSUSE Leap 42.1
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.
ModerateCVE-2015-8963SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502SUSE bug 1010502CVE-2015-8964openSUSE Leap 42.1
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
LowCVE-2015-8964SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1025354SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507SUSE bug 1010507CVE-2015-8972openSUSE Leap 42.1
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
ModerateCVE-2015-8972SUSE bug 1010143SUSE bug 1010143CVE-2015-8980openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2015-8980SUSE bug 1020489SUSE bug 1021597SUSE bug 1020489SUSE bug 1021597CVE-2015-8994openSUSE Leap 42.1
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
ModerateCVE-2015-8994SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210SUSE bug 1027210CVE-2016-0402openSUSE Leap 42.1
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
CriticalCVE-2016-0402SUSE bug 962743SUSE bug 963937SUSE bug 960402CVE-2016-0448openSUSE Leap 42.1
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
CriticalCVE-2016-0448SUSE bug 962743SUSE bug 963937SUSE bug 960402CVE-2016-0466openSUSE Leap 42.1
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.
CriticalCVE-2016-0466SUSE bug 962743SUSE bug 963937SUSE bug 960402CVE-2016-0483openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
CriticalCVE-2016-0483SUSE bug 962743SUSE bug 963937SUSE bug 960402CVE-2016-0494openSUSE Leap 42.1
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CriticalCVE-2016-0494SUSE bug 962743SUSE bug 963937CVE-2016-0502openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ImportantCVE-2016-0502SUSE bug 962779SUSE bug 962779SUSE bug 962937SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962937SUSE bug 962937CVE-2016-0503openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.
ImportantCVE-2016-0503SUSE bug 962779SUSE bug 962779SUSE bug 962935SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962935SUSE bug 962935CVE-2016-0504openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503.
ImportantCVE-2016-0504SUSE bug 962779SUSE bug 962779SUSE bug 962930SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962930SUSE bug 962930CVE-2016-0505openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
ImportantCVE-2016-0505SUSE bug 962779SUSE bug 962779SUSE bug 962931SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962931SUSE bug 980904SUSE bug 962931CVE-2016-0546openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.
ImportantCVE-2016-0546SUSE bug 962779SUSE bug 962817SUSE bug 962779SUSE bug 962817SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962817SUSE bug 980904SUSE bug 962817CVE-2016-0594openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-0594SUSE bug 962779SUSE bug 962779SUSE bug 962932SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962932SUSE bug 962932CVE-2016-0595openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-0595SUSE bug 962779SUSE bug 962779SUSE bug 962934SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962934SUSE bug 962934CVE-2016-0596openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-0596SUSE bug 962779SUSE bug 962779SUSE bug 962936SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962936SUSE bug 980904SUSE bug 962936CVE-2016-0597openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ImportantCVE-2016-0597SUSE bug 962779SUSE bug 962779SUSE bug 962938SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962938SUSE bug 980904SUSE bug 962938CVE-2016-0598openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-0598SUSE bug 962779SUSE bug 962779SUSE bug 962942SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962942SUSE bug 980904SUSE bug 962942CVE-2016-0600openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
ImportantCVE-2016-0600SUSE bug 962779SUSE bug 962779SUSE bug 962943SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962943SUSE bug 980904SUSE bug 962943CVE-2016-0605openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors.
ImportantCVE-2016-0605SUSE bug 962779SUSE bug 962779SUSE bug 962951SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962951SUSE bug 962951CVE-2016-0606openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
ImportantCVE-2016-0606SUSE bug 962779SUSE bug 962779SUSE bug 962947SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962947SUSE bug 980904SUSE bug 962947CVE-2016-0607openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.
ImportantCVE-2016-0607SUSE bug 962779SUSE bug 962779SUSE bug 962949SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962949SUSE bug 962949CVE-2016-0608openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
ImportantCVE-2016-0608SUSE bug 962779SUSE bug 962948SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962948SUSE bug 980904SUSE bug 962948CVE-2016-0609openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
ImportantCVE-2016-0609SUSE bug 962779SUSE bug 962779SUSE bug 962952SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962952SUSE bug 980904SUSE bug 962952CVE-2016-0610openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
ImportantCVE-2016-0610SUSE bug 962779SUSE bug 962779SUSE bug 962944SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962944SUSE bug 962944CVE-2016-0611openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ImportantCVE-2016-0611SUSE bug 962779SUSE bug 962779SUSE bug 962939SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962939SUSE bug 962939CVE-2016-0616openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
ImportantCVE-2016-0616SUSE bug 962779SUSE bug 962779SUSE bug 962941SUSE bug 962779SUSE bug 962779SUSE bug 962817SUSE bug 962930SUSE bug 962931SUSE bug 962932SUSE bug 962934SUSE bug 962935SUSE bug 962936SUSE bug 962937SUSE bug 962938SUSE bug 962939SUSE bug 962941SUSE bug 962942SUSE bug 962943SUSE bug 962944SUSE bug 962945SUSE bug 962946SUSE bug 962947SUSE bug 962948SUSE bug 962949SUSE bug 962950SUSE bug 962951SUSE bug 962952SUSE bug 962941SUSE bug 980904SUSE bug 962941CVE-2016-0634openSUSE Leap 42.1
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
ModerateCVE-2016-0634SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1001299SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396SUSE bug 1000396CVE-2016-0636openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
ImportantCVE-2016-0636SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 972468SUSE bug 979252SUSE bug 972468CVE-2016-0639openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
CriticalCVE-2016-0639SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341CVE-2016-0640openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
CriticalCVE-2016-0640SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0641openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
CriticalCVE-2016-0641SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0642openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CriticalCVE-2016-0642SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0643openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
CriticalCVE-2016-0643SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0644openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CriticalCVE-2016-0644SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0646openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
CriticalCVE-2016-0646SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0647openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.
CriticalCVE-2016-0647SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0648openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
CriticalCVE-2016-0648SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0649openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
CriticalCVE-2016-0649SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0650openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
CriticalCVE-2016-0650SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0651openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CriticalCVE-2016-0651SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0655openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
CriticalCVE-2016-0655SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0661openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.
CriticalCVE-2016-0661SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341CVE-2016-0665openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.
CriticalCVE-2016-0665SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341CVE-2016-0666openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CriticalCVE-2016-0666SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0668openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CriticalCVE-2016-0668SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 976341SUSE bug 980904CVE-2016-0678openSUSE Leap 42.1
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core.
ModerateCVE-2016-0678SUSE bug 976636SUSE bug 976636CVE-2016-0686openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
ImportantCVE-2016-0686SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252CVE-2016-0687openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
ImportantCVE-2016-0687SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252CVE-2016-0695openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
ImportantCVE-2016-0695SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252CVE-2016-0702openSUSE Leap 42.1
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
LowCVE-2016-0702SUSE bug 968044SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968044SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 971238SUSE bug 971238SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 971238SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 971238SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 968050SUSE bug 990370SUSE bug 1007806SUSE bug 968050SUSE bug 1007806SUSE bug 968050SUSE bug 968050SUSE bug 1007806SUSE bug 968050SUSE bug 968050SUSE bug 968050CVE-2016-0703openSUSE Leap 42.1
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
ImportantCVE-2016-0703SUSE bug 968044SUSE bug 968046SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968044SUSE bug 968046SUSE bug 968051SUSE bug 968044SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 968051SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238CVE-2016-0704openSUSE Leap 42.1
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.
ModerateCVE-2016-0704SUSE bug 968044SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968044SUSE bug 968053SUSE bug 968044SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968053SUSE bug 968044SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238SUSE bug 986238CVE-2016-0705openSUSE Leap 42.1
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
LowCVE-2016-0705SUSE bug 968044SUSE bug 968047SUSE bug 968047SUSE bug 968047SUSE bug 968047SUSE bug 968044SUSE bug 968047SUSE bug 968047SUSE bug 968044SUSE bug 968047SUSE bug 968047SUSE bug 968047SUSE bug 968047SUSE bug 968047SUSE bug 971238SUSE bug 968047SUSE bug 976341SUSE bug 968047SUSE bug 968047CVE-2016-0706openSUSE Leap 42.1
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application.
ImportantCVE-2016-0706SUSE bug 967815SUSE bug 967815SUSE bug 967815SUSE bug 967815SUSE bug 967815SUSE bug 967815SUSE bug 988489SUSE bug 967815SUSE bug 967815SUSE bug 967815CVE-2016-0714openSUSE Leap 42.1
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
ImportantCVE-2016-0714SUSE bug 967964SUSE bug 967964SUSE bug 967964SUSE bug 967964SUSE bug 967964CVE-2016-0718openSUSE Leap 42.1
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
ImportantCVE-2016-0718SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 979441SUSE bug 991809SUSE bug 979441SUSE bug 979441SUSE bug 991809CVE-2016-0723openSUSE Leap 42.1
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.
ModerateCVE-2016-0723SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500SUSE bug 961500CVE-2016-0728openSUSE Leap 42.1
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
ImportantCVE-2016-0728SUSE bug 962075SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962075SUSE bug 962075SUSE bug 962075SUSE bug 963994SUSE bug 962075SUSE bug 963994SUSE bug 962075SUSE bug 962075SUSE bug 963994SUSE bug 962075SUSE bug 963994SUSE bug 962078SUSE bug 962078SUSE bug 923755SUSE bug 962075SUSE bug 963994SUSE bug 962075SUSE bug 962078SUSE bug 962078SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962078SUSE bug 962075SUSE bug 962075SUSE bug 962075CVE-2016-0729openSUSE Leap 42.1
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
ImportantCVE-2016-0729SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822SUSE bug 966822CVE-2016-0736openSUSE Leap 42.1
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.
ModerateCVE-2016-0736SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1033513SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712SUSE bug 1016712CVE-2016-0739openSUSE Leap 42.1
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
ImportantCVE-2016-0739SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 967026SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 967026SUSE bug 965875SUSE bug 965875SUSE bug 967026SUSE bug 965875SUSE bug 965875SUSE bug 965875SUSE bug 967026CVE-2016-0740openSUSE Leap 42.1
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
ModerateCVE-2016-0740SUSE bug 965579SUSE bug 965579SUSE bug 965579SUSE bug 965579SUSE bug 965582SUSE bug 965579SUSE bug 965579SUSE bug 965582SUSE bug 965579SUSE bug 965579SUSE bug 965579SUSE bug 965579SUSE bug 965582SUSE bug 965579SUSE bug 965579SUSE bug 965579SUSE bug 965579CVE-2016-0742openSUSE Leap 42.1
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
ModerateCVE-2016-0742SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781SUSE bug 963781CVE-2016-0746openSUSE Leap 42.1
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
LowCVE-2016-0746SUSE bug 963778SUSE bug 963778SUSE bug 963778SUSE bug 963778SUSE bug 963778SUSE bug 963778SUSE bug 963778SUSE bug 963778CVE-2016-0747openSUSE Leap 42.1
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
LowCVE-2016-0747SUSE bug 963775SUSE bug 963775SUSE bug 963775SUSE bug 963775SUSE bug 963775SUSE bug 963775SUSE bug 963775CVE-2016-0749openSUSE Leap 42.1
The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow.
ImportantCVE-2016-0749SUSE bug 982385SUSE bug 982386SUSE bug 982385SUSE bug 982386SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385SUSE bug 982385CVE-2016-0751openSUSE Leap 42.1
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
ModerateCVE-2016-0751SUSE bug 963331SUSE bug 963331SUSE bug 963331SUSE bug 963331SUSE bug 963331SUSE bug 963331SUSE bug 963331SUSE bug 963331CVE-2016-0752openSUSE Leap 42.1
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.
ImportantCVE-2016-0752SUSE bug 963332SUSE bug 963332SUSE bug 963332SUSE bug 963332SUSE bug 963332SUSE bug 963332SUSE bug 963332SUSE bug 968850SUSE bug 963332SUSE bug 963332SUSE bug 968850SUSE bug 968850SUSE bug 963332SUSE bug 968850SUSE bug 963332CVE-2016-0753openSUSE Leap 42.1
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.
ModerateCVE-2016-0753SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334SUSE bug 963334CVE-2016-0755openSUSE Leap 42.1
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.
ModerateCVE-2016-0755SUSE bug 962983SUSE bug 962983SUSE bug 962983SUSE bug 962983SUSE bug 962983SUSE bug 962983CVE-2016-0758openSUSE Leap 42.1
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
ImportantCVE-2016-0758SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 980856SUSE bug 980856SUSE bug 980856SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 980856SUSE bug 979867SUSE bug 980856SUSE bug 979867SUSE bug 979867SUSE bug 980856SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 980856SUSE bug 979867SUSE bug 979867SUSE bug 980856SUSE bug 980856SUSE bug 979867SUSE bug 980856SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867SUSE bug 979867CVE-2016-0762openSUSE Leap 42.1
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
ModerateCVE-2016-0762SUSE bug 1007854SUSE bug 1007854SUSE bug 1007854SUSE bug 1007854SUSE bug 1007854CVE-2016-0763openSUSE Leap 42.1
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
ModerateCVE-2016-0763SUSE bug 967966SUSE bug 967966SUSE bug 967966SUSE bug 967966SUSE bug 967966SUSE bug 967966CVE-2016-0766openSUSE Leap 42.1
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.
ImportantCVE-2016-0766SUSE bug 966435SUSE bug 966435SUSE bug 966435SUSE bug 966435SUSE bug 966435SUSE bug 966435SUSE bug 966436SUSE bug 966435SUSE bug 966436SUSE bug 966435SUSE bug 966435SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 966436SUSE bug 978323CVE-2016-0772openSUSE Leap 42.1
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
ModerateCVE-2016-0772SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751SUSE bug 984751CVE-2016-0773openSUSE Leap 42.1
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.
ImportantCVE-2016-0773SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966435SUSE bug 966436SUSE bug 966435SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 966436SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 978323SUSE bug 966436SUSE bug 978323SUSE bug 983246SUSE bug 983246SUSE bug 983246SUSE bug 983246SUSE bug 983246SUSE bug 983246SUSE bug 986409CVE-2016-0775openSUSE Leap 42.1
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.
ModerateCVE-2016-0775SUSE bug 965582SUSE bug 965582SUSE bug 965582SUSE bug 965579SUSE bug 965582SUSE bug 965582SUSE bug 965579SUSE bug 965582SUSE bug 965582SUSE bug 965582SUSE bug 965579SUSE bug 965582SUSE bug 965582CVE-2016-0777openSUSE Leap 42.1
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CriticalCVE-2016-0777SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 961642SUSE bug 996040SUSE bug 1087412SUSE bug 1087412CVE-2016-0778openSUSE Leap 42.1
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
ModerateCVE-2016-0778SUSE bug 961645SUSE bug 961645SUSE bug 961645SUSE bug 961645SUSE bug 961645SUSE bug 961645SUSE bug 961645SUSE bug 996040SUSE bug 1087412SUSE bug 1087412CVE-2016-0787openSUSE Leap 42.1
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
ImportantCVE-2016-0787SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 968174SUSE bug 968174SUSE bug 968174SUSE bug 967026SUSE bug 968174SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 974691SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026SUSE bug 967026CVE-2016-0794openSUSE Leap 42.1
The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
ModerateCVE-2016-0794SUSE bug 967014SUSE bug 967014SUSE bug 967014SUSE bug 967015SUSE bug 967014SUSE bug 967014SUSE bug 967014CVE-2016-0795openSUSE Leap 42.1
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
ModerateCVE-2016-0795SUSE bug 967015SUSE bug 967015SUSE bug 967014SUSE bug 967015SUSE bug 967015SUSE bug 967015SUSE bug 967015CVE-2016-0797openSUSE Leap 42.1
Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.
ModerateCVE-2016-0797SUSE bug 968044SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968044SUSE bug 968048SUSE bug 968048SUSE bug 968044SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 968048SUSE bug 990370CVE-2016-0798openSUSE Leap 42.1
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c.
ModerateCVE-2016-0798SUSE bug 968265SUSE bug 968265SUSE bug 968265SUSE bug 968044SUSE bug 968265SUSE bug 968265SUSE bug 968265CVE-2016-0799openSUSE Leap 42.1
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.
ImportantCVE-2016-0799SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968044SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 969517SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 968374SUSE bug 989345SUSE bug 990370SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722SUSE bug 991722CVE-2016-0800openSUSE Leap 42.1
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
ImportantCVE-2016-0800SUSE bug 968044SUSE bug 968046SUSE bug 968046SUSE bug 968046SUSE bug 968046SUSE bug 968044SUSE bug 968046SUSE bug 968888SUSE bug 968046SUSE bug 968044SUSE bug 968046SUSE bug 968888SUSE bug 968046SUSE bug 968046SUSE bug 968046SUSE bug 961377SUSE bug 968046SUSE bug 968046SUSE bug 968888SUSE bug 968046SUSE bug 968046SUSE bug 968888SUSE bug 968046SUSE bug 968888SUSE bug 968888SUSE bug 968888SUSE bug 968046SUSE bug 968046SUSE bug 968046SUSE bug 979060SUSE bug 979060SUSE bug 979060SUSE bug 979060SUSE bug 968888SUSE bug 968888SUSE bug 968888SUSE bug 968888SUSE bug 968888SUSE bug 968888SUSE bug 968888CVE-2016-1000104openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-1000104SUSE bug 988492SUSE bug 988492CVE-2016-1000110openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-1000110SUSE bug 989523SUSE bug 988484SUSE bug 989523SUSE bug 989523CVE-2016-1000111openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-1000111SUSE bug 989997SUSE bug 989997SUSE bug 989997CVE-2016-10002openSUSE Leap 42.1
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
ModerateCVE-2016-10002SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168SUSE bug 1016168CVE-2016-10009openSUSE Leap 42.1
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
ModerateCVE-2016-10009SUSE bug 1016366SUSE bug 1016366SUSE bug 1017555SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1025354SUSE bug 1026634SUSE bug 1017870SUSE bug 1026634SUSE bug 1017870SUSE bug 1016366SUSE bug 1016366SUSE bug 1016366SUSE bug 1017870SUSE bug 1016366SUSE bug 1017870SUSE bug 1016366SUSE bug 1016366SUSE bug 1016370SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1016366SUSE bug 1016366SUSE bug 1021751SUSE bug 1021751SUSE bug 1016366SUSE bug 1016336SUSE bug 1016366SUSE bug 1016366SUSE bug 1021751SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1021751SUSE bug 1021751SUSE bug 1021751SUSE bug 1016370SUSE bug 1021751SUSE bug 1016370SUSE bug 1021751SUSE bug 1021751SUSE bug 1021751SUSE bug 1021751SUSE bug 1021751SUSE bug 1021751SUSE bug 1087412SUSE bug 1087412CVE-2016-10011openSUSE Leap 42.1
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
ModerateCVE-2016-10011SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1025354SUSE bug 1016369SUSE bug 1016369SUSE bug 1026634SUSE bug 1017870SUSE bug 1026634SUSE bug 1017870SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1017870SUSE bug 1016369SUSE bug 1017870SUSE bug 1016369SUSE bug 1016369SUSE bug 1016370SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1016369SUSE bug 1016369SUSE bug 1016369SUSE bug 1016336SUSE bug 1016369SUSE bug 1016369SUSE bug 1017870SUSE bug 1017870SUSE bug 1017870SUSE bug 1016369SUSE bug 1016370SUSE bug 1016370SUSE bug 1087412SUSE bug 1087412CVE-2016-10013openSUSE Leap 42.1
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
ImportantCVE-2016-10013SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340SUSE bug 1016340CVE-2016-10024openSUSE Leap 42.1
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
ModerateCVE-2016-10024SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298SUSE bug 1014298CVE-2016-10046openSUSE Leap 42.1
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
ModerateCVE-2016-10046SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1016742SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1017308SUSE bug 1016742SUSE bug 1017308SUSE bug 1017308CVE-2016-10048openSUSE Leap 42.1
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
ModerateCVE-2016-10048SUSE bug 1017310SUSE bug 1017310SUSE bug 1017310SUSE bug 1017310SUSE bug 1017310SUSE bug 1017310SUSE bug 1017310CVE-2016-10049openSUSE Leap 42.1
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
ModerateCVE-2016-10049SUSE bug 1017311SUSE bug 1017311SUSE bug 1017311SUSE bug 1017311SUSE bug 1017311SUSE bug 1017311CVE-2016-10050openSUSE Leap 42.1
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
ModerateCVE-2016-10050SUSE bug 1017312SUSE bug 1017312SUSE bug 1017312SUSE bug 1017312SUSE bug 1017312SUSE bug 1017312SUSE bug 1017312CVE-2016-10051openSUSE Leap 42.1
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10051SUSE bug 1017313SUSE bug 1017313SUSE bug 1017313SUSE bug 1017313SUSE bug 1017313SUSE bug 1017313CVE-2016-10052openSUSE Leap 42.1
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10052SUSE bug 1017314SUSE bug 1017314SUSE bug 1017314SUSE bug 1017314SUSE bug 1017314SUSE bug 1017314CVE-2016-10059openSUSE Leap 42.1
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
ModerateCVE-2016-10059SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318SUSE bug 1017318CVE-2016-10060openSUSE Leap 42.1
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2016-10060SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319CVE-2016-10061openSUSE Leap 42.1
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
ModerateCVE-2016-10061SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319CVE-2016-10062openSUSE Leap 42.1
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
LowCVE-2016-10062SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319SUSE bug 1017319CVE-2016-10063openSUSE Leap 42.1
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
ModerateCVE-2016-10063SUSE bug 1017320SUSE bug 1017320SUSE bug 1017320SUSE bug 1017320SUSE bug 1017320SUSE bug 1017320SUSE bug 1016589SUSE bug 1017320CVE-2016-10064openSUSE Leap 42.1
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
LowCVE-2016-10064SUSE bug 1017321SUSE bug 1017321SUSE bug 1017321SUSE bug 1017321SUSE bug 1017321SUSE bug 1016590SUSE bug 1017321CVE-2016-10065openSUSE Leap 42.1
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
ModerateCVE-2016-10065SUSE bug 1017322SUSE bug 1017322SUSE bug 1017322SUSE bug 1017322SUSE bug 1016591SUSE bug 1017322SUSE bug 1017322CVE-2016-10068openSUSE Leap 42.1
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
LowCVE-2016-10068SUSE bug 1017324SUSE bug 1017324SUSE bug 1017324SUSE bug 1017324SUSE bug 1017324SUSE bug 1017324SUSE bug 1017324CVE-2016-10069openSUSE Leap 42.1
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
ModerateCVE-2016-10069SUSE bug 1017325SUSE bug 1017325SUSE bug 1017325SUSE bug 1017325SUSE bug 1017325SUSE bug 1017325SUSE bug 1017325CVE-2016-10070openSUSE Leap 42.1
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
ModerateCVE-2016-10070SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326CVE-2016-10071openSUSE Leap 42.1
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
ModerateCVE-2016-10071SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326SUSE bug 1017326CVE-2016-10087openSUSE Leap 42.1
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
LowCVE-2016-10087SUSE bug 1017646SUSE bug 1017646SUSE bug 1017646SUSE bug 1017646SUSE bug 1017646SUSE bug 1017646CVE-2016-10088openSUSE Leap 42.1
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
ImportantCVE-2016-10088SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1013604SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1019079SUSE bug 1019079CVE-2016-10109openSUSE Leap 42.1
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.
ImportantCVE-2016-10109SUSE bug 1017902SUSE bug 1017902SUSE bug 1017902SUSE bug 1017902SUSE bug 1017902SUSE bug 1017902SUSE bug 1017902CVE-2016-10128openSUSE Leap 42.1
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.
ModerateCVE-2016-10128SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036CVE-2016-10129openSUSE Leap 42.1
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
ImportantCVE-2016-10129SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036SUSE bug 1019036CVE-2016-10130openSUSE Leap 42.1
The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable.
ModerateCVE-2016-10130SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037CVE-2016-10132openSUSE Leap 42.1
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.
ImportantCVE-2016-10132SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877CVE-2016-10133openSUSE Leap 42.1
Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.
ImportantCVE-2016-10133SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877CVE-2016-10141openSUSE Leap 42.1
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition.
ImportantCVE-2016-10141SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877SUSE bug 1019877CVE-2016-10144openSUSE Leap 42.1
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
ModerateCVE-2016-10144SUSE bug 1020433SUSE bug 1020433SUSE bug 1020433SUSE bug 1020433SUSE bug 1020433SUSE bug 1020433SUSE bug 1020433CVE-2016-10145openSUSE Leap 42.1
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
ModerateCVE-2016-10145SUSE bug 1020435SUSE bug 1020435SUSE bug 1020435SUSE bug 1020435SUSE bug 1020435SUSE bug 1020435SUSE bug 1020435CVE-2016-10146openSUSE Leap 42.1
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2016-10146SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443SUSE bug 1020443CVE-2016-10147openSUSE Leap 42.1
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).
ModerateCVE-2016-10147SUSE bug 1020381SUSE bug 1020429SUSE bug 1020381SUSE bug 1020429SUSE bug 1020381SUSE bug 1020381SUSE bug 1020381SUSE bug 1020381SUSE bug 1020381SUSE bug 1020429CVE-2016-10155openSUSE Leap 42.1
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
ModerateCVE-2016-10155SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1024183SUSE bug 1024183SUSE bug 1024183SUSE bug 1024183SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1024183SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1021129SUSE bug 1024183SUSE bug 1024183SUSE bug 1021129SUSE bug 1021129CVE-2016-10164openSUSE Leap 42.1
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
ImportantCVE-2016-10164SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315SUSE bug 1021315CVE-2016-10166openSUSE Leap 42.1
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
ModerateCVE-2016-10166SUSE bug 1022069SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263SUSE bug 1022263CVE-2016-10167openSUSE Leap 42.1
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
LowCVE-2016-10167SUSE bug 1022069SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264SUSE bug 1022264CVE-2016-10168openSUSE Leap 42.1
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
ModerateCVE-2016-10168SUSE bug 1022069SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265SUSE bug 1022265CVE-2016-10189openSUSE Leap 42.1
BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
ModerateCVE-2016-10189SUSE bug 1022498SUSE bug 1022498SUSE bug 1022498CVE-2016-10198openSUSE Leap 42.1
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
LowCVE-2016-10198SUSE bug 1023259SUSE bug 1024014SUSE bug 1024014SUSE bug 1024014SUSE bug 1024014CVE-2016-10199openSUSE Leap 42.1
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
LowCVE-2016-10199SUSE bug 1023259SUSE bug 1024017SUSE bug 1024017SUSE bug 1024017SUSE bug 1024017CVE-2016-10200openSUSE Leap 42.1
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
ModerateCVE-2016-10200SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1027179SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415SUSE bug 1028415CVE-2016-10207openSUSE Leap 42.1
The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.
ModerateCVE-2016-10207SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012SUSE bug 1023012CVE-2016-10208openSUSE Leap 42.1
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
ImportantCVE-2016-10208SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377SUSE bug 1023377CVE-2016-10220openSUSE Leap 42.1
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.
ModerateCVE-2016-10220SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120SUSE bug 1036453SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120SUSE bug 1032120CVE-2016-10251openSUSE Leap 42.1
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
ModerateCVE-2016-10251SUSE bug 1029497SUSE bug 1029497SUSE bug 1029497SUSE bug 1029497SUSE bug 1029497CVE-2016-10266openSUSE Leap 42.1
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.
ModerateCVE-2016-10266SUSE bug 1031263SUSE bug 1031263CVE-2016-10267openSUSE Leap 42.1
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.
ModerateCVE-2016-10267SUSE bug 1031262SUSE bug 1031262CVE-2016-10268openSUSE Leap 42.1
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
ImportantCVE-2016-10268SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255SUSE bug 1031255CVE-2016-10269openSUSE Leap 42.1
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2.
ImportantCVE-2016-10269SUSE bug 1031254SUSE bug 1031254CVE-2016-10270openSUSE Leap 42.1
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22.
ImportantCVE-2016-10270SUSE bug 1031250SUSE bug 1031250CVE-2016-10271openSUSE Leap 42.1
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.
ImportantCVE-2016-10271SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249SUSE bug 1031249CVE-2016-10272openSUSE Leap 42.1
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9.
ImportantCVE-2016-10272SUSE bug 1031247SUSE bug 1031247SUSE bug 1031247CVE-2016-10318openSUSE Leap 42.1
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.
ModerateCVE-2016-10318SUSE bug 1032435SUSE bug 1032435SUSE bug 1032435SUSE bug 1032435SUSE bug 1032435SUSE bug 1032435SUSE bug 1032435CVE-2016-10324openSUSE Leap 42.1
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.
ModerateCVE-2016-10324SUSE bug 1034574SUSE bug 1034574SUSE bug 1034574SUSE bug 1034574SUSE bug 1034574SUSE bug 1034574CVE-2016-10325openSUSE Leap 42.1
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.
ImportantCVE-2016-10325SUSE bug 1034572SUSE bug 1034572SUSE bug 1034572SUSE bug 1034572SUSE bug 1034572SUSE bug 1034572CVE-2016-10326openSUSE Leap 42.1
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.
ModerateCVE-2016-10326SUSE bug 1034571SUSE bug 1034571SUSE bug 1034571SUSE bug 1034571SUSE bug 1034571SUSE bug 1034571CVE-2016-1234openSUSE Leap 42.1
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
ModerateCVE-2016-1234SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 988770SUSE bug 988782SUSE bug 988782SUSE bug 989127SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 1020940SUSE bug 969727SUSE bug 969727SUSE bug 969727SUSE bug 969727CVE-2016-1237openSUSE Leap 42.1
nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.
LowCVE-2016-1237SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570SUSE bug 986570CVE-2016-1238openSUSE Leap 42.1
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.
ModerateCVE-2016-1238SUSE bug 987887SUSE bug 987887SUSE bug 988311SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887SUSE bug 987887CVE-2016-1245openSUSE Leap 42.1
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
ImportantCVE-2016-1245SUSE bug 1005258SUSE bug 1005258SUSE bug 1005258SUSE bug 1005258SUSE bug 1005258SUSE bug 1005258CVE-2016-1246openSUSE Leap 42.1
Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.
ModerateCVE-2016-1246SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626SUSE bug 1002626CVE-2016-1248openSUSE Leap 42.1
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
ImportantCVE-2016-1248SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685SUSE bug 1010685CVE-2016-1249openSUSE Leap 42.1
The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression.
LowCVE-2016-1249SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457SUSE bug 1010457CVE-2016-1251openSUSE Leap 42.1
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
ModerateCVE-2016-1251SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546SUSE bug 1012546CVE-2016-1254openSUSE Leap 42.1
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
ModerateCVE-2016-1254SUSE bug 1016343SUSE bug 1016343SUSE bug 1016343SUSE bug 1016343CVE-2016-1283openSUSE Leap 42.1
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
ModerateCVE-2016-1283SUSE bug 960837SUSE bug 960837SUSE bug 960837SUSE bug 960837SUSE bug 960837SUSE bug 960837SUSE bug 960837SUSE bug 960837CVE-2016-1285openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
ImportantCVE-2016-1285SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 970072SUSE bug 978322SUSE bug 978322SUSE bug 978322SUSE bug 981200SUSE bug 970072SUSE bug 981200SUSE bug 981200SUSE bug 981200SUSE bug 981200SUSE bug 970072SUSE bug 981200SUSE bug 978322SUSE bug 970072SUSE bug 978322SUSE bug 970072CVE-2016-1286openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
ImportantCVE-2016-1286SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 978322SUSE bug 981200SUSE bug 970073SUSE bug 981200SUSE bug 970073SUSE bug 981200SUSE bug 981200SUSE bug 981200SUSE bug 970073SUSE bug 981200SUSE bug 970073SUSE bug 970073SUSE bug 970073SUSE bug 970073CVE-2016-1494openSUSE Leap 42.1
The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
ModerateCVE-2016-1494SUSE bug 960680SUSE bug 960680SUSE bug 960680SUSE bug 960680SUSE bug 960680CVE-2016-1514openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8790. Reason: This candidate is a reservation duplicate of CVE-2015-8790. Notes: All CVE users should reference CVE-2015-8790 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-1514SUSE bug 964396CVE-2016-1515openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8789. Reason: This candidate is a reservation duplicate of CVE-2015-8789. Notes: All CVE users should reference CVE-2015-8789 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-1515SUSE bug 964395CVE-2016-1521openSUSE Leap 42.1
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
ImportantCVE-2016-1521SUSE bug 965803SUSE bug 965803SUSE bug 965803SUSE bug 965803SUSE bug 965803SUSE bug 965810SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 965803SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810CVE-2016-1523openSUSE Leap 42.1
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
ImportantCVE-2016-1523SUSE bug 965807SUSE bug 965807SUSE bug 965807SUSE bug 967087SUSE bug 965807SUSE bug 965810SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 965807SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810CVE-2016-1526openSUSE Leap 42.1
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
ImportantCVE-2016-1526SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 966438SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965810SUSE bug 965803SUSE bug 965806SUSE bug 965807SUSE bug 965810SUSE bug 965810SUSE bug 965810CVE-2016-1531openSUSE Leap 42.1
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
ImportantCVE-2016-1531SUSE bug 968844SUSE bug 968844SUSE bug 968844SUSE bug 968844CVE-2016-1541openSUSE Leap 42.1
Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.
ModerateCVE-2016-1541SUSE bug 979005SUSE bug 979005SUSE bug 979005CVE-2016-1544openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2016-1544SUSE bug 966514SUSE bug 966514SUSE bug 966514SUSE bug 966514CVE-2016-1547openSUSE Leap 42.1
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
ModerateCVE-2016-1547SUSE bug 977446SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 962784SUSE bug 977459SUSE bug 982064SUSE bug 982065SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977459SUSE bug 977446SUSE bug 977459SUSE bug 977459CVE-2016-1548openSUSE Leap 42.1
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
ImportantCVE-2016-1548SUSE bug 977446SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 977461SUSE bug 982068SUSE bug 977461SUSE bug 959243SUSE bug 977461SUSE bug 959243SUSE bug 977461SUSE bug 977461SUSE bug 977446SUSE bug 977461SUSE bug 977461CVE-2016-1549openSUSE Leap 42.1
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
ModerateCVE-2016-1549SUSE bug 977446SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977451SUSE bug 977446SUSE bug 977451SUSE bug 977451SUSE bug 1083424CVE-2016-1550openSUSE Leap 42.1
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
ModerateCVE-2016-1550SUSE bug 977446SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977464SUSE bug 977446SUSE bug 977464SUSE bug 977464CVE-2016-1551openSUSE Leap 42.1
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock's peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.
ModerateCVE-2016-1551SUSE bug 977446SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977450SUSE bug 977446SUSE bug 977450SUSE bug 977450CVE-2016-1568openSUSE Leap 42.1
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.
ModerateCVE-2016-1568SUSE bug 961332SUSE bug 961333SUSE bug 961332SUSE bug 961332SUSE bug 961333SUSE bug 961332SUSE bug 961332SUSE bug 961332SUSE bug 961333CVE-2016-1570openSUSE Leap 42.1
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.
ImportantCVE-2016-1570SUSE bug 960861SUSE bug 960861SUSE bug 960861SUSE bug 960861SUSE bug 960861SUSE bug 960861SUSE bug 960861CVE-2016-1572openSUSE Leap 42.1
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
ModerateCVE-2016-1572SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052SUSE bug 962052CVE-2016-1577openSUSE Leap 42.1
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.
ModerateCVE-2016-1577SUSE bug 968373SUSE bug 968373SUSE bug 968373SUSE bug 968373CVE-2016-1583openSUSE Leap 42.1
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.
ImportantCVE-2016-1583SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 990058SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983143SUSE bug 983143SUSE bug 983144SUSE bug 983143SUSE bug 983144SUSE bug 1052256SUSE bug 1052256SUSE bug 1052256CVE-2016-1601openSUSE Leap 42.1
yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors.
CriticalCVE-2016-1601SUSE bug 973639SUSE bug 974220SUSE bug 974220SUSE bug 973639SUSE bug 974220SUSE bug 973639SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 973639SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220SUSE bug 974220CVE-2016-1612openSUSE Leap 42.1
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.
ImportantCVE-2016-1612SUSE bug 963184SUSE bug 963184SUSE bug 963184CVE-2016-1613openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects.
ImportantCVE-2016-1613SUSE bug 963185SUSE bug 963185SUSE bug 963185CVE-2016-1614openSUSE Leap 42.1
The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
ModerateCVE-2016-1614SUSE bug 963186SUSE bug 963186SUSE bug 963186CVE-2016-1615openSUSE Leap 42.1
The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.
ModerateCVE-2016-1615SUSE bug 963187SUSE bug 963187SUSE bug 963187CVE-2016-1616openSUSE Leap 42.1
The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocused custom button.
ModerateCVE-2016-1616SUSE bug 963188SUSE bug 963188SUSE bug 963188CVE-2016-1617openSUSE Leap 42.1
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report.
ModerateCVE-2016-1617SUSE bug 963189SUSE bug 963189SUSE bug 963189CVE-2016-1618openSUSE Leap 42.1
Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
ModerateCVE-2016-1618SUSE bug 963190SUSE bug 963190SUSE bug 963190CVE-2016-1619openSUSE Leap 42.1
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document.
ModerateCVE-2016-1619SUSE bug 963191SUSE bug 963191SUSE bug 963191CVE-2016-1620openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1620SUSE bug 963192SUSE bug 963192SUSE bug 963192CVE-2016-1622openSUSE Leap 42.1
The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
ImportantCVE-2016-1622SUSE bug 965999CVE-2016-1623openSUSE Leap 42.1
The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp, HTMLFrameOwnerElement.h, LocalFrame.cpp, and WebLocalFrameImpl.cpp.
ImportantCVE-2016-1623SUSE bug 965999CVE-2016-1624openSUSE Leap 42.1
Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.
ImportantCVE-2016-1624SUSE bug 965999SUSE bug 965999SUSE bug 965999SUSE bug 965999CVE-2016-1625openSUSE Leap 42.1
The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page (NTP) navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instant_service.cc and search_tab_helper.cc.
ImportantCVE-2016-1625SUSE bug 965999CVE-2016-1626openSUSE Leap 42.1
The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
ImportantCVE-2016-1626SUSE bug 965999CVE-2016-1627openSUSE Leap 42.1
The Developer Tools (aka DevTools) subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL, related to browser/devtools/devtools_ui_bindings.cc and WebKit/Source/devtools/front_end/Runtime.js.
ImportantCVE-2016-1627SUSE bug 965999CVE-2016-1629openSUSE Leap 42.1
Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.
CriticalCVE-2016-1629SUSE bug 967376SUSE bug 967376CVE-2016-1630openSUSE Leap 42.1
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1630SUSE bug 969333CVE-2016-1631openSUSE Leap 42.1
The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1631SUSE bug 969333CVE-2016-1632openSUSE Leap 42.1
The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h.
ImportantCVE-2016-1632SUSE bug 969333CVE-2016-1633openSUSE Leap 42.1
Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1633SUSE bug 969333CVE-2016-1634openSUSE Leap 42.1
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action.
ImportantCVE-2016-1634SUSE bug 969333CVE-2016-1635openSUSE Leap 42.1
extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1635SUSE bug 969333CVE-2016-1636openSUSE Leap 42.1
The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource.
ImportantCVE-2016-1636SUSE bug 969333CVE-2016-1637openSUSE Leap 42.1
The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain sensitive information via a crafted web site.
ModerateCVE-2016-1637SUSE bug 969333CVE-2016-1638openSUSE Leap 42.1
extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app.
ModerateCVE-2016-1638SUSE bug 969333CVE-2016-1639openSUSE Leap 42.1
Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer.
ModerateCVE-2016-1639SUSE bug 969333CVE-2016-1640openSUSE Leap 42.1
The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing that an installation request originated from the user's next navigation target via a crafted web site.
ModerateCVE-2016-1640SUSE bug 969333CVE-2016-1641openSUSE Leap 42.1
Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as demonstrated by a favicon.ico download.
ModerateCVE-2016-1641SUSE bug 969333CVE-2016-1642openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1642SUSE bug 969333CVE-2016-1643openSUSE Leap 42.1
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
ImportantCVE-2016-1643SUSE bug 970514SUSE bug 970514SUSE bug 970514CVE-2016-1644openSUSE Leap 42.1
WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document.
ImportantCVE-2016-1644SUSE bug 970509SUSE bug 970509SUSE bug 970509CVE-2016-1645openSUSE Leap 42.1
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2016-1645SUSE bug 970511SUSE bug 970511SUSE bug 970511CVE-2016-1646openSUSE Leap 42.1
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-1646SUSE bug 972834SUSE bug 972834SUSE bug 973166CVE-2016-1647openSUSE Leap 42.1
Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1647SUSE bug 972834SUSE bug 972834SUSE bug 973166CVE-2016-1648openSUSE Leap 42.1
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-1648SUSE bug 972834SUSE bug 972834SUSE bug 973166CVE-2016-1649openSUSE Leap 42.1
The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages.
ImportantCVE-2016-1649SUSE bug 972834SUSE bug 972834SUSE bug 973166CVE-2016-1650openSUSE Leap 42.1
The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.
ImportantCVE-2016-1650SUSE bug 972834SUSE bug 972834SUSE bug 973166CVE-2016-1651openSUSE Leap 42.1
fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted JPEG 2000 data in a PDF document.
ImportantCVE-2016-1651SUSE bug 975572CVE-2016-1652openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
ImportantCVE-2016-1652SUSE bug 975572CVE-2016-1653openSUSE Leap 42.1
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc.
ImportantCVE-2016-1653SUSE bug 975572CVE-2016-1654openSUSE Leap 42.1
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors.
ImportantCVE-2016-1654SUSE bug 975572CVE-2016-1655openSUSE Leap 42.1
Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.
ImportantCVE-2016-1655SUSE bug 975572CVE-2016-1656openSUSE Leap 42.1
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.
ImportantCVE-2016-1656SUSE bug 975572CVE-2016-1657openSUSE Leap 42.1
The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL.
ImportantCVE-2016-1657SUSE bug 975572CVE-2016-1658openSUSE Leap 42.1
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.
ImportantCVE-2016-1658SUSE bug 975572CVE-2016-1659openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1659SUSE bug 975572CVE-2016-1660openSUSE Leap 42.1
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
ImportantCVE-2016-1660SUSE bug 977830CVE-2016-1661openSUSE Leap 42.1
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
ImportantCVE-2016-1661SUSE bug 977830CVE-2016-1662openSUSE Leap 42.1
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1662SUSE bug 977830CVE-2016-1663openSUSE Leap 42.1
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
ImportantCVE-2016-1663SUSE bug 977830CVE-2016-1664openSUSE Leap 42.1
The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site.
ImportantCVE-2016-1664SUSE bug 977830CVE-2016-1665openSUSE Leap 42.1
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
ImportantCVE-2016-1665SUSE bug 977830CVE-2016-1666openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1666SUSE bug 977830CVE-2016-1667openSUSE Leap 42.1
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1667SUSE bug 979859SUSE bug 979859SUSE bug 979859CVE-2016-1668openSUSE Leap 42.1
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1668SUSE bug 979859SUSE bug 979859SUSE bug 979859CVE-2016-1669openSUSE Leap 42.1
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-1669SUSE bug 979859SUSE bug 979859SUSE bug 979859SUSE bug 987919SUSE bug 987919SUSE bug 987919SUSE bug 987919SUSE bug 987919SUSE bug 987919CVE-2016-1670openSUSE Leap 42.1
Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.
ImportantCVE-2016-1670SUSE bug 979859SUSE bug 979859SUSE bug 979859CVE-2016-1672openSUSE Leap 42.1
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2016-1672SUSE bug 981886CVE-2016-1673openSUSE Leap 42.1
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2016-1673SUSE bug 981886CVE-2016-1674openSUSE Leap 42.1
The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2016-1674SUSE bug 981886CVE-2016-1675openSUSE Leap 42.1
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.
ImportantCVE-2016-1675SUSE bug 981886CVE-2016-1676openSUSE Leap 42.1
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2016-1676SUSE bug 981886CVE-2016-1677openSUSE Leap 42.1
uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."
ImportantCVE-2016-1677SUSE bug 981886CVE-2016-1678openSUSE Leap 42.1
objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-1678SUSE bug 981886CVE-2016-1679openSUSE Leap 42.1
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-1679SUSE bug 981886CVE-2016-1680openSUSE Leap 42.1
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1680SUSE bug 981886CVE-2016-1681openSUSE Leap 42.1
Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.
ImportantCVE-2016-1681SUSE bug 981886CVE-2016-1682openSUSE Leap 42.1
The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration.
ImportantCVE-2016-1682SUSE bug 981886CVE-2016-1683openSUSE Leap 42.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2016-1683SUSE bug 981886CVE-2016-1684openSUSE Leap 42.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.
ImportantCVE-2016-1684SUSE bug 981886CVE-2016-1685openSUSE Leap 42.1
core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
ImportantCVE-2016-1685SUSE bug 981886CVE-2016-1686openSUSE Leap 42.1
The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
ImportantCVE-2016-1686SUSE bug 981886CVE-2016-1687openSUSE Leap 42.1
The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions.
ImportantCVE-2016-1687SUSE bug 981886CVE-2016-1688openSUSE Leap 42.1
The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.
ImportantCVE-2016-1688SUSE bug 981886CVE-2016-1689openSUSE Leap 42.1
Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
ImportantCVE-2016-1689SUSE bug 981886CVE-2016-1690openSUSE Leap 42.1
The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701.
ImportantCVE-2016-1690SUSE bug 981886CVE-2016-1691openSUSE Leap 42.1
Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp.
ImportantCVE-2016-1691SUSE bug 981886CVE-2016-1692openSUSE Leap 42.1
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1692SUSE bug 981886CVE-2016-1693openSUSE Leap 42.1
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session.
ImportantCVE-2016-1693SUSE bug 981886CVE-2016-1694openSUSE Leap 42.1
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority.
ImportantCVE-2016-1694SUSE bug 981886CVE-2016-1695openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1695SUSE bug 981886CVE-2016-1696openSUSE Leap 42.1
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ImportantCVE-2016-1696SUSE bug 982719CVE-2016-1697openSUSE Leap 42.1
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
ImportantCVE-2016-1697SUSE bug 982719CVE-2016-1698openSUSE Leap 42.1
The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition.
ModerateCVE-2016-1698SUSE bug 982719CVE-2016-1699openSUSE Leap 42.1
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL.
ModerateCVE-2016-1699SUSE bug 982719CVE-2016-1700openSUSE Leap 42.1
extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions.
ModerateCVE-2016-1700SUSE bug 982719CVE-2016-1701openSUSE Leap 42.1
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690.
ModerateCVE-2016-1701SUSE bug 982719CVE-2016-1702openSUSE Leap 42.1
The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.
ModerateCVE-2016-1702SUSE bug 982719CVE-2016-1703openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1703SUSE bug 982719CVE-2016-1704openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1704SUSE bug 985397SUSE bug 985397SUSE bug 985397SUSE bug 985397SUSE bug 985397SUSE bug 985397CVE-2016-1705openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-1705SUSE bug 989901CVE-2016-1706openSUSE Leap 42.1
The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc, and render_frame_message_filter.cc.
ImportantCVE-2016-1706SUSE bug 989901CVE-2016-1707openSUSE Leap 42.1
ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site.
ImportantCVE-2016-1707SUSE bug 989901CVE-2016-1708openSUSE Leap 42.1
The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
ImportantCVE-2016-1708SUSE bug 989901CVE-2016-1709openSUSE Leap 42.1
Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.
ImportantCVE-2016-1709SUSE bug 989901CVE-2016-1710openSUSE Leap 42.1
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1710SUSE bug 989901CVE-2016-1711openSUSE Leap 42.1
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-1711SUSE bug 989901CVE-2016-1714openSUSE Leap 42.1
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
ModerateCVE-2016-1714SUSE bug 961691SUSE bug 961692SUSE bug 961691SUSE bug 961691SUSE bug 961692SUSE bug 961692SUSE bug 961691SUSE bug 961692CVE-2016-1762openSUSE Leap 42.1
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1762SUSE bug 981040SUSE bug 981040SUSE bug 981040SUSE bug 981040SUSE bug 981040SUSE bug 981040SUSE bug 981040CVE-2016-1833openSUSE Leap 42.1
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1833SUSE bug 981108SUSE bug 981108SUSE bug 981108SUSE bug 981108SUSE bug 981108SUSE bug 981108CVE-2016-1834openSUSE Leap 42.1
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
ImportantCVE-2016-1834SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041SUSE bug 981041CVE-2016-1835openSUSE Leap 42.1
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
ModerateCVE-2016-1835SUSE bug 981109SUSE bug 981109SUSE bug 981109SUSE bug 981109SUSE bug 981109CVE-2016-1837openSUSE Leap 42.1
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.
ModerateCVE-2016-1837SUSE bug 981111SUSE bug 981111SUSE bug 981111SUSE bug 981111SUSE bug 981111CVE-2016-1838openSUSE Leap 42.1
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1838SUSE bug 981112SUSE bug 981112SUSE bug 981112SUSE bug 981112SUSE bug 981112CVE-2016-1839openSUSE Leap 42.1
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
ModerateCVE-2016-1839SUSE bug 981114SUSE bug 981114SUSE bug 963963SUSE bug 981114SUSE bug 981114SUSE bug 981114SUSE bug 981114SUSE bug 981114SUSE bug 1039069SUSE bug 1039661SUSE bug 1039661SUSE bug 1039661CVE-2016-1840openSUSE Leap 42.1
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
ModerateCVE-2016-1840SUSE bug 981115SUSE bug 981115SUSE bug 981115SUSE bug 981115SUSE bug 981115SUSE bug 981115SUSE bug 981115CVE-2016-1866openSUSE Leap 42.1
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream.
ModerateCVE-2016-1866SUSE bug 965403SUSE bug 965403SUSE bug 965403SUSE bug 965403SUSE bug 965403CVE-2016-1867openSUSE Leap 42.1
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
ModerateCVE-2016-1867SUSE bug 961886SUSE bug 961886SUSE bug 961886SUSE bug 961886CVE-2016-1897openSUSE Leap 42.1
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.
ImportantCVE-2016-1897SUSE bug 961937SUSE bug 961937SUSE bug 961937SUSE bug 961937CVE-2016-1898openSUSE Leap 42.1
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.
ImportantCVE-2016-1898SUSE bug 961937SUSE bug 961937SUSE bug 961937SUSE bug 961937CVE-2016-1899openSUSE Leap 42.1
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c.
ModerateCVE-2016-1899SUSE bug 961916SUSE bug 961916CVE-2016-1900openSUSE Leap 42.1
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename.
ModerateCVE-2016-1900SUSE bug 961916SUSE bug 961916CVE-2016-1901openSUSE Leap 42.1
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
ModerateCVE-2016-1901SUSE bug 961916SUSE bug 961916CVE-2016-1903openSUSE Leap 42.1
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.
ModerateCVE-2016-1903SUSE bug 962057SUSE bug 962057SUSE bug 962057SUSE bug 962057SUSE bug 962057SUSE bug 962057CVE-2016-1908openSUSE Leap 42.1
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
LowCVE-2016-1908SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 996040SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 1001712SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 1005738SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 962313SUSE bug 1087412SUSE bug 1087412CVE-2016-1922openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer dereference. A user or process could use this flaw to crash the QEMU instance, resulting in DoS issue.
LowCVE-2016-1922SUSE bug 962320SUSE bug 962321SUSE bug 962320SUSE bug 962320SUSE bug 962320SUSE bug 962321SUSE bug 962321SUSE bug 962320SUSE bug 962321SUSE bug 962320CVE-2016-1927openSUSE Leap 42.1
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach.
ModerateCVE-2016-1927SUSE bug 964024SUSE bug 964024CVE-2016-1930openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-1930SUSE bug 963520SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632SUSE bug 963632CVE-2016-1931openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.
CriticalCVE-2016-1931SUSE bug 963633SUSE bug 963633SUSE bug 963633SUSE bug 963633CVE-2016-1933openSUSE Leap 42.1
Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.
ModerateCVE-2016-1933SUSE bug 963634SUSE bug 963634SUSE bug 963634SUSE bug 963634CVE-2016-1935openSUSE Leap 42.1
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
ModerateCVE-2016-1935SUSE bug 963520SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635SUSE bug 963635CVE-2016-1937openSUSE Leap 42.1
The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.
ModerateCVE-2016-1937SUSE bug 963641SUSE bug 963641SUSE bug 963641SUSE bug 963641SUSE bug 963641SUSE bug 977736SUSE bug 977736SUSE bug 963641SUSE bug 977736CVE-2016-1938openSUSE Leap 42.1
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
ModerateCVE-2016-1938SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731SUSE bug 963731CVE-2016-1939openSUSE Leap 42.1
Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208.
CriticalCVE-2016-1939SUSE bug 963637SUSE bug 963637SUSE bug 963637SUSE bug 963637CVE-2016-1942openSUSE Leap 42.1
Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a (1) wyciwyg: URI or (2) resource: URI.
ImportantCVE-2016-1942SUSE bug 963643SUSE bug 963643SUSE bug 963643SUSE bug 963643CVE-2016-1943openSUSE Leap 42.1
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
ImportantCVE-2016-1943SUSE bug 963643SUSE bug 963643SUSE bug 963643SUSE bug 963643CVE-2016-1944openSUSE Leap 42.1
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CriticalCVE-2016-1944SUSE bug 963644SUSE bug 963644SUSE bug 963644SUSE bug 963644CVE-2016-1945openSUSE Leap 42.1
The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.
CriticalCVE-2016-1945SUSE bug 963644SUSE bug 963644SUSE bug 963644SUSE bug 963644CVE-2016-1946openSUSE Leap 42.1
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
CriticalCVE-2016-1946SUSE bug 963644SUSE bug 963644SUSE bug 963644SUSE bug 963644CVE-2016-1947openSUSE Leap 42.1
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
ModerateCVE-2016-1947SUSE bug 963645SUSE bug 963645SUSE bug 963645SUSE bug 963645CVE-2016-1949openSUSE Leap 42.1
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.
ImportantCVE-2016-1949SUSE bug 966438SUSE bug 966438SUSE bug 966438SUSE bug 966438SUSE bug 966438SUSE bug 967087CVE-2016-1950openSUSE Leap 42.1
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
ImportantCVE-2016-1950SUSE bug 970257SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1952openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-1952SUSE bug 969894CVE-2016-1953openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.
ImportantCVE-2016-1953SUSE bug 969894CVE-2016-1954openSUSE Leap 42.1
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
ModerateCVE-2016-1954SUSE bug 969894CVE-2016-1955openSUSE Leap 42.1
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.
ImportantCVE-2016-1955SUSE bug 970381SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970381SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970381SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1956openSUSE Leap 42.1
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.
ImportantCVE-2016-1956SUSE bug 970378SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970378SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970378SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1957openSUSE Leap 42.1
Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
ModerateCVE-2016-1957SUSE bug 969894CVE-2016-1958openSUSE Leap 42.1
browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.
ModerateCVE-2016-1958SUSE bug 969894CVE-2016-1959openSUSE Leap 42.1
The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.
ImportantCVE-2016-1959SUSE bug 970377SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970377SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970377SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1960openSUSE Leap 42.1
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.
ImportantCVE-2016-1960SUSE bug 969894CVE-2016-1961openSUSE Leap 42.1
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.
ImportantCVE-2016-1961SUSE bug 969894CVE-2016-1962openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.
ImportantCVE-2016-1962SUSE bug 969894CVE-2016-1963openSUSE Leap 42.1
The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.
ModerateCVE-2016-1963SUSE bug 969894CVE-2016-1964openSUSE Leap 42.1
Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.
ImportantCVE-2016-1964SUSE bug 969894CVE-2016-1965openSUSE Leap 42.1
Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.
ModerateCVE-2016-1965SUSE bug 969894CVE-2016-1966openSUSE Leap 42.1
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
ModerateCVE-2016-1966SUSE bug 969894CVE-2016-1967openSUSE Leap 42.1
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.
ImportantCVE-2016-1967SUSE bug 970380SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970380SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970380SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1968openSUSE Leap 42.1
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.
ImportantCVE-2016-1968SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1970openSUSE Leap 42.1
Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1970SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1971openSUSE Leap 42.1
The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
ImportantCVE-2016-1971SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1972openSUSE Leap 42.1
Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1972SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1973openSUSE Leap 42.1
Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.
ImportantCVE-2016-1973SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970431SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970431SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1974openSUSE Leap 42.1
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.
ModerateCVE-2016-1974SUSE bug 969894CVE-2016-1975openSUSE Leap 42.1
Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1975SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1976openSUSE Leap 42.1
Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-1976SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970379SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894SUSE bug 970257SUSE bug 970377SUSE bug 970378SUSE bug 970379SUSE bug 970380SUSE bug 970381SUSE bug 970431SUSE bug 970433SUSE bug 969894CVE-2016-1977openSUSE Leap 42.1
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
ImportantCVE-2016-1977SUSE bug 969894CVE-2016-1979openSUSE Leap 42.1
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.
ModerateCVE-2016-1979SUSE bug 969894CVE-2016-1981openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
LowCVE-2016-1981SUSE bug 963782SUSE bug 963783SUSE bug 963783SUSE bug 963782SUSE bug 963783SUSE bug 963782SUSE bug 963782CVE-2016-1982openSUSE Leap 42.1
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
ModerateCVE-2016-1982SUSE bug 963151SUSE bug 963151SUSE bug 963151CVE-2016-1983openSUSE Leap 42.1
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
ModerateCVE-2016-1983SUSE bug 963152SUSE bug 963152SUSE bug 963152CVE-2016-2037openSUSE Leap 42.1
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file.
LowCVE-2016-2037SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 963448SUSE bug 1028410SUSE bug 963448SUSE bug 963448SUSE bug 963448CVE-2016-2038openSUSE Leap 42.1
phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
ModerateCVE-2016-2038SUSE bug 964024SUSE bug 964024CVE-2016-2039openSUSE Leap 42.1
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
ModerateCVE-2016-2039SUSE bug 964024SUSE bug 964024CVE-2016-2040openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) hostname in a Location header.
ModerateCVE-2016-2040SUSE bug 964024SUSE bug 964024CVE-2016-2041openSUSE Leap 42.1
libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences.
ModerateCVE-2016-2041SUSE bug 964024SUSE bug 964024CVE-2016-2042openSUSE Leap 42.1
phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.
ModerateCVE-2016-2042SUSE bug 964024SUSE bug 964024CVE-2016-2043openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page.
ModerateCVE-2016-2043SUSE bug 964024SUSE bug 964024CVE-2016-2047openSUSE Leap 42.1
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com."
ModerateCVE-2016-2047SUSE bug 963806SUSE bug 963806SUSE bug 976341SUSE bug 963806SUSE bug 963806SUSE bug 963806SUSE bug 980904SUSE bug 963806SUSE bug 963806SUSE bug 963806CVE-2016-2052openSUSE Leap 42.1
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
ModerateCVE-2016-2052SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 989564SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436SUSE bug 963436CVE-2016-2053openSUSE Leap 42.1
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.
ModerateCVE-2016-2053SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 979074SUSE bug 963762SUSE bug 979074SUSE bug 979074SUSE bug 963762SUSE bug 979074SUSE bug 990058SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762SUSE bug 963762CVE-2016-2069openSUSE Leap 42.1
Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.
LowCVE-2016-2069SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 963767SUSE bug 870618SUSE bug 870618CVE-2016-2073openSUSE Leap 42.1
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
ModerateCVE-2016-2073SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963SUSE bug 963963CVE-2016-2086openSUSE Leap 42.1
Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
ModerateCVE-2016-2086SUSE bug 966077SUSE bug 966077SUSE bug 966077SUSE bug 966076SUSE bug 966077SUSE bug 966076SUSE bug 966076SUSE bug 966077SUSE bug 966076CVE-2016-2089openSUSE Leap 42.1
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.
LowCVE-2016-2089SUSE bug 963983SUSE bug 963983SUSE bug 963983SUSE bug 963983CVE-2016-2098openSUSE Leap 42.1
Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
ImportantCVE-2016-2098SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 968849SUSE bug 993313CVE-2016-2099openSUSE Leap 42.1
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
ModerateCVE-2016-2099SUSE bug 979208SUSE bug 979208SUSE bug 979208SUSE bug 979208SUSE bug 979208SUSE bug 979208SUSE bug 979208CVE-2016-2105openSUSE Leap 42.1
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
LowCVE-2016-2105SUSE bug 977584SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 978492SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977584SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 989902SUSE bug 990369SUSE bug 990370SUSE bug 991918SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 977614SUSE bug 1025347SUSE bug 977614SUSE bug 977614SUSE bug 977614CVE-2016-2106openSUSE Leap 42.1
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
LowCVE-2016-2106SUSE bug 977584SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 978492SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977584SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 977615SUSE bug 990369SUSE bug 1025347SUSE bug 977615SUSE bug 977615CVE-2016-2107openSUSE Leap 42.1
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
ImportantCVE-2016-2107SUSE bug 977584SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 978492SUSE bug 977616SUSE bug 976942SUSE bug 977584SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 977616SUSE bug 990369SUSE bug 990370CVE-2016-2108openSUSE Leap 42.1
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
ImportantCVE-2016-2108SUSE bug 977584SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 978492SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977584SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 977617SUSE bug 989345SUSE bug 989345SUSE bug 977617SUSE bug 977617SUSE bug 996067SUSE bug 996067SUSE bug 996067SUSE bug 996067SUSE bug 996067SUSE bug 996067SUSE bug 996067SUSE bug 1001502SUSE bug 1001502SUSE bug 977617SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1004499SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1025347SUSE bug 1004499SUSE bug 1004499SUSE bug 1025347SUSE bug 977617SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1004499SUSE bug 1005878SUSE bug 977617SUSE bug 1004499SUSE bug 1004499SUSE bug 977617SUSE bug 1004499SUSE bug 1001502SUSE bug 1004499SUSE bug 1001502SUSE bug 1001502SUSE bug 1001502SUSE bug 1004499SUSE bug 1001502SUSE bug 1004499SUSE bug 1001502CVE-2016-2109openSUSE Leap 42.1
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
ModerateCVE-2016-2109SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 977584SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 978492SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 977584SUSE bug 976942SUSE bug 976942SUSE bug 976942SUSE bug 977584SUSE bug 990369SUSE bug 976942SUSE bug 1015243SUSE bug 1025347CVE-2016-2110openSUSE Leap 42.1
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
ImportantCVE-2016-2110SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973033SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 975276SUSE bug 973031SUSE bug 973033SUSE bug 975276SUSE bug 975276SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 973031SUSE bug 1009711SUSE bug 1009711SUSE bug 1009711SUSE bug 973033SUSE bug 973036CVE-2016-2111openSUSE Leap 42.1
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
ImportantCVE-2016-2111SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 975276SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032SUSE bug 973032CVE-2016-2112openSUSE Leap 42.1
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
ImportantCVE-2016-2112SUSE bug 973033SUSE bug 973031SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973031SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973031SUSE bug 973033SUSE bug 975276SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033SUSE bug 973033CVE-2016-2113openSUSE Leap 42.1
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.
ImportantCVE-2016-2113SUSE bug 973034SUSE bug 973031SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973031SUSE bug 973033SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973031SUSE bug 973033SUSE bug 975276SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973034SUSE bug 973033CVE-2016-2115openSUSE Leap 42.1
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
ImportantCVE-2016-2115SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 975276SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036SUSE bug 973036CVE-2016-2116openSUSE Leap 42.1
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
ModerateCVE-2016-2116SUSE bug 968373SUSE bug 968373SUSE bug 968373SUSE bug 968373CVE-2016-2117openSUSE Leap 42.1
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
ImportantCVE-2016-2117SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 1027179SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697SUSE bug 968697CVE-2016-2118openSUSE Leap 42.1
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
ImportantCVE-2016-2118SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 975276SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 971965SUSE bug 975276SUSE bug 975276SUSE bug 971965SUSE bug 975276SUSE bug 975276SUSE bug 971965SUSE bug 975276SUSE bug 971965SUSE bug 975276SUSE bug 975276SUSE bug 971965SUSE bug 975276SUSE bug 975276SUSE bug 975276SUSE bug 975276SUSE bug 975276SUSE bug 971965SUSE bug 971965CVE-2016-2119openSUSE Leap 42.1
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.
ModerateCVE-2016-2119SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869SUSE bug 986869CVE-2016-2120openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-2120SUSE bug 1018329SUSE bug 1018329SUSE bug 1018329SUSE bug 1018329SUSE bug 1018329CVE-2016-2123openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-2123SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437SUSE bug 1014437CVE-2016-2125openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-2125SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441SUSE bug 1014441CVE-2016-2126openSUSE Leap 42.1
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerberos ticket. A local service with access to the winbindd privileged pipe can cause winbindd to cache elevated access permissions.
ModerateCVE-2016-2126SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442SUSE bug 1014442CVE-2016-2150openSUSE Leap 42.1
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261.
ImportantCVE-2016-2150SUSE bug 982385SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386SUSE bug 982386CVE-2016-2161openSUSE Leap 42.1
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
ModerateCVE-2016-2161SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1033513SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714SUSE bug 1016714CVE-2016-2167openSUSE Leap 42.1
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.
LowCVE-2016-2167SUSE bug 976849SUSE bug 976849SUSE bug 976849SUSE bug 976849SUSE bug 976849SUSE bug 976849SUSE bug 976849CVE-2016-2168openSUSE Leap 42.1
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check.
ImportantCVE-2016-2168SUSE bug 976850SUSE bug 976850SUSE bug 976850SUSE bug 976850SUSE bug 976850SUSE bug 976850SUSE bug 976850CVE-2016-2177openSUSE Leap 42.1
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
ModerateCVE-2016-2177SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 999075SUSE bug 999665SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 999075SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 999075SUSE bug 982575SUSE bug 999665SUSE bug 982575SUSE bug 982575SUSE bug 999665SUSE bug 982575SUSE bug 999075SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575SUSE bug 982575CVE-2016-2178openSUSE Leap 42.1
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
ModerateCVE-2016-2178SUSE bug 983249SUSE bug 983249SUSE bug 983519SUSE bug 983519SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983249SUSE bug 999665SUSE bug 983249SUSE bug 983249SUSE bug 983249SUSE bug 983249SUSE bug 983249SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 999665SUSE bug 983249SUSE bug 983249SUSE bug 999665SUSE bug 983249SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983519SUSE bug 983249SUSE bug 983249CVE-2016-2179openSUSE Leap 42.1
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.
ModerateCVE-2016-2179SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 999665SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 994844SUSE bug 999665SUSE bug 994844SUSE bug 994844SUSE bug 994844CVE-2016-2180openSUSE Leap 42.1
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.
LowCVE-2016-2180SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 999665SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 990419SUSE bug 999665SUSE bug 1003811SUSE bug 990419SUSE bug 990419CVE-2016-2181openSUSE Leap 42.1
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.
ModerateCVE-2016-2181SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 999665SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994844SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 994749SUSE bug 999665SUSE bug 994749SUSE bug 994749SUSE bug 994749CVE-2016-2182openSUSE Leap 42.1
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-2182SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 995959SUSE bug 993819SUSE bug 999665SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 994844SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 999665SUSE bug 993819SUSE bug 993819SUSE bug 999665SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819SUSE bug 993819CVE-2016-2183openSUSE Leap 42.1
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
ModerateCVE-2016-2183SUSE bug 995359SUSE bug 995359SUSE bug 995359SUSE bug 995359SUSE bug 995359SUSE bug 994844SUSE bug 995359SUSE bug 995359SUSE bug 1001912SUSE bug 995359SUSE bug 1001912SUSE bug 995359SUSE bug 995359SUSE bug 995359SUSE bug 995359SUSE bug 1001912SUSE bug 995359SUSE bug 1020747SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 995359SUSE bug 1001912SUSE bug 1024218SUSE bug 995359SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 995359SUSE bug 1027038SUSE bug 1027038SUSE bug 1001912SUSE bug 995359SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1034689SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 995359SUSE bug 1027038SUSE bug 1001912SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 1027038SUSE bug 995359SUSE bug 1027038SUSE bug 1001912SUSE bug 995359SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 1001912SUSE bug 995359SUSE bug 995359SUSE bug 995359CVE-2016-2184openSUSE Leap 42.1
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2184SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125SUSE bug 971125CVE-2016-2185openSUSE Leap 42.1
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2185SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124SUSE bug 971124CVE-2016-2186openSUSE Leap 42.1
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2186SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958SUSE bug 970958CVE-2016-2188openSUSE Leap 42.1
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-2188SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 970956SUSE bug 1067912CVE-2016-2191openSUSE Leap 42.1
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
ModerateCVE-2016-2191SUSE bug 973992SUSE bug 973992SUSE bug 973992CVE-2016-2197openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2016-2197SUSE bug 964411SUSE bug 964411SUSE bug 964411SUSE bug 964411SUSE bug 964411CVE-2016-2198openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS.
LowCVE-2016-2198SUSE bug 964413SUSE bug 964415SUSE bug 964415SUSE bug 964415SUSE bug 964415SUSE bug 964413SUSE bug 964413CVE-2016-2216openSUSE Leap 42.1
The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters in the HTTP header, as demonstrated by %c4%8d%c4%8a.
ModerateCVE-2016-2216SUSE bug 966076SUSE bug 966076SUSE bug 966076SUSE bug 966076SUSE bug 966076SUSE bug 966076SUSE bug 966076SUSE bug 966076CVE-2016-2313openSUSE Leap 42.1
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
ImportantCVE-2016-2313SUSE bug 965930SUSE bug 965930SUSE bug 1022564SUSE bug 1069693CVE-2016-2315openSUSE Leap 42.1
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
ImportantCVE-2016-2315SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328CVE-2016-2317openSUSE Leap 42.1
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
ModerateCVE-2016-2317SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 999673SUSE bug 999673SUSE bug 999673CVE-2016-2318openSUSE Leap 42.1
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
ModerateCVE-2016-2318SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 965853SUSE bug 1047356SUSE bug 1047356SUSE bug 1047356CVE-2016-2324openSUSE Leap 42.1
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
ImportantCVE-2016-2324SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328SUSE bug 971328CVE-2016-2329openSUSE Leap 42.1
libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF file, related to the tiff_decode_tag and decode_frame functions.
ImportantCVE-2016-2329SUSE bug 966674SUSE bug 966674CVE-2016-2335openSUSE Leap 42.1
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
ImportantCVE-2016-2335SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823SUSE bug 979823CVE-2016-2339openSUSE Leap 42.1
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
ModerateCVE-2016-2339SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808SUSE bug 1018808CVE-2016-2342openSUSE Leap 42.1
The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet.
ImportantCVE-2016-2342SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952SUSE bug 970952CVE-2016-2347openSUSE Leap 42.1
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
ModerateCVE-2016-2347SUSE bug 973790SUSE bug 973790SUSE bug 973790CVE-2016-2381openSUSE Leap 42.1
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
ModerateCVE-2016-2381SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 992991SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082SUSE bug 967082CVE-2016-2383openSUSE Leap 42.1
The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions.
ModerateCVE-2016-2383SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684SUSE bug 966684CVE-2016-2384openSUSE Leap 42.1
Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.
ImportantCVE-2016-2384SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 967773SUSE bug 967773SUSE bug 967773SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 967773SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693SUSE bug 966693CVE-2016-2391openSUSE Leap 42.1
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
LowCVE-2016-2391SUSE bug 967013SUSE bug 967101SUSE bug 967101SUSE bug 967012SUSE bug 967012SUSE bug 967012SUSE bug 967101SUSE bug 967013SUSE bug 967013CVE-2016-2392openSUSE Leap 42.1
The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet.
LowCVE-2016-2392SUSE bug 967012SUSE bug 967090SUSE bug 967090SUSE bug 967012SUSE bug 967090SUSE bug 967012SUSE bug 967012SUSE bug 967090SUSE bug 967012SUSE bug 967012CVE-2016-2399openSUSE Leap 42.1
Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom.
ModerateCVE-2016-2399SUSE bug 1022805CVE-2016-2510openSUSE Leap 42.1
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.
CriticalCVE-2016-2510SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593SUSE bug 967593CVE-2016-2516openSUSE Leap 42.1
NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
ImportantCVE-2016-2516SUSE bug 977446SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 977452SUSE bug 0SUSE bug 977452SUSE bug 977446SUSE bug 977452SUSE bug 977452CVE-2016-2517openSUSE Leap 42.1
NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.
ModerateCVE-2016-2517SUSE bug 977446SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 977455SUSE bug 0SUSE bug 977455SUSE bug 977446SUSE bug 977455SUSE bug 977455CVE-2016-2518openSUSE Leap 42.1
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
ModerateCVE-2016-2518SUSE bug 977446SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977457SUSE bug 977446SUSE bug 977457SUSE bug 977457SUSE bug 977457CVE-2016-2519openSUSE Leap 42.1
ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
ModerateCVE-2016-2519SUSE bug 977446SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 977458SUSE bug 959243SUSE bug 977458SUSE bug 959243SUSE bug 977458SUSE bug 0SUSE bug 977458SUSE bug 977446SUSE bug 977458SUSE bug 977458CVE-2016-2523openSUSE Leap 42.1
The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-2523SUSE bug 968565SUSE bug 968565SUSE bug 968565CVE-2016-2530openSUSE Leap 42.1
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet, a different vulnerability than CVE-2016-2531.
ModerateCVE-2016-2530SUSE bug 968565SUSE bug 968565SUSE bug 968565CVE-2016-2531openSUSE Leap 42.1
Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that triggers a 0xff tag value, a different vulnerability than CVE-2016-2530.
ModerateCVE-2016-2531SUSE bug 968565SUSE bug 968565SUSE bug 968565CVE-2016-2532openSUSE Leap 42.1
The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.
ModerateCVE-2016-2532SUSE bug 968565SUSE bug 968565SUSE bug 968565CVE-2016-2538openSUSE Leap 42.1
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function.
LowCVE-2016-2538SUSE bug 967969SUSE bug 968004SUSE bug 968004SUSE bug 967969SUSE bug 968004SUSE bug 967969SUSE bug 967969SUSE bug 968004SUSE bug 967969SUSE bug 967969CVE-2016-2554openSUSE Leap 42.1
Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive.
ModerateCVE-2016-2554SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 968284SUSE bug 980366CVE-2016-2560openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Host HTTP header, related to libraries/Config.class.php; (2) crafted JSON data, related to file_echo.php; (3) a crafted SQL query, related to js/functions.js; (4) the initial parameter to libraries/server_privileges.lib.php in the user accounts page; or (5) the it parameter to libraries/controllers/TableSearchController.class.php in the zoom search page.
ModerateCVE-2016-2560SUSE bug 968938SUSE bug 968938CVE-2016-2561openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the database normalization page, (3) templates/database/structure/sortable_header.phtml in the database structure page, or (4) the pos parameter to db_central_columns.php in the central columns page.
ModerateCVE-2016-2561SUSE bug 968941SUSE bug 968941CVE-2016-2563openSUSE Leap 42.1
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request.
ImportantCVE-2016-2563SUSE bug 981407SUSE bug 981407CVE-2016-2569openSUSE Leap 42.1
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.
ModerateCVE-2016-2569SUSE bug 968392SUSE bug 968392SUSE bug 968393SUSE bug 968392SUSE bug 968393SUSE bug 968392SUSE bug 968393SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392SUSE bug 968392CVE-2016-2570openSUSE Leap 42.1
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h.
ModerateCVE-2016-2570SUSE bug 968393SUSE bug 968392SUSE bug 968393SUSE bug 968392SUSE bug 968393SUSE bug 968392SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968393SUSE bug 968392CVE-2016-2571openSUSE Leap 42.1
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
ModerateCVE-2016-2571SUSE bug 968394SUSE bug 968394SUSE bug 968395SUSE bug 968394SUSE bug 968394SUSE bug 968395SUSE bug 968394SUSE bug 968394SUSE bug 968394SUSE bug 968394SUSE bug 968394SUSE bug 968394SUSE bug 968394SUSE bug 968394CVE-2016-2572openSUSE Leap 42.1
http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
ModerateCVE-2016-2572SUSE bug 968395SUSE bug 968395SUSE bug 968394SUSE bug 968395SUSE bug 968394SUSE bug 968394SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395SUSE bug 968395CVE-2016-2774openSUSE Leap 42.1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
ModerateCVE-2016-2774SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820SUSE bug 969820CVE-2016-2775openSUSE Leap 42.1
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
ModerateCVE-2016-2775SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528SUSE bug 989528CVE-2016-2776openSUSE Leap 42.1
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
CriticalCVE-2016-2776SUSE bug 1000362SUSE bug 1000362SUSE bug 1000362SUSE bug 1000362SUSE bug 1000362SUSE bug 1001595SUSE bug 1001597SUSE bug 1000362SUSE bug 1001597SUSE bug 1001597SUSE bug 1001597SUSE bug 1000362SUSE bug 1001597SUSE bug 1007829SUSE bug 1001597SUSE bug 1001597SUSE bug 1000362SUSE bug 1000362SUSE bug 1001597SUSE bug 1000362SUSE bug 1001597SUSE bug 1000362CVE-2016-2790openSUSE Leap 42.1
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
ImportantCVE-2016-2790SUSE bug 969894CVE-2016-2791openSUSE Leap 42.1
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2791SUSE bug 969894CVE-2016-2792openSUSE Leap 42.1
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.
ImportantCVE-2016-2792SUSE bug 969894CVE-2016-2793openSUSE Leap 42.1
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2793SUSE bug 969894CVE-2016-2794openSUSE Leap 42.1
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2794SUSE bug 969894CVE-2016-2795openSUSE Leap 42.1
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
ImportantCVE-2016-2795SUSE bug 969894CVE-2016-2796openSUSE Leap 42.1
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2796SUSE bug 969894CVE-2016-2797openSUSE Leap 42.1
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.
ImportantCVE-2016-2797SUSE bug 969894CVE-2016-2798openSUSE Leap 42.1
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2798SUSE bug 969894CVE-2016-2799openSUSE Leap 42.1
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2799SUSE bug 969894CVE-2016-2800openSUSE Leap 42.1
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.
ImportantCVE-2016-2800SUSE bug 969894CVE-2016-2801openSUSE Leap 42.1
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.
ImportantCVE-2016-2801SUSE bug 969894CVE-2016-2802openSUSE Leap 42.1
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
ImportantCVE-2016-2802SUSE bug 969894CVE-2016-2804openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2804SUSE bug 977373SUSE bug 977373SUSE bug 977373SUSE bug 977373SUSE bug 977373CVE-2016-2806openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2806SUSE bug 977375SUSE bug 977375SUSE bug 977375SUSE bug 977375SUSE bug 977375SUSE bug 977375SUSE bug 977375SUSE bug 977375CVE-2016-2807openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2807SUSE bug 977333SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376SUSE bug 977376CVE-2016-2808openSUSE Leap 42.1
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.
ImportantCVE-2016-2808SUSE bug 977333SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386SUSE bug 977386CVE-2016-2811openSUSE Leap 42.1
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.
ImportantCVE-2016-2811SUSE bug 977379SUSE bug 977379SUSE bug 977379SUSE bug 977379SUSE bug 977379CVE-2016-2812openSUSE Leap 42.1
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.
ImportantCVE-2016-2812SUSE bug 977379SUSE bug 977379SUSE bug 977379SUSE bug 977379SUSE bug 977379CVE-2016-2814openSUSE Leap 42.1
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
ImportantCVE-2016-2814SUSE bug 977333SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381SUSE bug 977381CVE-2016-2815openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2815SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983549SUSE bug 983638SUSE bug 983638CVE-2016-2816openSUSE Leap 42.1
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
ModerateCVE-2016-2816SUSE bug 977382SUSE bug 977382SUSE bug 977382SUSE bug 977382SUSE bug 977382CVE-2016-2817openSUSE Leap 42.1
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
ModerateCVE-2016-2817SUSE bug 977384SUSE bug 977384SUSE bug 977384SUSE bug 977384SUSE bug 977384SUSE bug 977384CVE-2016-2818openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2818SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983638SUSE bug 983549SUSE bug 983638SUSE bug 983638CVE-2016-2819openSUSE Leap 42.1
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
ImportantCVE-2016-2819SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983655SUSE bug 983549SUSE bug 983655SUSE bug 983655SUSE bug 983655CVE-2016-2820openSUSE Leap 42.1
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
ModerateCVE-2016-2820SUSE bug 977388SUSE bug 977388SUSE bug 977388SUSE bug 977388SUSE bug 977388SUSE bug 977388CVE-2016-2821openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
ImportantCVE-2016-2821SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983653SUSE bug 983549SUSE bug 983653SUSE bug 983653SUSE bug 983653CVE-2016-2822openSUSE Leap 42.1
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.
ModerateCVE-2016-2822SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983652SUSE bug 983549SUSE bug 983652SUSE bug 983652SUSE bug 983652CVE-2016-2824openSUSE Leap 42.1
The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.
ImportantCVE-2016-2824SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983651SUSE bug 983549SUSE bug 983651CVE-2016-2825openSUSE Leap 42.1
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
ModerateCVE-2016-2825SUSE bug 983649SUSE bug 983649SUSE bug 983649SUSE bug 983549SUSE bug 983649CVE-2016-2827openSUSE Leap 42.1
The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.
CriticalCVE-2016-2827SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-2828openSUSE Leap 42.1
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
ImportantCVE-2016-2828SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983646SUSE bug 983549SUSE bug 983646SUSE bug 983646SUSE bug 983646CVE-2016-2829openSUSE Leap 42.1
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.
ModerateCVE-2016-2829SUSE bug 983644SUSE bug 983644SUSE bug 983644SUSE bug 983549SUSE bug 983644CVE-2016-2830openSUSE Leap 42.1
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
ImportantCVE-2016-2830SUSE bug 983922SUSE bug 983922SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 983922SUSE bug 991809SUSE bug 983922SUSE bug 991809SUSE bug 983922SUSE bug 983922SUSE bug 991809SUSE bug 991809SUSE bug 983922SUSE bug 991809CVE-2016-2831openSUSE Leap 42.1
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
ImportantCVE-2016-2831SUSE bug 983632SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983643SUSE bug 983549SUSE bug 983643SUSE bug 983643SUSE bug 983643CVE-2016-2832openSUSE Leap 42.1
Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.
ModerateCVE-2016-2832SUSE bug 983632SUSE bug 983632SUSE bug 983632SUSE bug 983549SUSE bug 983632CVE-2016-2833openSUSE Leap 42.1
Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.
ImportantCVE-2016-2833SUSE bug 983640SUSE bug 983640SUSE bug 983640SUSE bug 983549SUSE bug 983640CVE-2016-2834openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-2834SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983549SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639SUSE bug 983639CVE-2016-2835openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ImportantCVE-2016-2835SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-2836openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.
ImportantCVE-2016-2836SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-2837openSUSE Leap 42.1
Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.
ImportantCVE-2016-2837SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-2838openSUSE Leap 42.1
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
ImportantCVE-2016-2838SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-2839openSUSE Leap 42.1
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.
ImportantCVE-2016-2839SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-2841openSUSE Leap 42.1
The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.
LowCVE-2016-2841SUSE bug 969350SUSE bug 969351SUSE bug 969350SUSE bug 969351SUSE bug 969351SUSE bug 969350SUSE bug 969350SUSE bug 969351SUSE bug 969350SUSE bug 969351SUSE bug 969350SUSE bug 969350CVE-2016-2847openSUSE Leap 42.1
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
ModerateCVE-2016-2847SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 974646SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948SUSE bug 970948CVE-2016-2851openSUSE Leap 42.1
Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
ImportantCVE-2016-2851SUSE bug 969785SUSE bug 969785SUSE bug 969785SUSE bug 969785SUSE bug 969785SUSE bug 969785SUSE bug 969785SUSE bug 969785CVE-2016-2857openSUSE Leap 42.1
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
ModerateCVE-2016-2857SUSE bug 970037SUSE bug 970037SUSE bug 970037SUSE bug 970037SUSE bug 970037SUSE bug 970037CVE-2016-2858openSUSE Leap 42.1
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
ModerateCVE-2016-2858SUSE bug 970036SUSE bug 970036SUSE bug 970036SUSE bug 970036SUSE bug 970036SUSE bug 970036CVE-2016-3062openSUSE Leap 42.1
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
ImportantCVE-2016-3062SUSE bug 984487SUSE bug 984487SUSE bug 984487SUSE bug 984487CVE-2016-3068openSUSE Leap 42.1
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
ImportantCVE-2016-3068SUSE bug 973177SUSE bug 973175SUSE bug 973177SUSE bug 973177SUSE bug 973177SUSE bug 973177SUSE bug 973177CVE-2016-3069openSUSE Leap 42.1
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
ImportantCVE-2016-3069SUSE bug 973176SUSE bug 973175SUSE bug 973176SUSE bug 973176SUSE bug 973176SUSE bug 973176CVE-2016-3075openSUSE Leap 42.1
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
ModerateCVE-2016-3075SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164SUSE bug 973164CVE-2016-3092openSUSE Leap 42.1
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
ModerateCVE-2016-3092SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 988489SUSE bug 986359SUSE bug 988489SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 986359SUSE bug 1068865CVE-2016-3100openSUSE Leap 42.1
kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.
ImportantCVE-2016-3100SUSE bug 983926SUSE bug 983926SUSE bug 983926SUSE bug 983926SUSE bug 983926SUSE bug 983926SUSE bug 983926CVE-2016-3105openSUSE Leap 42.1
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.
ImportantCVE-2016-3105SUSE bug 978391SUSE bug 978391SUSE bug 978391SUSE bug 978391SUSE bug 978391CVE-2016-3115openSUSE Leap 42.1
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
ModerateCVE-2016-3115SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 992296SUSE bug 992296SUSE bug 970632SUSE bug 992296SUSE bug 992991SUSE bug 992296SUSE bug 970632SUSE bug 996040SUSE bug 992296SUSE bug 992296SUSE bug 970632SUSE bug 992296SUSE bug 996040SUSE bug 970632SUSE bug 996040SUSE bug 970632SUSE bug 992296SUSE bug 970632SUSE bug 996040SUSE bug 970632SUSE bug 996040SUSE bug 992296SUSE bug 970632SUSE bug 970632SUSE bug 996040SUSE bug 970632SUSE bug 996040SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 1005738SUSE bug 970632SUSE bug 992296SUSE bug 970632SUSE bug 992296SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 970632SUSE bug 992296SUSE bug 970632SUSE bug 992296SUSE bug 970632SUSE bug 1087412SUSE bug 1087412CVE-2016-3116openSUSE Leap 42.1
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.
ModerateCVE-2016-3116SUSE bug 970633SUSE bug 970633SUSE bug 970633SUSE bug 970633SUSE bug 970633CVE-2016-3119openSUSE Leap 42.1
The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
LowCVE-2016-3119SUSE bug 971942SUSE bug 971942SUSE bug 971942SUSE bug 971942SUSE bug 971942SUSE bug 971942CVE-2016-3120openSUSE Leap 42.1
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.
LowCVE-2016-3120SUSE bug 991088SUSE bug 991088SUSE bug 991088SUSE bug 991088CVE-2016-3125openSUSE Leap 42.1
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
ModerateCVE-2016-3125SUSE bug 970890SUSE bug 970890SUSE bug 970890SUSE bug 970890SUSE bug 970890CVE-2016-3134openSUSE Leap 42.1
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
ImportantCVE-2016-3134SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 986362SUSE bug 986362SUSE bug 986365SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971793SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 971126SUSE bug 1052256SUSE bug 1052256SUSE bug 1052256SUSE bug 971793CVE-2016-3136openSUSE Leap 42.1
The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.
ModerateCVE-2016-3136SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955SUSE bug 970955CVE-2016-3137openSUSE Leap 42.1
drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.
ModerateCVE-2016-3137SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970SUSE bug 970970CVE-2016-3138openSUSE Leap 42.1
The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.
ModerateCVE-2016-3138SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970970SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911SUSE bug 970911CVE-2016-3140openSUSE Leap 42.1
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
ModerateCVE-2016-3140SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892SUSE bug 970892CVE-2016-3141openSUSE Leap 42.1
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
ImportantCVE-2016-3141SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 980366SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821SUSE bug 969821CVE-2016-3142openSUSE Leap 42.1
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
ModerateCVE-2016-3142SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 971912SUSE bug 980366SUSE bug 971912CVE-2016-3156openSUSE Leap 42.1
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
LowCVE-2016-3156SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360SUSE bug 971360CVE-2016-3158openSUSE Leap 42.1
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
LowCVE-2016-3158SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188CVE-2016-3159openSUSE Leap 42.1
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
LowCVE-2016-3159SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188SUSE bug 973188CVE-2016-3172openSUSE Leap 42.1
SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.
ImportantCVE-2016-3172SUSE bug 971357SUSE bug 971357SUSE bug 974013SUSE bug 971357SUSE bug 971357CVE-2016-3185openSUSE Leap 42.1
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
ModerateCVE-2016-3185SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 973351SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 971611SUSE bug 980366SUSE bug 971611CVE-2016-3186openSUSE Leap 42.1
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
ModerateCVE-2016-3186SUSE bug 973340SUSE bug 973340SUSE bug 973340SUSE bug 973340SUSE bug 983268SUSE bug 973340SUSE bug 973340SUSE bug 973340SUSE bug 973340CVE-2016-3191openSUSE Leap 42.1
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.
ImportantCVE-2016-3191SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741SUSE bug 971741CVE-2016-3425openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
ImportantCVE-2016-3425SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252CVE-2016-3426openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
ImportantCVE-2016-3426SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252CVE-2016-3427openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
ImportantCVE-2016-3427SUSE bug 976340SUSE bug 976340SUSE bug 976340SUSE bug 979252SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805CVE-2016-3458openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
ModerateCVE-2016-3458SUSE bug 989732SUSE bug 989732SUSE bug 989732SUSE bug 989732SUSE bug 989732SUSE bug 989732SUSE bug 989732CVE-2016-3459openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.
ModerateCVE-2016-3459SUSE bug 989911SUSE bug 989911SUSE bug 989911CVE-2016-3477openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser.
ImportantCVE-2016-3477SUSE bug 989913SUSE bug 989913SUSE bug 991616SUSE bug 989913SUSE bug 989913SUSE bug 989913SUSE bug 989913SUSE bug 989913CVE-2016-3485openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
LowCVE-2016-3485SUSE bug 989734SUSE bug 989734SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280CVE-2016-3486openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.
ImportantCVE-2016-3486SUSE bug 989914SUSE bug 989914SUSE bug 989914CVE-2016-3492openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
ImportantCVE-2016-3492SUSE bug 1005555SUSE bug 1005555SUSE bug 1005555SUSE bug 1005555SUSE bug 1008318SUSE bug 1005555CVE-2016-3498openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX.
ModerateCVE-2016-3498SUSE bug 989729SUSE bug 989729SUSE bug 989729SUSE bug 989729SUSE bug 989729SUSE bug 989729CVE-2016-3500openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
ModerateCVE-2016-3500SUSE bug 989730SUSE bug 989730SUSE bug 989730SUSE bug 989730SUSE bug 989730SUSE bug 989730CVE-2016-3501openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
ImportantCVE-2016-3501SUSE bug 989915SUSE bug 989915SUSE bug 989915CVE-2016-3503openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
ImportantCVE-2016-3503SUSE bug 989728SUSE bug 989728SUSE bug 989728SUSE bug 989728SUSE bug 989728SUSE bug 989728CVE-2016-3508openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
ModerateCVE-2016-3508SUSE bug 989731SUSE bug 989731SUSE bug 989731SUSE bug 989731SUSE bug 989731SUSE bug 989731CVE-2016-3511openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.
ImportantCVE-2016-3511SUSE bug 989727SUSE bug 989727SUSE bug 1009280SUSE bug 1009280SUSE bug 989727SUSE bug 1009280SUSE bug 1009280SUSE bug 989727SUSE bug 989727SUSE bug 1009280SUSE bug 989727CVE-2016-3521openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
ImportantCVE-2016-3521SUSE bug 989919SUSE bug 989919SUSE bug 991616SUSE bug 989919SUSE bug 989919SUSE bug 989919SUSE bug 989919SUSE bug 989919CVE-2016-3550openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
ModerateCVE-2016-3550SUSE bug 989733SUSE bug 989733SUSE bug 989733SUSE bug 989733SUSE bug 989733SUSE bug 989733CVE-2016-3552openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
ImportantCVE-2016-3552SUSE bug 989726SUSE bug 989726CVE-2016-3587openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CriticalCVE-2016-3587SUSE bug 989721SUSE bug 989721SUSE bug 989721SUSE bug 989721SUSE bug 998845CVE-2016-3598openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
CriticalCVE-2016-3598SUSE bug 989723SUSE bug 989723SUSE bug 989723SUSE bug 989723SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280CVE-2016-3606openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CriticalCVE-2016-3606SUSE bug 989722SUSE bug 989722SUSE bug 989722SUSE bug 989722SUSE bug 989722SUSE bug 989722SUSE bug 989722CVE-2016-3610openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
CriticalCVE-2016-3610SUSE bug 989725SUSE bug 989725SUSE bug 989725CVE-2016-3614openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.
ModerateCVE-2016-3614SUSE bug 989921SUSE bug 989921SUSE bug 989921CVE-2016-3615openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
ImportantCVE-2016-3615SUSE bug 989922SUSE bug 989922SUSE bug 991616SUSE bug 989922SUSE bug 989922SUSE bug 989922SUSE bug 989922SUSE bug 989922CVE-2016-3622openSUSE Leap 42.1
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
LowCVE-2016-3622SUSE bug 974449SUSE bug 974449SUSE bug 974449SUSE bug 974449SUSE bug 974449SUSE bug 974449CVE-2016-3623openSUSE Leap 42.1
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
LowCVE-2016-3623SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974617SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618SUSE bug 974618CVE-2016-3627openSUSE Leap 42.1
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
ModerateCVE-2016-3627SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 975947SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 972335SUSE bug 975947SUSE bug 972335SUSE bug 972335SUSE bug 1026099SUSE bug 1026101SUSE bug 972335CVE-2016-3630openSUSE Leap 42.1
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
ImportantCVE-2016-3630SUSE bug 973175SUSE bug 973175SUSE bug 973175SUSE bug 973175SUSE bug 973175CVE-2016-3658openSUSE Leap 42.1
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
LowCVE-2016-3658SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840SUSE bug 974840CVE-2016-3659openSUSE Leap 42.1
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.
ImportantCVE-2016-3659SUSE bug 974013SUSE bug 974013SUSE bug 974013SUSE bug 974013CVE-2016-3672openSUSE Leap 42.1
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.
LowCVE-2016-3672SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 974308SUSE bug 990058SUSE bug 974308SUSE bug 974308SUSE bug 974308CVE-2016-3679openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-3679SUSE bug 973166SUSE bug 972834SUSE bug 973166CVE-2016-3689openSUSE Leap 42.1
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
ModerateCVE-2016-3689SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628SUSE bug 971628CVE-2016-3705openSUSE Leap 42.1
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
ModerateCVE-2016-3705SUSE bug 975947SUSE bug 975947SUSE bug 975947SUSE bug 975947SUSE bug 975947SUSE bug 975947SUSE bug 975947SUSE bug 975947CVE-2016-3706openSUSE Leap 42.1
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
ModerateCVE-2016-3706SUSE bug 980483SUSE bug 980483SUSE bug 980483SUSE bug 980483SUSE bug 980483SUSE bug 997423SUSE bug 980483SUSE bug 997423SUSE bug 980483SUSE bug 997423CVE-2016-3710openSUSE Leap 42.1
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
ImportantCVE-2016-3710SUSE bug 978158SUSE bug 978164SUSE bug 978158SUSE bug 978164SUSE bug 978158SUSE bug 978164SUSE bug 978167SUSE bug 978164SUSE bug 978158SUSE bug 978158SUSE bug 978164SUSE bug 978164CVE-2016-3712openSUSE Leap 42.1
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
ModerateCVE-2016-3712SUSE bug 978160SUSE bug 978167SUSE bug 978160SUSE bug 978164SUSE bug 978167SUSE bug 978160SUSE bug 978164SUSE bug 978167SUSE bug 978164SUSE bug 978160SUSE bug 978160SUSE bug 978160SUSE bug 978160SUSE bug 978164SUSE bug 978164CVE-2016-3714openSUSE Leap 42.1
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
ImportantCVE-2016-3714SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 982178SUSE bug 982178SUSE bug 982178SUSE bug 982178CVE-2016-3715openSUSE Leap 42.1
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
ImportantCVE-2016-3715SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061CVE-2016-3716openSUSE Leap 42.1
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
ImportantCVE-2016-3716SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061CVE-2016-3717openSUSE Leap 42.1
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
ImportantCVE-2016-3717SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061CVE-2016-3718openSUSE Leap 42.1
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
ImportantCVE-2016-3718SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061SUSE bug 978061CVE-2016-3945openSUSE Leap 42.1
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
LowCVE-2016-3945SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614SUSE bug 974614CVE-2016-3947openSUSE Leap 42.1
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
ModerateCVE-2016-3947SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782SUSE bug 973782CVE-2016-3948openSUSE Leap 42.1
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
ModerateCVE-2016-3948SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783SUSE bug 973783CVE-2016-3951openSUSE Leap 42.1
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
ModerateCVE-2016-3951SUSE bug 974418SUSE bug 974418SUSE bug 974418SUSE bug 974418SUSE bug 974418SUSE bug 974418SUSE bug 974418SUSE bug 974418CVE-2016-3955openSUSE Leap 42.1
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
CriticalCVE-2016-3955SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945SUSE bug 975945CVE-2016-3959openSUSE Leap 42.1
The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries.
ModerateCVE-2016-3959SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232SUSE bug 974232CVE-2016-3960openSUSE Leap 42.1
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
ModerateCVE-2016-3960SUSE bug 974038SUSE bug 974038SUSE bug 974038SUSE bug 974038SUSE bug 974038SUSE bug 974038SUSE bug 974038SUSE bug 974038CVE-2016-3977openSUSE Leap 42.1
Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
ModerateCVE-2016-3977SUSE bug 974847SUSE bug 974847SUSE bug 974847SUSE bug 974847CVE-2016-3981openSUSE Leap 42.1
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
ModerateCVE-2016-3981SUSE bug 973992CVE-2016-3982openSUSE Leap 42.1
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
ModerateCVE-2016-3982SUSE bug 973992CVE-2016-3990openSUSE Leap 42.1
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
LowCVE-2016-3990SUSE bug 975069SUSE bug 975069SUSE bug 975069CVE-2016-3991openSUSE Leap 42.1
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
LowCVE-2016-3991SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070SUSE bug 975070CVE-2016-3992openSUSE Leap 42.1
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in /tmp.
ModerateCVE-2016-3992SUSE bug 974845SUSE bug 974845CVE-2016-4001openSUSE Leap 42.1
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.
ModerateCVE-2016-4001SUSE bug 975128SUSE bug 975130SUSE bug 975128SUSE bug 975128SUSE bug 975128SUSE bug 975128SUSE bug 975128SUSE bug 975130SUSE bug 975130SUSE bug 975128CVE-2016-4002openSUSE Leap 42.1
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
ModerateCVE-2016-4002SUSE bug 975136SUSE bug 975138SUSE bug 975136SUSE bug 975136SUSE bug 975136SUSE bug 975136SUSE bug 975136SUSE bug 975138SUSE bug 975138SUSE bug 975136CVE-2016-4007openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."
ImportantCVE-2016-4007SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265SUSE bug 967265CVE-2016-4008openSUSE Leap 42.1
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
ModerateCVE-2016-4008SUSE bug 982779SUSE bug 982779SUSE bug 982779SUSE bug 982779SUSE bug 982779SUSE bug 982779SUSE bug 982779SUSE bug 982779CVE-2016-4020openSUSE Leap 42.1
The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
LowCVE-2016-4020SUSE bug 975700SUSE bug 975700SUSE bug 975907SUSE bug 975700SUSE bug 975700SUSE bug 975700SUSE bug 975907SUSE bug 975907SUSE bug 975700CVE-2016-4037openSUSE Leap 42.1
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
LowCVE-2016-4037SUSE bug 959005SUSE bug 959006SUSE bug 976109SUSE bug 976111SUSE bug 976109SUSE bug 959005SUSE bug 959006SUSE bug 976111SUSE bug 976109SUSE bug 976111SUSE bug 976111SUSE bug 976109CVE-2016-4049openSUSE Leap 42.1
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
ModerateCVE-2016-4049SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012SUSE bug 977012CVE-2016-4051openSUSE Leap 42.1
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
ImportantCVE-2016-4051SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553SUSE bug 976553CVE-2016-4052openSUSE Leap 42.1
Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
ImportantCVE-2016-4052SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556CVE-2016-4053openSUSE Leap 42.1
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
ImportantCVE-2016-4053SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556CVE-2016-4054openSUSE Leap 42.1
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
ImportantCVE-2016-4054SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556SUSE bug 976556CVE-2016-4069openSUSE Leap 42.1
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
ModerateCVE-2016-4069SUSE bug 976988SUSE bug 976988SUSE bug 976988SUSE bug 976988SUSE bug 976988CVE-2016-4070openSUSE Leap 42.1
** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)."
LowCVE-2016-4070SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 976997SUSE bug 980366SUSE bug 976997CVE-2016-4071openSUSE Leap 42.1
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
ImportantCVE-2016-4071SUSE bug 977000SUSE bug 977000SUSE bug 977000SUSE bug 977000SUSE bug 977000SUSE bug 977000CVE-2016-4073openSUSE Leap 42.1
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.
ImportantCVE-2016-4073SUSE bug 977003SUSE bug 977003SUSE bug 977003SUSE bug 977003SUSE bug 977003SUSE bug 977003SUSE bug 980366CVE-2016-4300openSUSE Leap 42.1
Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.
ImportantCVE-2016-4300SUSE bug 985832SUSE bug 985832SUSE bug 985832SUSE bug 985832SUSE bug 985832SUSE bug 985832CVE-2016-4301openSUSE Leap 42.1
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
ImportantCVE-2016-4301SUSE bug 985826SUSE bug 985826SUSE bug 985826SUSE bug 985826SUSE bug 985826SUSE bug 985826SUSE bug 985826CVE-2016-4302openSUSE Leap 42.1
Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.
ImportantCVE-2016-4302SUSE bug 985835SUSE bug 985835SUSE bug 985835SUSE bug 985835SUSE bug 985835SUSE bug 985835SUSE bug 985835CVE-2016-4303openSUSE Leap 42.1
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.
ModerateCVE-2016-4303SUSE bug 984453SUSE bug 984453SUSE bug 984453SUSE bug 984453CVE-2016-4324openSUSE Leap 42.1
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
ImportantCVE-2016-4324SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553SUSE bug 987553CVE-2016-4342openSUSE Leap 42.1
ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive.
ImportantCVE-2016-4342SUSE bug 977991SUSE bug 977991SUSE bug 977991SUSE bug 977991SUSE bug 977991SUSE bug 977991SUSE bug 977991SUSE bug 980366SUSE bug 977991SUSE bug 977991CVE-2016-4346openSUSE Leap 42.1
Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.
ModerateCVE-2016-4346SUSE bug 977993SUSE bug 977994SUSE bug 977995SUSE bug 977994SUSE bug 977994SUSE bug 977994SUSE bug 977994SUSE bug 977994SUSE bug 977994SUSE bug 980366SUSE bug 977994SUSE bug 977994SUSE bug 977994SUSE bug 977994CVE-2016-4348openSUSE Leap 42.1
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
LowCVE-2016-4348SUSE bug 977986SUSE bug 977986SUSE bug 977986SUSE bug 977986CVE-2016-4414openSUSE Leap 42.1
The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
LowCVE-2016-4414SUSE bug 978002SUSE bug 978002SUSE bug 978002SUSE bug 978002SUSE bug 978002SUSE bug 978002CVE-2016-4429openSUSE Leap 42.1
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
ModerateCVE-2016-4429SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 980854SUSE bug 1081556SUSE bug 980854CVE-2016-4439openSUSE Leap 42.1
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.
ModerateCVE-2016-4439SUSE bug 980711SUSE bug 980716SUSE bug 980711SUSE bug 980716SUSE bug 980711SUSE bug 980711SUSE bug 980716SUSE bug 980716SUSE bug 980716CVE-2016-4441openSUSE Leap 42.1
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
ModerateCVE-2016-4441SUSE bug 980723SUSE bug 980724SUSE bug 980723SUSE bug 980724SUSE bug 980723SUSE bug 980724SUSE bug 980723SUSE bug 980723SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724SUSE bug 980724CVE-2016-4447openSUSE Leap 42.1
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
ModerateCVE-2016-4447SUSE bug 981548SUSE bug 981548SUSE bug 981548SUSE bug 981548SUSE bug 981548SUSE bug 981548CVE-2016-4448openSUSE Leap 42.1
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
ImportantCVE-2016-4448SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 981549SUSE bug 1010299SUSE bug 1010299SUSE bug 1010299CVE-2016-4449openSUSE Leap 42.1
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
ModerateCVE-2016-4449SUSE bug 981550SUSE bug 981550SUSE bug 981550SUSE bug 981550SUSE bug 981550SUSE bug 981550CVE-2016-4450openSUSE Leap 42.1
os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.
ModerateCVE-2016-4450SUSE bug 982484SUSE bug 982505SUSE bug 982507SUSE bug 982505SUSE bug 982507SUSE bug 982484SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505SUSE bug 982505CVE-2016-4453openSUSE Leap 42.1
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
LowCVE-2016-4453SUSE bug 982223SUSE bug 982225SUSE bug 982223SUSE bug 982223SUSE bug 982225SUSE bug 982223SUSE bug 982225CVE-2016-4454openSUSE Leap 42.1
The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.
LowCVE-2016-4454SUSE bug 982222SUSE bug 982224SUSE bug 982222SUSE bug 982222SUSE bug 982224SUSE bug 982222SUSE bug 982224CVE-2016-4463openSUSE Leap 42.1
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
ImportantCVE-2016-4463SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860SUSE bug 985860CVE-2016-4470openSUSE Leap 42.1
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
ImportantCVE-2016-4470SUSE bug 984755SUSE bug 984764SUSE bug 984764SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 991651SUSE bug 984755SUSE bug 984764SUSE bug 991651SUSE bug 991651SUSE bug 984764SUSE bug 984755SUSE bug 984764SUSE bug 990058SUSE bug 984755SUSE bug 984764SUSE bug 984755SUSE bug 991651SUSE bug 984755SUSE bug 991651SUSE bug 984755SUSE bug 991651SUSE bug 984755SUSE bug 991651SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984755SUSE bug 984755CVE-2016-4478openSUSE Leap 42.1
Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.
ModerateCVE-2016-4478SUSE bug 978170SUSE bug 978170SUSE bug 978170SUSE bug 978170CVE-2016-4480openSUSE Leap 42.1
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
ModerateCVE-2016-4480SUSE bug 978295SUSE bug 978295SUSE bug 978288SUSE bug 978295SUSE bug 978288SUSE bug 978295SUSE bug 978295SUSE bug 978295SUSE bug 978295SUSE bug 978295SUSE bug 978288SUSE bug 978295CVE-2016-4482openSUSE Leap 42.1
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
ModerateCVE-2016-4482SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978445SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401SUSE bug 978401CVE-2016-4483openSUSE Leap 42.1
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
LowCVE-2016-4483SUSE bug 978395SUSE bug 978395SUSE bug 978395SUSE bug 978395SUSE bug 978395SUSE bug 978395SUSE bug 978395SUSE bug 1026101CVE-2016-4485openSUSE Leap 42.1
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
LowCVE-2016-4485SUSE bug 978821SUSE bug 978821SUSE bug 978821SUSE bug 978821SUSE bug 978821SUSE bug 978821SUSE bug 978821SUSE bug 978821CVE-2016-4486openSUSE Leap 42.1
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
LowCVE-2016-4486SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 990058SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822SUSE bug 978822CVE-2016-4537openSUSE Leap 42.1
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
LowCVE-2016-4537SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 980366SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827CVE-2016-4538openSUSE Leap 42.1
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
LowCVE-2016-4538SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 980366SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827SUSE bug 978827CVE-2016-4539openSUSE Leap 42.1
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.
ModerateCVE-2016-4539SUSE bug 978828SUSE bug 978828SUSE bug 978828SUSE bug 978828SUSE bug 980366SUSE bug 978828SUSE bug 978828SUSE bug 978828SUSE bug 978828CVE-2016-4540openSUSE Leap 42.1
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
LowCVE-2016-4540SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 980366SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829CVE-2016-4541openSUSE Leap 42.1
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
LowCVE-2016-4541SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 980366SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829SUSE bug 978829CVE-2016-4542openSUSE Leap 42.1
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
LowCVE-2016-4542SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 980366SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830CVE-2016-4543openSUSE Leap 42.1
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
LowCVE-2016-4543SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 980366SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830CVE-2016-4544openSUSE Leap 42.1
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
LowCVE-2016-4544SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 980366SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830SUSE bug 978830CVE-2016-4553openSUSE Leap 42.1
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
ModerateCVE-2016-4553SUSE bug 979009SUSE bug 979009SUSE bug 979009SUSE bug 979009SUSE bug 979009SUSE bug 979009SUSE bug 990451SUSE bug 979009SUSE bug 979009SUSE bug 979009SUSE bug 990451CVE-2016-4554openSUSE Leap 42.1
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
ModerateCVE-2016-4554SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 979010SUSE bug 990451SUSE bug 979010CVE-2016-4555openSUSE Leap 42.1
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
ModerateCVE-2016-4555SUSE bug 979008SUSE bug 979011SUSE bug 979008SUSE bug 979011SUSE bug 979011SUSE bug 979011SUSE bug 979011SUSE bug 979011SUSE bug 979011SUSE bug 979011SUSE bug 979011CVE-2016-4556openSUSE Leap 42.1
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
ModerateCVE-2016-4556SUSE bug 979008SUSE bug 979011SUSE bug 979008SUSE bug 979011SUSE bug 979008SUSE bug 979008SUSE bug 979008SUSE bug 979008SUSE bug 979008SUSE bug 979008SUSE bug 979008CVE-2016-4557openSUSE Leap 42.1
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.
ModerateCVE-2016-4557SUSE bug 979018SUSE bug 979077SUSE bug 979018SUSE bug 979077SUSE bug 979018SUSE bug 979077SUSE bug 979018SUSE bug 979018SUSE bug 979018SUSE bug 979018SUSE bug 979018SUSE bug 979018SUSE bug 979018CVE-2016-4562openSUSE Leap 42.1
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ImportantCVE-2016-4562SUSE bug 983292SUSE bug 983305SUSE bug 983308SUSE bug 983292SUSE bug 983292SUSE bug 983309SUSE bug 983292SUSE bug 983292SUSE bug 983292SUSE bug 983292SUSE bug 983292SUSE bug 983292SUSE bug 983292SUSE bug 983292CVE-2016-4563openSUSE Leap 42.1
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ImportantCVE-2016-4563SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305SUSE bug 983305CVE-2016-4564openSUSE Leap 42.1
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ImportantCVE-2016-4564SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308SUSE bug 983308CVE-2016-4565openSUSE Leap 42.1
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
ImportantCVE-2016-4565SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 980363SUSE bug 979548SUSE bug 979548SUSE bug 980363SUSE bug 980883SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 980363SUSE bug 979548SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 980883SUSE bug 979548SUSE bug 979548SUSE bug 980883SUSE bug 980883SUSE bug 979548SUSE bug 980883SUSE bug 990058SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548SUSE bug 979548CVE-2016-4569openSUSE Leap 42.1
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
LowCVE-2016-4569SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979879SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 990058SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213SUSE bug 979213CVE-2016-4570openSUSE Leap 42.1
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
LowCVE-2016-4570SUSE bug 979205SUSE bug 979206SUSE bug 979205SUSE bug 979206SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979206SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979205SUSE bug 979205CVE-2016-4571openSUSE Leap 42.1
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
LowCVE-2016-4571SUSE bug 979205SUSE bug 979206SUSE bug 979205SUSE bug 979206SUSE bug 979206SUSE bug 979206SUSE bug 979206SUSE bug 979205SUSE bug 979206SUSE bug 979206SUSE bug 979206SUSE bug 979206SUSE bug 979206SUSE bug 979206CVE-2016-4574openSUSE Leap 42.1
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.
ModerateCVE-2016-4574SUSE bug 979261SUSE bug 979261SUSE bug 979261CVE-2016-4578openSUSE Leap 42.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
LowCVE-2016-4578SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 990058SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 979879SUSE bug 1052256CVE-2016-4579openSUSE Leap 42.1
Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl."
ModerateCVE-2016-4579SUSE bug 979906SUSE bug 979906SUSE bug 979906SUSE bug 979906SUSE bug 979906CVE-2016-4580openSUSE Leap 42.1
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.
LowCVE-2016-4580SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 985132SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 981267SUSE bug 870618SUSE bug 870618CVE-2016-4581openSUSE Leap 42.1
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.
ModerateCVE-2016-4581SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913SUSE bug 979913CVE-2016-4658openSUSE Leap 42.1
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
ModerateCVE-2016-4658SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1014873SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1014873SUSE bug 1014873SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1005544SUSE bug 1069433SUSE bug 1078813CVE-2016-4794openSUSE Leap 42.1
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.
ImportantCVE-2016-4794SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 981517SUSE bug 981517SUSE bug 981517SUSE bug 980265SUSE bug 981517SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 980265SUSE bug 980265CVE-2016-4804openSUSE Leap 42.1
The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.
LowCVE-2016-4804SUSE bug 980377SUSE bug 980377SUSE bug 980377SUSE bug 980377SUSE bug 980377SUSE bug 980364SUSE bug 980377SUSE bug 980377SUSE bug 980377CVE-2016-4805openSUSE Leap 42.1
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.
LowCVE-2016-4805SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 980371SUSE bug 990058SUSE bug 980371CVE-2016-4809openSUSE Leap 42.1
The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.
LowCVE-2016-4809SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990SUSE bug 984990CVE-2016-4912openSUSE Leap 42.1
The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure.
ModerateCVE-2016-4912SUSE bug 980722SUSE bug 980722SUSE bug 980722SUSE bug 980722SUSE bug 980722SUSE bug 980722SUSE bug 1074356SUSE bug 1074356CVE-2016-4951openSUSE Leap 42.1
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.
ModerateCVE-2016-4951SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 985132SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 981058SUSE bug 981058CVE-2016-4952openSUSE Leap 42.1
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
ModerateCVE-2016-4952SUSE bug 981266SUSE bug 981276SUSE bug 981266SUSE bug 981276SUSE bug 981276SUSE bug 981276CVE-2016-4953openSUSE Leap 42.1
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
ModerateCVE-2016-4953SUSE bug 982056SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 962784SUSE bug 977459SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065SUSE bug 982065CVE-2016-4954openSUSE Leap 42.1
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
ModerateCVE-2016-4954SUSE bug 982056SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066SUSE bug 982066CVE-2016-4955openSUSE Leap 42.1
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
ModerateCVE-2016-4955SUSE bug 982056SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067SUSE bug 982067CVE-2016-4956openSUSE Leap 42.1
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
ModerateCVE-2016-4956SUSE bug 982056SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 977461SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068SUSE bug 982068CVE-2016-4957openSUSE Leap 42.1
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
ImportantCVE-2016-4957SUSE bug 982056SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 977459SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064SUSE bug 982064CVE-2016-4962openSUSE Leap 42.1
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
ModerateCVE-2016-4962SUSE bug 979620SUSE bug 979620SUSE bug 979620SUSE bug 979620SUSE bug 979620SUSE bug 979620SUSE bug 979620CVE-2016-4963openSUSE Leap 42.1
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
ModerateCVE-2016-4963SUSE bug 979670SUSE bug 979641SUSE bug 979670SUSE bug 979641SUSE bug 979670SUSE bug 979641SUSE bug 979670SUSE bug 979641SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670SUSE bug 979670CVE-2016-4971openSUSE Leap 42.1
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
ImportantCVE-2016-4971SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 984060SUSE bug 1023231SUSE bug 984060SUSE bug 984060SUSE bug 984060CVE-2016-4983openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2016-4983SUSE bug 984639SUSE bug 984639SUSE bug 984639SUSE bug 984639SUSE bug 984639SUSE bug 984639SUSE bug 984639CVE-2016-4994openSUSE Leap 42.1
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
ModerateCVE-2016-4994SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021SUSE bug 986021CVE-2016-4997openSUSE Leap 42.1
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
CriticalCVE-2016-4997SUSE bug 986362SUSE bug 986365SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986365SUSE bug 986362SUSE bug 986362SUSE bug 991651SUSE bug 986362SUSE bug 991651SUSE bug 991651SUSE bug 986377SUSE bug 986362SUSE bug 990058SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986377SUSE bug 991651SUSE bug 986362SUSE bug 991651SUSE bug 986362SUSE bug 991651SUSE bug 986362SUSE bug 991651SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986377SUSE bug 986377SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986377SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362SUSE bug 986362CVE-2016-5008openSUSE Leap 42.1
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
ModerateCVE-2016-5008SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527SUSE bug 987527CVE-2016-5010openSUSE Leap 42.1
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
LowCVE-2016-5010SUSE bug 991444SUSE bug 991444SUSE bug 991444SUSE bug 991444SUSE bug 991444SUSE bug 991444CVE-2016-5011openSUSE Leap 42.1
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
LowCVE-2016-5011SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361SUSE bug 988361CVE-2016-5018openSUSE Leap 42.1
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
ModerateCVE-2016-5018SUSE bug 1007855SUSE bug 1007855SUSE bug 1007855SUSE bug 1007855SUSE bug 1007855CVE-2016-5093openSUSE Leap 42.1
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
ModerateCVE-2016-5093SUSE bug 982010SUSE bug 982010SUSE bug 982010SUSE bug 982010SUSE bug 982010CVE-2016-5094openSUSE Leap 42.1
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
ModerateCVE-2016-5094SUSE bug 982011SUSE bug 982012SUSE bug 982011SUSE bug 982012SUSE bug 982011SUSE bug 982012SUSE bug 982011SUSE bug 982012SUSE bug 982011SUSE bug 982011SUSE bug 982012SUSE bug 982011CVE-2016-5095openSUSE Leap 42.1
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.
ModerateCVE-2016-5095SUSE bug 982012SUSE bug 982011SUSE bug 982012SUSE bug 982012SUSE bug 982012SUSE bug 982011SUSE bug 982012SUSE bug 982011SUSE bug 982011SUSE bug 982012SUSE bug 982012CVE-2016-5096openSUSE Leap 42.1
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.
ModerateCVE-2016-5096SUSE bug 982013SUSE bug 982013SUSE bug 982013SUSE bug 982013SUSE bug 982013SUSE bug 982013CVE-2016-5099openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding.
ModerateCVE-2016-5099SUSE bug 982128SUSE bug 982126SUSE bug 982128SUSE bug 982128SUSE bug 982128CVE-2016-5103openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4552. Reason: This candidate is a reservation duplicate of CVE-2016-4552. Notes: All CVE users should reference CVE-2016-4552 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5103SUSE bug 982703SUSE bug 982703SUSE bug 982003SUSE bug 982003SUSE bug 982003SUSE bug 1016744SUSE bug 982003SUSE bug 982003CVE-2016-5104openSUSE Leap 42.1
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
ImportantCVE-2016-5104SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014SUSE bug 982014CVE-2016-5105openSUSE Leap 42.1
The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command.
LowCVE-2016-5105SUSE bug 982017SUSE bug 982024SUSE bug 982017SUSE bug 982017SUSE bug 982024SUSE bug 982017SUSE bug 982024SUSE bug 982017CVE-2016-5106openSUSE Leap 42.1
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.
LowCVE-2016-5106SUSE bug 982018SUSE bug 982025SUSE bug 982018SUSE bug 982025SUSE bug 982018SUSE bug 982025SUSE bug 982018SUSE bug 982018CVE-2016-5107openSUSE Leap 42.1
The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.
LowCVE-2016-5107SUSE bug 982019SUSE bug 982026SUSE bug 982019SUSE bug 982026SUSE bug 982019SUSE bug 982026SUSE bug 982019SUSE bug 982019CVE-2016-5108openSUSE Leap 42.1
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
ImportantCVE-2016-5108SUSE bug 984382CVE-2016-5116openSUSE Leap 42.1
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.
ModerateCVE-2016-5116SUSE bug 982176SUSE bug 982176SUSE bug 982176SUSE bug 982176SUSE bug 982176CVE-2016-5118openSUSE Leap 42.1
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
ImportantCVE-2016-5118SUSE bug 982178SUSE bug 982178SUSE bug 982178SUSE bug 982178SUSE bug 982178SUSE bug 982178SUSE bug 982178CVE-2016-5126openSUSE Leap 42.1
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
ModerateCVE-2016-5126SUSE bug 982285SUSE bug 982286SUSE bug 982286SUSE bug 982286SUSE bug 982285SUSE bug 982286SUSE bug 982285SUSE bug 982286CVE-2016-5127openSUSE Leap 42.1
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element.
ImportantCVE-2016-5127SUSE bug 989901CVE-2016-5128openSUSE Leap 42.1
objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
ImportantCVE-2016-5128SUSE bug 989901CVE-2016-5129openSUSE Leap 42.1
Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-5129SUSE bug 989901CVE-2016-5130openSUSE Leap 42.1
content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site.
ImportantCVE-2016-5130SUSE bug 989901CVE-2016-5131openSUSE Leap 42.1
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
ImportantCVE-2016-5131SUSE bug 989901SUSE bug 1014873SUSE bug 1069433SUSE bug 1078813SUSE bug 1078813SUSE bug 1078813SUSE bug 1078813SUSE bug 1078813SUSE bug 1078813SUSE bug 1078813CVE-2016-5132openSUSE Leap 42.1
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME element.
ImportantCVE-2016-5132SUSE bug 989901CVE-2016-5133openSUSE Leap 42.1
Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream.
ImportantCVE-2016-5133SUSE bug 989901CVE-2016-5134openSUSE Leap 42.1
net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a related issue to CVE-2016-3763.
ImportantCVE-2016-5134SUSE bug 989901CVE-2016-5135openSUSE Leap 42.1
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.
ImportantCVE-2016-5135SUSE bug 989901CVE-2016-5136openSUSE Leap 42.1
Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion.
ImportantCVE-2016-5136SUSE bug 989901CVE-2016-5137openSUSE Leap 42.1
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report. NOTE: this vulnerability is associated with a specification change after CVE-2016-1617 resolution.
ImportantCVE-2016-5137SUSE bug 989901CVE-2016-5139openSUSE Leap 42.1
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2016-5139SUSE bug 992305SUSE bug 992311SUSE bug 992311SUSE bug 992311SUSE bug 992325CVE-2016-5140openSUSE Leap 42.1
Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2016-5140SUSE bug 992305SUSE bug 992310SUSE bug 992310SUSE bug 992310SUSE bug 992325CVE-2016-5141openSUSE Leap 42.1
Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.
ImportantCVE-2016-5141SUSE bug 992305SUSE bug 992314SUSE bug 992314SUSE bug 992314SUSE bug 992325CVE-2016-5142openSUSE Leap 42.1
The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp.
ImportantCVE-2016-5142SUSE bug 992305SUSE bug 992313SUSE bug 992313SUSE bug 992313SUSE bug 992325CVE-2016-5143openSUSE Leap 42.1
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5144.
ImportantCVE-2016-5143SUSE bug 992305SUSE bug 992319SUSE bug 992319SUSE bug 992319SUSE bug 992325CVE-2016-5144openSUSE Leap 42.1
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5143.
ImportantCVE-2016-5144SUSE bug 992305SUSE bug 992315SUSE bug 992315SUSE bug 992315SUSE bug 992325CVE-2016-5145openSUSE Leap 42.1
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
ImportantCVE-2016-5145SUSE bug 992305SUSE bug 992320SUSE bug 992320SUSE bug 992320SUSE bug 992325CVE-2016-5146openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-5146SUSE bug 992305SUSE bug 992309SUSE bug 992309SUSE bug 992309SUSE bug 992325CVE-2016-5147openSUSE Leap 42.1
Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
ImportantCVE-2016-5147SUSE bug 996648CVE-2016-5148openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)."
ImportantCVE-2016-5148SUSE bug 996648CVE-2016-5149openSUSE Leap 42.1
The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a resource that initially has the about:blank URL.
ImportantCVE-2016-5149SUSE bug 996648CVE-2016-5150openSUSE Leap 42.1
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects.
ImportantCVE-2016-5150SUSE bug 996648CVE-2016-5151openSUSE Leap 42.1
PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp.
ImportantCVE-2016-5151SUSE bug 996648CVE-2016-5152openSUSE Leap 42.1
Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2016-5152SUSE bug 996648CVE-2016-5153openSUSE Leap 42.1
The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have unspecified other impact via a crafted web site.
ImportantCVE-2016-5153SUSE bug 996648CVE-2016-5154openSUSE Leap 42.1
Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image.
ImportantCVE-2016-5154SUSE bug 996648CVE-2016-5155openSUSE Leap 42.1
Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site.
ImportantCVE-2016-5155SUSE bug 996648CVE-2016-5156openSUSE Leap 42.1
extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-5156SUSE bug 996648CVE-2016-5157openSUSE Leap 42.1
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
ImportantCVE-2016-5157SUSE bug 996648CVE-2016-5158openSUSE Leap 42.1
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
ImportantCVE-2016-5158SUSE bug 996648CVE-2016-5159openSUSE Leap 42.1
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
ImportantCVE-2016-5159SUSE bug 996648CVE-2016-5160openSUSE Leap 42.1
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5162.
ImportantCVE-2016-5160SUSE bug 996648CVE-2016-5161openSUSE Leap 42.1
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages "type confusion" in the StylePropertySerializer class.
ImportantCVE-2016-5161SUSE bug 996648CVE-2016-5162openSUSE Leap 42.1
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5160.
ImportantCVE-2016-5162SUSE bug 996648CVE-2016-5163openSUSE Leap 42.1
The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows remote attackers to spoof the address bar via crafted right-to-left (RTL) Unicode text, related to omnibox/SuggestionView.java and omnibox/UrlBar.java in Chrome for Android.
ImportantCVE-2016-5163SUSE bug 996648CVE-2016-5164openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in WebKit/Source/platform/v8_inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools (aka DevTools) subsystem via a crafted web site, aka "Universal XSS (UXSS)."
ImportantCVE-2016-5164SUSE bug 996648CVE-2016-5165openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
ImportantCVE-2016-5165SUSE bug 996648CVE-2016-5166openSUSE Leap 42.1
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice.
ImportantCVE-2016-5166SUSE bug 996648CVE-2016-5170openSUSE Leap 42.1
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls.
ImportantCVE-2016-5170SUSE bug 998743CVE-2016-5171openSUSE Leap 42.1
WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
ImportantCVE-2016-5171SUSE bug 998743CVE-2016-5172openSUSE Leap 42.1
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.
ImportantCVE-2016-5172SUSE bug 998743CVE-2016-5173openSUSE Leap 42.1
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack.
ImportantCVE-2016-5173SUSE bug 998743CVE-2016-5174openSUSE Leap 42.1
browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site.
ImportantCVE-2016-5174SUSE bug 998743CVE-2016-5175openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-5175SUSE bug 998743CVE-2016-5177openSUSE Leap 42.1
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-5177SUSE bug 1002140SUSE bug 1002140SUSE bug 1002140CVE-2016-5178openSUSE Leap 42.1
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
ImportantCVE-2016-5178SUSE bug 1002140SUSE bug 1002140SUSE bug 1002140CVE-2016-5180openSUSE Leap 42.1
Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.
ModerateCVE-2016-5180SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728SUSE bug 1007728CVE-2016-5181openSUSE Leap 42.1
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted execution of v8 microtasks while the DOM was in an inconsistent state, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages.
ImportantCVE-2016-5181SUSE bug 1004465CVE-2016-5182openSUSE Leap 42.1
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages.
ImportantCVE-2016-5182SUSE bug 1004465CVE-2016-5183openSUSE Leap 42.1
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files.
ImportantCVE-2016-5183SUSE bug 1004465CVE-2016-5184openSUSE Leap 42.1
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files.
ImportantCVE-2016-5184SUSE bug 1004465CVE-2016-5185openSUSE Leap 42.1
Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages.
ImportantCVE-2016-5185SUSE bug 1004465CVE-2016-5186openSUSE Leap 42.1
Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled objects after a tab crash, which allowed a remote attacker to perform an out of bounds memory read via crafted PDF files.
ImportantCVE-2016-5186SUSE bug 1004465CVE-2016-5187openSUSE Leap 42.1
Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages.
ImportantCVE-2016-5187SUSE bug 1004465CVE-2016-5188openSUSE Leap 42.1
Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux allow a remote attacker to spoof various parts of browser UI via crafted HTML pages.
ImportantCVE-2016-5188SUSE bug 1004465CVE-2016-5189openSUSE Leap 42.1
Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages.
ImportantCVE-2016-5189SUSE bug 1004465CVE-2016-5190openSUSE Leap 42.1
Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles during shutdown, which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages.
ImportantCVE-2016-5190SUSE bug 1004465CVE-2016-5191openSUSE Leap 42.1
Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages, as demonstrated by an interpretation conflict between userinfo and scheme in an http://javascript:payload@example.com URL.
ImportantCVE-2016-5191SUSE bug 1004465CVE-2016-5192openSUSE Leap 42.1
Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages.
ImportantCVE-2016-5192SUSE bug 1004465CVE-2016-5193openSUSE Leap 42.1
Google Chrome prior to 54.0 for iOS had insufficient validation of URLs for windows open by DOM, which allowed a remote attacker to bypass restrictions on navigation to certain URL schemes via crafted HTML pages.
ImportantCVE-2016-5193SUSE bug 1004465CVE-2016-5195openSUSE Leap 42.1
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CriticalCVE-2016-5195SUSE bug 1004418SUSE bug 1004419SUSE bug 1004418SUSE bug 1004419SUSE bug 1004436SUSE bug 1004418SUSE bug 1004436SUSE bug 1004418SUSE bug 1004436SUSE bug 1004418SUSE bug 1004418SUSE bug 1004419SUSE bug 1004418SUSE bug 1004419SUSE bug 1006323SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004419SUSE bug 1006323SUSE bug 998689SUSE bug 1004418SUSE bug 1004419SUSE bug 1006323SUSE bug 1006695SUSE bug 1004418SUSE bug 1004419SUSE bug 1006323SUSE bug 1006695SUSE bug 1004418SUSE bug 1004419SUSE bug 1006695SUSE bug 1004436SUSE bug 1006695SUSE bug 1004418SUSE bug 1004419SUSE bug 987565SUSE bug 1004418SUSE bug 1006323SUSE bug 1008110SUSE bug 986445SUSE bug 1004418SUSE bug 1006695SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1006695SUSE bug 1008110SUSE bug 1004418SUSE bug 1004419SUSE bug 1006323SUSE bug 1006695SUSE bug 1008110SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004418SUSE bug 1004419SUSE bug 1004419SUSE bug 1008110SUSE bug 1030118SUSE bug 1004418SUSE bug 1004419SUSE bug 1004418SUSE bug 1004419SUSE bug 870618SUSE bug 870618SUSE bug 1004418SUSE bug 1069496CVE-2016-5198openSUSE Leap 42.1
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.
ImportantCVE-2016-5198SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274SUSE bug 1008274CVE-2016-5199openSUSE Leap 42.1
An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
ImportantCVE-2016-5199SUSE bug 1009892SUSE bug 1009892SUSE bug 1009892SUSE bug 1009892SUSE bug 1009892CVE-2016-5200openSUSE Leap 42.1
V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2016-5200SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893SUSE bug 1009893CVE-2016-5201openSUSE Leap 42.1
A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page.
ModerateCVE-2016-5201SUSE bug 1009894SUSE bug 1009894SUSE bug 1009894SUSE bug 1009894CVE-2016-5202openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-5202SUSE bug 1009895SUSE bug 1009895SUSE bug 1009895CVE-2016-5203openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2016-5203SUSE bug 1013236CVE-2016-5204openSUSE Leap 42.1
Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2016-5204SUSE bug 1013236CVE-2016-5205openSUSE Leap 42.1
Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2016-5205SUSE bug 1013236CVE-2016-5206openSUSE Leap 42.1
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.
ImportantCVE-2016-5206SUSE bug 1013236CVE-2016-5207openSUSE Leap 42.1
In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android, corruption of the DOM tree could occur during the removal of a full screen element, which allowed a remote attacker to achieve arbitrary code execution via a crafted HTML page.
ImportantCVE-2016-5207SUSE bug 1013236CVE-2016-5208openSUSE Leap 42.1
Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2016-5208SUSE bug 1013236CVE-2016-5209openSUSE Leap 42.1
Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2016-5209SUSE bug 1013236CVE-2016-5210openSUSE Leap 42.1
Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2016-5210SUSE bug 1013236CVE-2016-5211openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2016-5211SUSE bug 1013236CVE-2016-5212openSUSE Leap 42.1
Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android insufficiently sanitized DevTools URLs, which allowed a remote attacker to read local files via a crafted HTML page.
ImportantCVE-2016-5212SUSE bug 1013236CVE-2016-5213openSUSE Leap 42.1
A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2016-5213SUSE bug 1013236CVE-2016-5214openSUSE Leap 42.1
Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page.
ModerateCVE-2016-5214SUSE bug 1013236CVE-2016-5215openSUSE Leap 42.1
A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ModerateCVE-2016-5215SUSE bug 1013236CVE-2016-5216openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
ModerateCVE-2016-5216SUSE bug 1013236CVE-2016-5217openSUSE Leap 42.1
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page.
ModerateCVE-2016-5217SUSE bug 1013236CVE-2016-5218openSUSE Leap 42.1
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data.
ModerateCVE-2016-5218SUSE bug 1013236CVE-2016-5219openSUSE Leap 42.1
A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2016-5219SUSE bug 1013236SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274SUSE bug 1013274CVE-2016-5220openSUSE Leap 42.1
PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file.
ModerateCVE-2016-5220SUSE bug 1013236CVE-2016-5221openSUSE Leap 42.1
Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page.
ModerateCVE-2016-5221SUSE bug 1013236CVE-2016-5222openSUSE Leap 42.1
Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2016-5222SUSE bug 1013236CVE-2016-5223openSUSE Leap 42.1
Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a crafted PDF file.
ModerateCVE-2016-5223SUSE bug 1013236CVE-2016-5224openSUSE Leap 42.1
A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.
ModerateCVE-2016-5224SUSE bug 1013236CVE-2016-5225openSUSE Leap 42.1
Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page.
ModerateCVE-2016-5225SUSE bug 1013236CVE-2016-5226openSUSE Leap 42.1
Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.
ModerateCVE-2016-5226SUSE bug 1013236CVE-2016-5238openSUSE Leap 42.1
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
ModerateCVE-2016-5238SUSE bug 982959SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982959SUSE bug 982959SUSE bug 982959SUSE bug 982959SUSE bug 982960SUSE bug 982960SUSE bug 982959SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982960SUSE bug 982959SUSE bug 982959SUSE bug 982960SUSE bug 982960CVE-2016-5240openSUSE Leap 42.1
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
ModerateCVE-2016-5240SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309SUSE bug 983309CVE-2016-5241openSUSE Leap 42.1
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
ModerateCVE-2016-5241SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455SUSE bug 983455CVE-2016-5244openSUSE Leap 42.1
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
ModerateCVE-2016-5244SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 990058SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213SUSE bug 983213CVE-2016-5250openSUSE Leap 42.1
Mozilla Firefox before 48.0 allows remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
CriticalCVE-2016-5250SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 991809CVE-2016-5251openSUSE Leap 42.1
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
ModerateCVE-2016-5251SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5252openSUSE Leap 42.1
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.
ImportantCVE-2016-5252SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5254openSUSE Leap 42.1
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.
ImportantCVE-2016-5254SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5255openSUSE Leap 42.1
Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.
ImportantCVE-2016-5255SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5256openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2016-5256SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5257openSUSE Leap 42.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CriticalCVE-2016-5257SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5258openSUSE Leap 42.1
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.
ImportantCVE-2016-5258SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5259openSUSE Leap 42.1
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.
ImportantCVE-2016-5259SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5260openSUSE Leap 42.1
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.
ModerateCVE-2016-5260SUSE bug 991809CVE-2016-5261openSUSE Leap 42.1
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
CriticalCVE-2016-5261SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 999701SUSE bug 991809SUSE bug 991809CVE-2016-5262openSUSE Leap 42.1
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
ModerateCVE-2016-5262SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5263openSUSE Leap 42.1
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
ImportantCVE-2016-5263SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5264openSUSE Leap 42.1
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.
ImportantCVE-2016-5264SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5265openSUSE Leap 42.1
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.
ModerateCVE-2016-5265SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5266openSUSE Leap 42.1
Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.
ModerateCVE-2016-5266SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5268openSUSE Leap 42.1
Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.
ModerateCVE-2016-5268SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809SUSE bug 991809CVE-2016-5270openSUSE Leap 42.1
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
CriticalCVE-2016-5270SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5271openSUSE Leap 42.1
The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property.
CriticalCVE-2016-5271SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5272openSUSE Leap 42.1
The nsImageGeometryMixin class in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
CriticalCVE-2016-5272SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5273openSUSE Leap 42.1
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
CriticalCVE-2016-5273SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5274openSUSE Leap 42.1
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
CriticalCVE-2016-5274SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5275openSUSE Leap 42.1
Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.
CriticalCVE-2016-5275SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5276openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.
CriticalCVE-2016-5276SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5277openSUSE Leap 42.1
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.
CriticalCVE-2016-5277SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5278openSUSE Leap 42.1
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
CriticalCVE-2016-5278SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5279openSUSE Leap 42.1
Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.
CriticalCVE-2016-5279SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5280openSUSE Leap 42.1
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code via bidirectional text.
CriticalCVE-2016-5280SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5281openSUSE Leap 42.1
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.
CriticalCVE-2016-5281SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5282openSUSE Leap 42.1
Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.
CriticalCVE-2016-5282SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5283openSUSE Leap 42.1
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.
CriticalCVE-2016-5283SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5284openSUSE Leap 42.1
Mozilla Firefox before 49.0 and Firefox ESR 45.x before 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
CriticalCVE-2016-5284SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701SUSE bug 999701CVE-2016-5287openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-5287SUSE bug 1006475SUSE bug 1006475SUSE bug 1006475SUSE bug 1006475CVE-2016-5288openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-5288SUSE bug 1006476SUSE bug 1006476SUSE bug 1006476SUSE bug 1006476CVE-2016-5289openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CriticalCVE-2016-5289SUSE bug 1010426SUSE bug 1009026SUSE bug 1010426SUSE bug 1009026SUSE bug 1010426SUSE bug 1010426CVE-2016-5290openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CriticalCVE-2016-5290SUSE bug 1010427SUSE bug 1010427SUSE bug 1009026SUSE bug 1010427SUSE bug 1009026SUSE bug 1010427SUSE bug 1010427CVE-2016-5291openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-5291SUSE bug 1010410SUSE bug 1010410SUSE bug 1009026SUSE bug 1010410SUSE bug 1009026SUSE bug 1010410SUSE bug 1010410CVE-2016-5292openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-5292SUSE bug 1010399SUSE bug 1009026SUSE bug 1010399SUSE bug 1009026SUSE bug 1010399SUSE bug 1010399CVE-2016-5296openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CriticalCVE-2016-5296SUSE bug 1010395SUSE bug 1010395SUSE bug 1009026SUSE bug 1009026SUSE bug 1010395SUSE bug 1010395CVE-2016-5297openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-5297SUSE bug 1010401SUSE bug 1010401SUSE bug 1009026SUSE bug 1010401SUSE bug 1009026SUSE bug 1010401SUSE bug 1010401SUSE bug 1010401CVE-2016-5300openSUSE Leap 42.1
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.
ModerateCVE-2016-5300SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216SUSE bug 983216CVE-2016-5301openSUSE Leap 42.1
The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.
ModerateCVE-2016-5301SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228SUSE bug 983228CVE-2016-5314openSUSE Leap 42.1
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
ModerateCVE-2016-5314SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 987351SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831SUSE bug 984831CVE-2016-5316openSUSE Leap 42.1
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
ModerateCVE-2016-5316SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837SUSE bug 984837CVE-2016-5317openSUSE Leap 42.1
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
ModerateCVE-2016-5317SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842SUSE bug 984842CVE-2016-5320openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5320SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 987351SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 984808SUSE bug 1007284SUSE bug 1007284SUSE bug 1007284SUSE bug 1007284SUSE bug 1007284SUSE bug 1007284CVE-2016-5321openSUSE Leap 42.1
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
ModerateCVE-2016-5321SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813SUSE bug 984813CVE-2016-5323openSUSE Leap 42.1
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
ModerateCVE-2016-5323SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815SUSE bug 984815CVE-2016-5325openSUSE Leap 42.1
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument.
ModerateCVE-2016-5325SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985202SUSE bug 985201SUSE bug 985202CVE-2016-5337openSUSE Leap 42.1
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
LowCVE-2016-5337SUSE bug 983961SUSE bug 983973SUSE bug 983961SUSE bug 983973SUSE bug 983961SUSE bug 983973SUSE bug 983973SUSE bug 983973SUSE bug 983973SUSE bug 983961SUSE bug 983973SUSE bug 983961SUSE bug 983973SUSE bug 983973SUSE bug 983961SUSE bug 983973SUSE bug 983973SUSE bug 983961SUSE bug 983961SUSE bug 983961SUSE bug 983961SUSE bug 983961SUSE bug 983961SUSE bug 983961CVE-2016-5338openSUSE Leap 42.1
The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.
LowCVE-2016-5338SUSE bug 983982SUSE bug 983984SUSE bug 983982SUSE bug 983984SUSE bug 983982SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983982SUSE bug 983984SUSE bug 983982SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983982SUSE bug 983982SUSE bug 983982SUSE bug 983982SUSE bug 983984SUSE bug 983984SUSE bug 983982SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983984SUSE bug 983982SUSE bug 983982SUSE bug 983984SUSE bug 983982CVE-2016-5350openSUSE Leap 42.1
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-5350SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5351openSUSE Leap 42.1
epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-5351SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5353openSUSE Leap 42.1
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-5353SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5354openSUSE Leap 42.1
The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-5354SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5355openSUSE Leap 42.1
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2016-5355SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5356openSUSE Leap 42.1
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2016-5356SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5357openSUSE Leap 42.1
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
ModerateCVE-2016-5357SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5358openSUSE Leap 42.1
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-5358SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671SUSE bug 983671CVE-2016-5384openSUSE Leap 42.1
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
LowCVE-2016-5384SUSE bug 992534SUSE bug 992534SUSE bug 992534SUSE bug 992534CVE-2016-5385openSUSE Leap 42.1
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
ModerateCVE-2016-5385SUSE bug 988484SUSE bug 988486SUSE bug 988487SUSE bug 988488SUSE bug 988489SUSE bug 988491SUSE bug 988492SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 989125SUSE bug 989174SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988484SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486SUSE bug 988486CVE-2016-5386openSUSE Leap 42.1
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
ModerateCVE-2016-5386SUSE bug 988484SUSE bug 988486SUSE bug 988487SUSE bug 988488SUSE bug 988489SUSE bug 988491SUSE bug 988492SUSE bug 988487SUSE bug 988487SUSE bug 989125SUSE bug 989174SUSE bug 988487SUSE bug 988487SUSE bug 988487SUSE bug 988487SUSE bug 988487SUSE bug 988487SUSE bug 988484SUSE bug 988487CVE-2016-5387openSUSE Leap 42.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
ModerateCVE-2016-5387SUSE bug 988484SUSE bug 988486SUSE bug 988487SUSE bug 988488SUSE bug 988489SUSE bug 988491SUSE bug 988492SUSE bug 988488SUSE bug 988488SUSE bug 988492SUSE bug 989125SUSE bug 989174SUSE bug 988488SUSE bug 988492SUSE bug 988488SUSE bug 988488SUSE bug 989684SUSE bug 988488SUSE bug 988488SUSE bug 988488SUSE bug 988488SUSE bug 988488SUSE bug 988488SUSE bug 989684SUSE bug 988484SUSE bug 988488SUSE bug 988488SUSE bug 989684SUSE bug 988488SUSE bug 989684SUSE bug 988488SUSE bug 989684CVE-2016-5388openSUSE Leap 42.1
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
ModerateCVE-2016-5388SUSE bug 988484SUSE bug 988486SUSE bug 988487SUSE bug 988488SUSE bug 988489SUSE bug 988491SUSE bug 988492SUSE bug 988489SUSE bug 988489SUSE bug 988489SUSE bug 989125SUSE bug 989174SUSE bug 988489SUSE bug 988489SUSE bug 988489SUSE bug 988484SUSE bug 988489SUSE bug 988489SUSE bug 988489CVE-2016-5399openSUSE Leap 42.1
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.
ImportantCVE-2016-5399SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430SUSE bug 991430CVE-2016-5403openSUSE Leap 42.1
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
LowCVE-2016-5403SUSE bug 990923SUSE bug 990923SUSE bug 991080SUSE bug 990923SUSE bug 991080SUSE bug 991080SUSE bug 990923SUSE bug 990923SUSE bug 991080SUSE bug 990923SUSE bug 990923SUSE bug 990923SUSE bug 991080SUSE bug 991080SUSE bug 990923SUSE bug 991080SUSE bug 990923SUSE bug 991080CVE-2016-5407openSUSE Leap 42.1
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
ModerateCVE-2016-5407SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017SUSE bug 1003017CVE-2016-5418openSUSE Leap 42.1
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
ModerateCVE-2016-5418SUSE bug 998677SUSE bug 998677SUSE bug 998677CVE-2016-5419openSUSE Leap 42.1
curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.
ModerateCVE-2016-5419SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 1033413SUSE bug 1033442SUSE bug 1033413SUSE bug 991389SUSE bug 991389SUSE bug 991389SUSE bug 991389CVE-2016-5420openSUSE Leap 42.1
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
ModerateCVE-2016-5420SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 997420SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390SUSE bug 991390CVE-2016-5421openSUSE Leap 42.1
Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.
ImportantCVE-2016-5421SUSE bug 991391SUSE bug 991391SUSE bug 991391SUSE bug 991391SUSE bug 991391SUSE bug 991391SUSE bug 1017590SUSE bug 1017590SUSE bug 1017590SUSE bug 1017590CVE-2016-5423openSUSE Leap 42.1
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
ImportantCVE-2016-5423SUSE bug 993454SUSE bug 993454SUSE bug 993454SUSE bug 1042497SUSE bug 1042497SUSE bug 1042497SUSE bug 1042497SUSE bug 1042497SUSE bug 1041981SUSE bug 1041981SUSE bug 1042497SUSE bug 1042497SUSE bug 1042497SUSE bug 1052683SUSE bug 993454SUSE bug 1052683SUSE bug 993454SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683CVE-2016-5424openSUSE Leap 42.1
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
ImportantCVE-2016-5424SUSE bug 993453SUSE bug 993453SUSE bug 993453SUSE bug 993453SUSE bug 1041981SUSE bug 1041981SUSE bug 1041981SUSE bug 1041981SUSE bug 1042497SUSE bug 1042497SUSE bug 1041981SUSE bug 1041981SUSE bug 1042497SUSE bug 1041981SUSE bug 1042497SUSE bug 1042497SUSE bug 1041981SUSE bug 1041981SUSE bug 1041981SUSE bug 1041981SUSE bug 1042497SUSE bug 1042497SUSE bug 1041981SUSE bug 1042497SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1041981SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1052683SUSE bug 1041981SUSE bug 1052683CVE-2016-5426openSUSE Leap 42.1
PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.
ModerateCVE-2016-5426SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159CVE-2016-5427openSUSE Leap 42.1
PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.
ModerateCVE-2016-5427SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159SUSE bug 998159CVE-2016-5439openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.
ModerateCVE-2016-5439SUSE bug 989925SUSE bug 989925SUSE bug 989925CVE-2016-5440openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
ImportantCVE-2016-5440SUSE bug 989926SUSE bug 989926SUSE bug 991616SUSE bug 989926SUSE bug 989926SUSE bug 989926SUSE bug 989926CVE-2016-5483openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-3600. Reason: This candidate is a reservation duplicate of CVE-2017-3600. Notes: All CVE users should reference CVE-2017-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5483SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1029014SUSE bug 1034850CVE-2016-5507openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
ModerateCVE-2016-5507SUSE bug 1005557SUSE bug 1005557SUSE bug 1005557SUSE bug 1005557CVE-2016-5542openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
ModerateCVE-2016-5542SUSE bug 1005522SUSE bug 1005522SUSE bug 1005522SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005522SUSE bug 1005522SUSE bug 1005522SUSE bug 1005522SUSE bug 1009280SUSE bug 1005522SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280CVE-2016-5545openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2016-5545SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856CVE-2016-5546openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).
ImportantCVE-2016-5546SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905CVE-2016-5547openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).
ModerateCVE-2016-5547SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2016-5548openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).
ImportantCVE-2016-5548SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2016-5549openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).
ImportantCVE-2016-5549SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2016-5552openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).
ModerateCVE-2016-5552SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2016-5554openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
ModerateCVE-2016-5554SUSE bug 1005523SUSE bug 1005523SUSE bug 1005523SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005523SUSE bug 1009280SUSE bug 1009280SUSE bug 1005523SUSE bug 1009280SUSE bug 1009280CVE-2016-5556openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
CriticalCVE-2016-5556SUSE bug 1005524SUSE bug 1005524SUSE bug 1005524SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005524SUSE bug 1005524SUSE bug 1016265SUSE bug 1016289SUSE bug 1016265SUSE bug 1016265SUSE bug 1009280SUSE bug 1005524SUSE bug 1009280SUSE bug 1016265SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280CVE-2016-5568openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CriticalCVE-2016-5568SUSE bug 1005525SUSE bug 1005525SUSE bug 1005525SUSE bug 1005525SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005525SUSE bug 1005525SUSE bug 1009280SUSE bug 1009280SUSE bug 1005525SUSE bug 1009280SUSE bug 1009280CVE-2016-5573openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CriticalCVE-2016-5573SUSE bug 1005526SUSE bug 1005526SUSE bug 1005526SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005526SUSE bug 1009280SUSE bug 1009280SUSE bug 1005526SUSE bug 1009280SUSE bug 1009280CVE-2016-5582openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
CriticalCVE-2016-5582SUSE bug 1005527SUSE bug 1005527SUSE bug 1005527SUSE bug 1005527SUSE bug 1005527SUSE bug 1005527CVE-2016-5584openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
ModerateCVE-2016-5584SUSE bug 1005558SUSE bug 1005558SUSE bug 1005558SUSE bug 1005558SUSE bug 1005558SUSE bug 1005558SUSE bug 1008318SUSE bug 1005558CVE-2016-5597openSUSE Leap 42.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
ModerateCVE-2016-5597SUSE bug 1005528SUSE bug 1005528SUSE bug 1005528SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1009280SUSE bug 1005528SUSE bug 1009280SUSE bug 1009280SUSE bug 1005528SUSE bug 1009280SUSE bug 1009280CVE-2016-5609openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-5609SUSE bug 1005560SUSE bug 1005560SUSE bug 1005560SUSE bug 1005560CVE-2016-5612openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-5612SUSE bug 1005561SUSE bug 1005561SUSE bug 1005561SUSE bug 1005561CVE-2016-5616openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2016-5616SUSE bug 1005562SUSE bug 1005562SUSE bug 1005562SUSE bug 1005562SUSE bug 1008318SUSE bug 1005562SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2016-5617openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2016-5617SUSE bug 1005563SUSE bug 1005563SUSE bug 1005563SUSE bug 1005563SUSE bug 1008253SUSE bug 1005563SUSE bug 1020873SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2016-5624openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
ImportantCVE-2016-5624SUSE bug 1005564SUSE bug 1005564SUSE bug 1008318SUSE bug 1005564SUSE bug 1005564CVE-2016-5626openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
ImportantCVE-2016-5626SUSE bug 1005566SUSE bug 1005566SUSE bug 1005566SUSE bug 1008318SUSE bug 1005566SUSE bug 1005566CVE-2016-5627openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.
ImportantCVE-2016-5627SUSE bug 1005567SUSE bug 1005567SUSE bug 1005567CVE-2016-5629openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
ModerateCVE-2016-5629SUSE bug 1005569SUSE bug 1005569SUSE bug 1005569SUSE bug 1008318SUSE bug 1005569SUSE bug 1005569CVE-2016-5630openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
ModerateCVE-2016-5630SUSE bug 1005570SUSE bug 1005570SUSE bug 1005570CVE-2016-5636openSUSE Leap 42.1
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
ModerateCVE-2016-5636SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 985177SUSE bug 1065451SUSE bug 1065451SUSE bug 1065451SUSE bug 1065451SUSE bug 1065451SUSE bug 1065451SUSE bug 1065451CVE-2016-5652openSUSE Leap 42.1
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
ImportantCVE-2016-5652SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280CVE-2016-5687openSUSE Leap 42.1
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
ModerateCVE-2016-5687SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 985448SUSE bug 1000713SUSE bug 1000714SUSE bug 1074610CVE-2016-5688openSUSE Leap 42.1
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
ImportantCVE-2016-5688SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442SUSE bug 985442CVE-2016-5689openSUSE Leap 42.1
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
ModerateCVE-2016-5689SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460SUSE bug 985460CVE-2016-5690openSUSE Leap 42.1
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
ModerateCVE-2016-5690SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985460SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985451SUSE bug 985451CVE-2016-5691openSUSE Leap 42.1
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
ModerateCVE-2016-5691SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985460SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985456SUSE bug 985456CVE-2016-5696openSUSE Leap 42.1
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
ModerateCVE-2016-5696SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 994167SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152SUSE bug 989152CVE-2016-5699openSUSE Leap 42.1
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
ModerateCVE-2016-5699SUSE bug 985348SUSE bug 985351SUSE bug 985348SUSE bug 985348SUSE bug 986630SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348SUSE bug 985348CVE-2016-5701openSUSE Leap 42.1
setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI.
ModerateCVE-2016-5701SUSE bug 986154CVE-2016-5703openSUSE Leap 42.1
SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query.
ModerateCVE-2016-5703SUSE bug 986154CVE-2016-5705openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.
ModerateCVE-2016-5705SUSE bug 986154CVE-2016-5706openSUSE Leap 42.1
js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.
ModerateCVE-2016-5706SUSE bug 986154CVE-2016-5730openSUSE Leap 42.1
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message.
ModerateCVE-2016-5730SUSE bug 986154CVE-2016-5731openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.
ModerateCVE-2016-5731SUSE bug 986154CVE-2016-5733openSUSE Leap 42.1
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.
ModerateCVE-2016-5733SUSE bug 986154CVE-2016-5739openSUSE Leap 42.1
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.
ModerateCVE-2016-5739SUSE bug 986154CVE-2016-5746openSUSE Leap 42.1
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
ModerateCVE-2016-5746SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 984245SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971SUSE bug 986971CVE-2016-5759openSUSE Leap 42.1
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
ImportantCVE-2016-5759SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200SUSE bug 990200CVE-2016-5766openSUSE Leap 42.1
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
ImportantCVE-2016-5766SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386SUSE bug 986386CVE-2016-5767openSUSE Leap 42.1
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
ImportantCVE-2016-5767SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393SUSE bug 986393CVE-2016-5768openSUSE Leap 42.1
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
ModerateCVE-2016-5768SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246SUSE bug 986246CVE-2016-5769openSUSE Leap 42.1
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
ModerateCVE-2016-5769SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388SUSE bug 986388CVE-2016-5770openSUSE Leap 42.1
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
ModerateCVE-2016-5770SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392SUSE bug 986392CVE-2016-5771openSUSE Leap 42.1
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.
ModerateCVE-2016-5771SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986247SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986247SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391SUSE bug 986391CVE-2016-5772openSUSE Leap 42.1
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
ImportantCVE-2016-5772SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244SUSE bug 986244CVE-2016-5773openSUSE Leap 42.1
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
ModerateCVE-2016-5773SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986391SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986391SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247SUSE bug 986247CVE-2016-5829openSUSE Leap 42.1
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.
ImportantCVE-2016-5829SUSE bug 986572SUSE bug 986573SUSE bug 986573SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986573SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986573SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986573SUSE bug 986572SUSE bug 986573SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 991651SUSE bug 986572SUSE bug 991651SUSE bug 991651SUSE bug 986573SUSE bug 986572SUSE bug 986573SUSE bug 990058SUSE bug 986572SUSE bug 986573SUSE bug 986572SUSE bug 986573SUSE bug 991651SUSE bug 986572SUSE bug 991651SUSE bug 986572SUSE bug 991651SUSE bug 986572SUSE bug 991651SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 986572SUSE bug 1054127SUSE bug 986572SUSE bug 1054127SUSE bug 986572SUSE bug 1053919SUSE bug 1054127CVE-2016-5841openSUSE Leap 42.1
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
ImportantCVE-2016-5841SUSE bug 986609SUSE bug 986609SUSE bug 986609SUSE bug 986609SUSE bug 986609SUSE bug 986609SUSE bug 986609SUSE bug 986609CVE-2016-5842openSUSE Leap 42.1
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
ImportantCVE-2016-5842SUSE bug 986608SUSE bug 986608SUSE bug 986608SUSE bug 986608SUSE bug 986608SUSE bug 986608SUSE bug 986608SUSE bug 986608CVE-2016-5844openSUSE Leap 42.1
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
ModerateCVE-2016-5844SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566SUSE bug 986566CVE-2016-5875openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-5875SUSE bug 987351SUSE bug 984831SUSE bug 987351SUSE bug 1007284SUSE bug 1007284SUSE bug 1007284CVE-2016-6128openSUSE Leap 42.1
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.
ModerateCVE-2016-6128SUSE bug 987580SUSE bug 987580SUSE bug 991710SUSE bug 987580SUSE bug 987580SUSE bug 991710SUSE bug 991710SUSE bug 987580SUSE bug 987580SUSE bug 991710SUSE bug 991710SUSE bug 987580SUSE bug 987580SUSE bug 987580CVE-2016-6132openSUSE Leap 42.1
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
ModerateCVE-2016-6132SUSE bug 987577SUSE bug 987577SUSE bug 991436SUSE bug 987577SUSE bug 987577SUSE bug 991436SUSE bug 987577SUSE bug 995034SUSE bug 987577CVE-2016-6153openSUSE Leap 42.1
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
LowCVE-2016-6153SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394SUSE bug 987394CVE-2016-6161openSUSE Leap 42.1
The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
LowCVE-2016-6161SUSE bug 988032SUSE bug 988032SUSE bug 988032SUSE bug 988032SUSE bug 988032SUSE bug 988032SUSE bug 988032SUSE bug 988032CVE-2016-6170openSUSE Leap 42.1
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
ModerateCVE-2016-6170SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866SUSE bug 987866CVE-2016-6172openSUSE Leap 42.1
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
ImportantCVE-2016-6172SUSE bug 987872SUSE bug 987872SUSE bug 987872SUSE bug 987872SUSE bug 987872CVE-2016-6185openSUSE Leap 42.1
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
ImportantCVE-2016-6185SUSE bug 988311SUSE bug 988311SUSE bug 999993SUSE bug 988311SUSE bug 988311SUSE bug 988311SUSE bug 988311CVE-2016-6207openSUSE Leap 42.1
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
ImportantCVE-2016-6207SUSE bug 991434SUSE bug 991434SUSE bug 991622SUSE bug 991434SUSE bug 991434SUSE bug 991434SUSE bug 991622SUSE bug 991622SUSE bug 991434SUSE bug 991622SUSE bug 991622CVE-2016-6210openSUSE Leap 42.1
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
ModerateCVE-2016-6210SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 1001712SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 989363SUSE bug 1087412SUSE bug 1087412CVE-2016-6214openSUSE Leap 42.1
gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
ModerateCVE-2016-6214SUSE bug 987577SUSE bug 991436SUSE bug 991436SUSE bug 991436SUSE bug 991436SUSE bug 995034SUSE bug 991436CVE-2016-6225openSUSE Leap 42.1
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394.
ModerateCVE-2016-6225SUSE bug 1019858SUSE bug 1019858SUSE bug 1019858CVE-2016-6232openSUSE Leap 42.1
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.
ImportantCVE-2016-6232SUSE bug 989698SUSE bug 989698SUSE bug 989698CVE-2016-6250openSUSE Leap 42.1
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
LowCVE-2016-6250SUSE bug 989980SUSE bug 989980SUSE bug 989980CVE-2016-6258openSUSE Leap 42.1
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
ImportantCVE-2016-6258SUSE bug 988675SUSE bug 988675SUSE bug 988692SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988692SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988675SUSE bug 988692SUSE bug 988675SUSE bug 988692CVE-2016-6259openSUSE Leap 42.1
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
ModerateCVE-2016-6259SUSE bug 988676SUSE bug 988676SUSE bug 988676SUSE bug 988676SUSE bug 988694SUSE bug 988676SUSE bug 988676CVE-2016-6261openSUSE Leap 42.1
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
LowCVE-2016-6261SUSE bug 990190SUSE bug 990190SUSE bug 990190SUSE bug 990190SUSE bug 990190CVE-2016-6262openSUSE Leap 42.1
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948.
ModerateCVE-2016-6262SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 990189SUSE bug 1014473SUSE bug 990189SUSE bug 1014473SUSE bug 990189SUSE bug 1014473SUSE bug 990189CVE-2016-6263openSUSE Leap 42.1
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
LowCVE-2016-6263SUSE bug 990191SUSE bug 990191SUSE bug 990191SUSE bug 990191SUSE bug 990191SUSE bug 990191SUSE bug 990191CVE-2016-6265openSUSE Leap 42.1
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
ModerateCVE-2016-6265SUSE bug 990195SUSE bug 990195SUSE bug 990195CVE-2016-6271openSUSE Leap 42.1
The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.
ModerateCVE-2016-6271SUSE bug 1020844SUSE bug 1020844SUSE bug 1020844CVE-2016-6288openSUSE Leap 42.1
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
ModerateCVE-2016-6288SUSE bug 991433SUSE bug 991433SUSE bug 991433SUSE bug 991433SUSE bug 991433SUSE bug 991433CVE-2016-6289openSUSE Leap 42.1
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.
ImportantCVE-2016-6289SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428SUSE bug 991428CVE-2016-6290openSUSE Leap 42.1
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.
ImportantCVE-2016-6290SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429SUSE bug 991429CVE-2016-6291openSUSE Leap 42.1
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
ModerateCVE-2016-6291SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427SUSE bug 991427CVE-2016-6292openSUSE Leap 42.1
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
ModerateCVE-2016-6292SUSE bug 991422SUSE bug 991422SUSE bug 991422SUSE bug 991422SUSE bug 991422SUSE bug 991422CVE-2016-6295openSUSE Leap 42.1
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
ImportantCVE-2016-6295SUSE bug 991424SUSE bug 991424SUSE bug 991424SUSE bug 991424SUSE bug 991424SUSE bug 991424SUSE bug 991424CVE-2016-6296openSUSE Leap 42.1
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.
LowCVE-2016-6296SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437SUSE bug 991437CVE-2016-6297openSUSE Leap 42.1
Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.
ModerateCVE-2016-6297SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426SUSE bug 991426CVE-2016-6302openSUSE Leap 42.1
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
ModerateCVE-2016-6302SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 999665SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 994844SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 995324SUSE bug 999665SUSE bug 995324SUSE bug 995324SUSE bug 995324CVE-2016-6303openSUSE Leap 42.1
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
ModerateCVE-2016-6303SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 999665SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 994844SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 999665SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377SUSE bug 995377CVE-2016-6304openSUSE Leap 42.1
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
ImportantCVE-2016-6304SUSE bug 999665SUSE bug 999666SUSE bug 999665SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 1001706SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 1003811SUSE bug 999665SUSE bug 999666SUSE bug 1003811SUSE bug 999666SUSE bug 1005579SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 999666SUSE bug 1021375SUSE bug 999666SUSE bug 999666CVE-2016-6306openSUSE Leap 42.1
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
LowCVE-2016-6306SUSE bug 999665SUSE bug 999668SUSE bug 999665SUSE bug 999668SUSE bug 999665SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999665SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668SUSE bug 999668CVE-2016-6313openSUSE Leap 42.1
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.
ImportantCVE-2016-6313SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157SUSE bug 994157CVE-2016-6318openSUSE Leap 42.1
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
ModerateCVE-2016-6318SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 992966SUSE bug 1021932CVE-2016-6321openSUSE Leap 42.1
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER.
ModerateCVE-2016-6321SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188SUSE bug 1007188CVE-2016-6351openSUSE Leap 42.1
The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.
ModerateCVE-2016-6351SUSE bug 990835SUSE bug 990843SUSE bug 990843SUSE bug 990835SUSE bug 990843SUSE bug 990843SUSE bug 990835SUSE bug 990835SUSE bug 990835SUSE bug 990835SUSE bug 990843CVE-2016-6352openSUSE Leap 42.1
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
ModerateCVE-2016-6352SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450SUSE bug 991450CVE-2016-6354openSUSE Leap 42.1
Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read.
LowCVE-2016-6354SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 990856SUSE bug 1026047SUSE bug 990856SUSE bug 1035082SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 990856SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2016-6480openSUSE Leap 42.1
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability.
ImportantCVE-2016-6480SUSE bug 991608SUSE bug 991667SUSE bug 991608SUSE bug 991667SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 991667SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 991667SUSE bug 991608SUSE bug 991667SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 1004418SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991667SUSE bug 992568SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991608SUSE bug 991667SUSE bug 991667SUSE bug 991667CVE-2016-6490openSUSE Leap 42.1
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
LowCVE-2016-6490SUSE bug 991466SUSE bug 991466SUSE bug 991466SUSE bug 991466SUSE bug 993854SUSE bug 991466SUSE bug 991466CVE-2016-6491openSUSE Leap 42.1
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
ModerateCVE-2016-6491SUSE bug 991445SUSE bug 991445SUSE bug 991445CVE-2016-6504openSUSE Leap 42.1
epan/dissectors/packet-ncp2222.inc in the NDS dissector in Wireshark 1.12.x before 1.12.13 does not properly maintain a ptvc data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
ModerateCVE-2016-6504SUSE bug 991012SUSE bug 991012SUSE bug 991012SUSE bug 991012SUSE bug 991012SUSE bug 991012CVE-2016-6505openSUSE Leap 42.1
epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.
ModerateCVE-2016-6505SUSE bug 991013SUSE bug 991013SUSE bug 991013SUSE bug 991013SUSE bug 991013SUSE bug 991013SUSE bug 991013CVE-2016-6506openSUSE Leap 42.1
epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-6506SUSE bug 991015SUSE bug 991015SUSE bug 991015SUSE bug 991015SUSE bug 991015SUSE bug 991015SUSE bug 991015CVE-2016-6507openSUSE Leap 42.1
epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
ModerateCVE-2016-6507SUSE bug 991016SUSE bug 991016SUSE bug 991016SUSE bug 991016SUSE bug 991016SUSE bug 991016SUSE bug 991016CVE-2016-6508openSUSE Leap 42.1
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.
ModerateCVE-2016-6508SUSE bug 991017SUSE bug 991017SUSE bug 991017SUSE bug 991017SUSE bug 991017SUSE bug 991017SUSE bug 991017CVE-2016-6509openSUSE Leap 42.1
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
ModerateCVE-2016-6509SUSE bug 991018SUSE bug 991018SUSE bug 991018SUSE bug 991018SUSE bug 991018SUSE bug 991018SUSE bug 991018CVE-2016-6510openSUSE Leap 42.1
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
ModerateCVE-2016-6510SUSE bug 991019SUSE bug 991019SUSE bug 991019SUSE bug 991019SUSE bug 991019SUSE bug 991019SUSE bug 991019CVE-2016-6511openSUSE Leap 42.1
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet.
ModerateCVE-2016-6511SUSE bug 991020SUSE bug 991020SUSE bug 991020SUSE bug 991020SUSE bug 991020SUSE bug 991020SUSE bug 991020CVE-2016-6515openSUSE Leap 42.1
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
ModerateCVE-2016-6515SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 992533SUSE bug 1087412SUSE bug 1087412CVE-2016-6520openSUSE Leap 42.1
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
ModerateCVE-2016-6520SUSE bug 991872SUSE bug 991872SUSE bug 991872SUSE bug 991872SUSE bug 991872CVE-2016-6606openSUSE Leap 42.1
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector (IV) is used to hash the username and password stored in the phpMyAdmin cookie. If a user has the same password as their username, an attacker who examines the browser cookie can see that they are the same - but the attacker can not directly decode these values from the cookie as it is still hashed. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6606SUSE bug 994313CVE-2016-6607openSUSE Leap 42.1
XSS issues were discovered in phpMyAdmin. This affects Zoom search (specially crafted column content can be used to trigger an XSS attack); GIS editor (certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack); Relation view; the following Transformations: Formatted, Imagelink, JPEG: Upload, RegexValidation, JPEG inline, PNG inline, and transformation wrapper; XML export; MediaWiki export; Designer; When the MySQL server is running with a specially-crafted log_bin directive; Database tab; Replication feature; and Database search. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6607SUSE bug 994313CVE-2016-6608openSUSE Leap 42.1
XSS issues were discovered in phpMyAdmin. This affects the database privilege check and the "Remove partitioning" functionality. Specially crafted database names can trigger the XSS attack. All 4.6.x versions (prior to 4.6.4) are affected.
ModerateCVE-2016-6608SUSE bug 994313CVE-2016-6609openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6609SUSE bug 994313CVE-2016-6610openSUSE Leap 42.1
A full path disclosure vulnerability was discovered in phpMyAdmin where a user can trigger a particular error in the export mechanism to discover the full path of phpMyAdmin on the disk. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6610SUSE bug 994313CVE-2016-6611openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6611SUSE bug 994313CVE-2016-6612openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6612SUSE bug 994313CVE-2016-6613openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin will then expose to the user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6613SUSE bug 994313CVE-2016-6614openSUSE Leap 42.1
An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6614SUSE bug 994313CVE-2016-6615openSUSE Leap 42.1
XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature (a specially-crafted database name can be used to trigger an XSS attack); the "Tracking" feature (a specially-crafted query can be used to trigger an XSS attack); and GIS visualization feature. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
ModerateCVE-2016-6615SUSE bug 994313CVE-2016-6616openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.
ModerateCVE-2016-6616SUSE bug 994313CVE-2016-6617openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected.
ModerateCVE-2016-6617SUSE bug 994313CVE-2016-6618openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. The transformation feature allows a user to trigger a denial-of-service (DoS) attack against the server. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6618SUSE bug 994313CVE-2016-6619openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6619SUSE bug 994313CVE-2016-6620openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6620SUSE bug 994313CVE-2016-6621openSUSE Leap 42.1
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
ModerateCVE-2016-6621SUSE bug 994313CVE-2016-6622openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service (DoS) attack by forcing persistent connections when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6622SUSE bug 994313CVE-2016-6623openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service (DoS) attack on a server by passing large values to a loop. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6623SUSE bug 994313CVE-2016-6624openSUSE Leap 42.1
An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server environment, and the proxy server is in the allowed range but the attacking computer is not allowed, this vulnerability can allow the attacking computer to connect despite the IP rules. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6624SUSE bug 994313CVE-2016-6625openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6625SUSE bug 994313CVE-2016-6626openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An attacker could redirect a user to a malicious web page. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6626SUSE bug 994313CVE-2016-6627openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6627SUSE bug 994313CVE-2016-6628openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6628SUSE bug 994313CVE-2016-6629openSUSE Leap 42.1
An issue was discovered in phpMyAdmin involving the $cfg['ArbitraryServerRegexp'] configuration directive. An attacker could reuse certain cookie values in a way of bypassing the servers defined by ArbitraryServerRegexp. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6629SUSE bug 994313CVE-2016-6630openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6630SUSE bug 994313CVE-2016-6631openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file generator_plugin.sh. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6631SUSE bug 994313CVE-2016-6632openSUSE Leap 42.1
An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ModerateCVE-2016-6632SUSE bug 994313CVE-2016-6633openSUSE Leap 42.1
An issue was discovered in phpMyAdmin. phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations that are running with the dbase extension. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
ImportantCVE-2016-6633SUSE bug 994313CVE-2016-6662openSUSE Leap 42.1
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
ImportantCVE-2016-6662SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 1005580SUSE bug 1005580SUSE bug 1001367SUSE bug 1005580SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 1001367SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 1005580SUSE bug 1020884SUSE bug 1021755SUSE bug 998309SUSE bug 1020884SUSE bug 998309SUSE bug 1020873SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2016-6663openSUSE Leap 42.1
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
ImportantCVE-2016-6663SUSE bug 998309SUSE bug 1001367SUSE bug 1001367SUSE bug 1001367SUSE bug 998309SUSE bug 998309SUSE bug 1001367SUSE bug 1008253SUSE bug 1008318SUSE bug 1001367SUSE bug 1001367SUSE bug 1001367SUSE bug 1001367SUSE bug 1021755SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2016-6664openSUSE Leap 42.1
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
ImportantCVE-2016-6664SUSE bug 1008253SUSE bug 1008253SUSE bug 1008253SUSE bug 1008253SUSE bug 1008253SUSE bug 1020873SUSE bug 1008253SUSE bug 1020873SUSE bug 1020873SUSE bug 1008253SUSE bug 1020873SUSE bug 1008253SUSE bug 1020873SUSE bug 1008253SUSE bug 1020873SUSE bug 1020873SUSE bug 1020868SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2016-6794openSUSE Leap 42.1
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
ModerateCVE-2016-6794SUSE bug 1007857SUSE bug 1007857SUSE bug 1007857SUSE bug 1007857SUSE bug 1007857CVE-2016-6796openSUSE Leap 42.1
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
ModerateCVE-2016-6796SUSE bug 1007858SUSE bug 1007858SUSE bug 1007858SUSE bug 1007858SUSE bug 1007858CVE-2016-6797openSUSE Leap 42.1
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
LowCVE-2016-6797SUSE bug 1007853SUSE bug 1007853SUSE bug 1007853SUSE bug 1007853CVE-2016-6816openSUSE Leap 42.1
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.
ModerateCVE-2016-6816SUSE bug 1011812SUSE bug 1011812SUSE bug 1011812SUSE bug 1011812SUSE bug 1011812SUSE bug 1011812SUSE bug 1011812CVE-2016-6823openSUSE Leap 42.1
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
ModerateCVE-2016-6823SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1002207SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066SUSE bug 1001066CVE-2016-6828openSUSE Leap 42.1
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
ModerateCVE-2016-6828SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 994296SUSE bug 1052256SUSE bug 1052256SUSE bug 1052256CVE-2016-6833openSUSE Leap 42.1
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active.
ModerateCVE-2016-6833SUSE bug 994774SUSE bug 994775SUSE bug 994774SUSE bug 994775SUSE bug 994774SUSE bug 994775SUSE bug 994775SUSE bug 994774SUSE bug 994775SUSE bug 994775SUSE bug 994775SUSE bug 994775SUSE bug 994775SUSE bug 994775SUSE bug 994775SUSE bug 994774SUSE bug 994774SUSE bug 994774SUSE bug 994774SUSE bug 994774CVE-2016-6834openSUSE Leap 42.1
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.
ModerateCVE-2016-6834SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994421SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994418SUSE bug 994418SUSE bug 994418SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994421SUSE bug 994418SUSE bug 994418SUSE bug 994418CVE-2016-6835openSUSE Leap 42.1
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
ModerateCVE-2016-6835SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994625SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994605SUSE bug 994605SUSE bug 994605SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994625SUSE bug 994605SUSE bug 994605SUSE bug 994605CVE-2016-6836openSUSE Leap 42.1
The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.
LowCVE-2016-6836SUSE bug 994760SUSE bug 994761SUSE bug 994760SUSE bug 994761SUSE bug 994760SUSE bug 994760SUSE bug 994761SUSE bug 994761SUSE bug 994760SUSE bug 994761SUSE bug 994761SUSE bug 994761SUSE bug 994761SUSE bug 994761SUSE bug 994761SUSE bug 994761SUSE bug 994760SUSE bug 994760SUSE bug 994760SUSE bug 994760SUSE bug 994760CVE-2016-6855openSUSE Leap 42.1
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
ModerateCVE-2016-6855SUSE bug 994819SUSE bug 994819SUSE bug 994819SUSE bug 994819SUSE bug 994819SUSE bug 994819SUSE bug 994819CVE-2016-6888openSUSE Leap 42.1
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.
LowCVE-2016-6888SUSE bug 994771SUSE bug 994772SUSE bug 994771SUSE bug 994772SUSE bug 994771SUSE bug 994772SUSE bug 994772SUSE bug 994771SUSE bug 994772SUSE bug 994772SUSE bug 994772SUSE bug 994771SUSE bug 994772SUSE bug 994772SUSE bug 994772SUSE bug 994771SUSE bug 994771SUSE bug 994771SUSE bug 994771SUSE bug 994771CVE-2016-6905openSUSE Leap 42.1
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.
ModerateCVE-2016-6905SUSE bug 995034SUSE bug 995034SUSE bug 995034SUSE bug 995034SUSE bug 995034SUSE bug 995034SUSE bug 995034SUSE bug 995034CVE-2016-6906openSUSE Leap 42.1
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
LowCVE-2016-6906SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553SUSE bug 1022553CVE-2016-6911openSUSE Leap 42.1
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
ModerateCVE-2016-6911SUSE bug 1004924SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274SUSE bug 1005274CVE-2016-6912openSUSE Leap 42.1
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.
ImportantCVE-2016-6912SUSE bug 1022284SUSE bug 1022284SUSE bug 1022284SUSE bug 1022284SUSE bug 1022284SUSE bug 1022284CVE-2016-7032openSUSE Leap 42.1
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
ModerateCVE-2016-7032SUSE bug 1007501SUSE bug 1007501SUSE bug 1007766SUSE bug 1007766SUSE bug 1007766SUSE bug 1007766SUSE bug 1007766SUSE bug 1011975SUSE bug 1011976SUSE bug 1007766SUSE bug 1007766SUSE bug 1007766SUSE bug 1007766SUSE bug 1007501SUSE bug 1007766CVE-2016-7035openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-7035SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433SUSE bug 1007433CVE-2016-7039openSUSE Leap 42.1
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
ImportantCVE-2016-7039SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1003964SUSE bug 1001486SUSE bug 1001487SUSE bug 1003964SUSE bug 1001486SUSE bug 1001486SUSE bug 1003964SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001487SUSE bug 1003964SUSE bug 1001486SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001487SUSE bug 1001486SUSE bug 1001486SUSE bug 1001486SUSE bug 1025354SUSE bug 1001486SUSE bug 1003964SUSE bug 1001486SUSE bug 1001487SUSE bug 1003964SUSE bug 1001487SUSE bug 1001487SUSE bug 1001487CVE-2016-7042openSUSE Leap 42.1
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
ModerateCVE-2016-7042SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1025354SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517SUSE bug 1004517CVE-2016-7044openSUSE Leap 42.1
The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.
ModerateCVE-2016-7044SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199CVE-2016-7045openSUSE Leap 42.1
The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.
ModerateCVE-2016-7045SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199SUSE bug 999199CVE-2016-7052openSUSE Leap 42.1
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
ModerateCVE-2016-7052SUSE bug 1001148SUSE bug 1001148SUSE bug 1001148SUSE bug 1001148SUSE bug 1001148CVE-2016-7055openSUSE Leap 42.1
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.
ModerateCVE-2016-7055SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1025354SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1021641SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528SUSE bug 1009528CVE-2016-7056openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7056SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1025347SUSE bug 1019334SUSE bug 1019334SUSE bug 1025347SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1018910SUSE bug 1019334SUSE bug 1005878SUSE bug 1018910SUSE bug 1019334SUSE bug 1018910SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1018910SUSE bug 1019334SUSE bug 1018910SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334SUSE bug 1019334CVE-2016-7067openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7067SUSE bug 1007455CVE-2016-7068openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7068SUSE bug 1018326SUSE bug 1018326SUSE bug 1018326SUSE bug 1018326SUSE bug 1018326SUSE bug 1018326CVE-2016-7072openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7072SUSE bug 1018327SUSE bug 1018327SUSE bug 1018327SUSE bug 1018327CVE-2016-7073openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7073SUSE bug 1018328SUSE bug 1018328SUSE bug 1018328SUSE bug 1018328CVE-2016-7074openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7074SUSE bug 1018328SUSE bug 1018328SUSE bug 1018328SUSE bug 1018328CVE-2016-7076openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7076SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1011975SUSE bug 1011976SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501SUSE bug 1007501CVE-2016-7092openSUSE Leap 42.1
The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.
ImportantCVE-2016-7092SUSE bug 995785SUSE bug 995785SUSE bug 995785SUSE bug 995785SUSE bug 995785SUSE bug 995785CVE-2016-7093openSUSE Leap 42.1
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
ImportantCVE-2016-7093SUSE bug 995789SUSE bug 995789SUSE bug 995789SUSE bug 995789SUSE bug 995789CVE-2016-7094openSUSE Leap 42.1
Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
ModerateCVE-2016-7094SUSE bug 995792SUSE bug 995792SUSE bug 995792SUSE bug 995792SUSE bug 995792SUSE bug 995792SUSE bug 995792CVE-2016-7097openSUSE Leap 42.1
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
LowCVE-2016-7097SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 1021258SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 1021258SUSE bug 995968SUSE bug 870618SUSE bug 870618SUSE bug 995968SUSE bug 995968SUSE bug 995968SUSE bug 1052256SUSE bug 1052256SUSE bug 1052256CVE-2016-7098openSUSE Leap 42.1
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
LowCVE-2016-7098SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964SUSE bug 995964CVE-2016-7099openSUSE Leap 42.1
The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
ImportantCVE-2016-7099SUSE bug 1001652SUSE bug 1001652SUSE bug 1001652SUSE bug 1001652SUSE bug 1001652SUSE bug 1001652CVE-2016-7101openSUSE Leap 42.1
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
ModerateCVE-2016-7101SUSE bug 1001221SUSE bug 1001221SUSE bug 1001221SUSE bug 1001221SUSE bug 1002207SUSE bug 1001221SUSE bug 1001221SUSE bug 1001221CVE-2016-7116openSUSE Leap 42.1
Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.
LowCVE-2016-7116SUSE bug 996441SUSE bug 996441SUSE bug 996441CVE-2016-7117openSUSE Leap 42.1
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
ModerateCVE-2016-7117SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003253SUSE bug 1003253SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003253SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1003077SUSE bug 1057478SUSE bug 1003077CVE-2016-7124openSUSE Leap 42.1
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
ModerateCVE-2016-7124SUSE bug 997206SUSE bug 997206SUSE bug 997206SUSE bug 997206SUSE bug 997206SUSE bug 997206SUSE bug 997206CVE-2016-7125openSUSE Leap 42.1
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
ModerateCVE-2016-7125SUSE bug 997207SUSE bug 997207SUSE bug 997207SUSE bug 997207SUSE bug 997207SUSE bug 997207SUSE bug 997207SUSE bug 997207CVE-2016-7126openSUSE Leap 42.1
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
ModerateCVE-2016-7126SUSE bug 997208SUSE bug 997208SUSE bug 997208SUSE bug 997208SUSE bug 997208SUSE bug 997208CVE-2016-7127openSUSE Leap 42.1
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
ModerateCVE-2016-7127SUSE bug 997210SUSE bug 997210SUSE bug 997210SUSE bug 997210SUSE bug 997210SUSE bug 997210SUSE bug 997210SUSE bug 997210CVE-2016-7128openSUSE Leap 42.1
The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.
ModerateCVE-2016-7128SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211SUSE bug 997211CVE-2016-7129openSUSE Leap 42.1
The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document.
ModerateCVE-2016-7129SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220SUSE bug 997220CVE-2016-7130openSUSE Leap 42.1
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.
ModerateCVE-2016-7130SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257SUSE bug 997257CVE-2016-7131openSUSE Leap 42.1
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character.
ModerateCVE-2016-7131SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225SUSE bug 997225CVE-2016-7132openSUSE Leap 42.1
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing.
ModerateCVE-2016-7132SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230SUSE bug 997230CVE-2016-7134openSUSE Leap 42.1
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call.
ModerateCVE-2016-7134SUSE bug 997248SUSE bug 997248SUSE bug 997248SUSE bug 997248SUSE bug 997248SUSE bug 997248SUSE bug 997248SUSE bug 997248CVE-2016-7141openSUSE Leap 42.1
curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.
LowCVE-2016-7141SUSE bug 991390SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 997420SUSE bug 991390SUSE bug 997420SUSE bug 991390SUSE bug 991390SUSE bug 997420SUSE bug 997420CVE-2016-7155openSUSE Leap 42.1
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.
ModerateCVE-2016-7155SUSE bug 997858SUSE bug 997858SUSE bug 997858SUSE bug 997858CVE-2016-7156openSUSE Leap 42.1
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.
ModerateCVE-2016-7156SUSE bug 997859SUSE bug 997859SUSE bug 997859SUSE bug 997859CVE-2016-7161openSUSE Leap 42.1
Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
ModerateCVE-2016-7161SUSE bug 1001151SUSE bug 1001152SUSE bug 1001151SUSE bug 1001152SUSE bug 1001151SUSE bug 1001151SUSE bug 1001151SUSE bug 1001152SUSE bug 1001151CVE-2016-7162openSUSE Leap 42.1
The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
ModerateCVE-2016-7162SUSE bug 997822SUSE bug 997822SUSE bug 997822SUSE bug 997822SUSE bug 997822SUSE bug 997822CVE-2016-7167openSUSE Leap 42.1
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.
ModerateCVE-2016-7167SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 998760SUSE bug 1017590SUSE bug 1017590SUSE bug 998760SUSE bug 1017590SUSE bug 1017590SUSE bug 998760CVE-2016-7170openSUSE Leap 42.1
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.
ModerateCVE-2016-7170SUSE bug 998516SUSE bug 998516SUSE bug 998516SUSE bug 998516SUSE bug 998516SUSE bug 998516SUSE bug 998516CVE-2016-7411openSUSE Leap 42.1
ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.
ModerateCVE-2016-7411SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682SUSE bug 999682CVE-2016-7412openSUSE Leap 42.1
ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.
ModerateCVE-2016-7412SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680SUSE bug 999680CVE-2016-7413openSUSE Leap 42.1
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call.
ModerateCVE-2016-7413SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679SUSE bug 999679CVE-2016-7414openSUSE Leap 42.1
The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.
ModerateCVE-2016-7414SUSE bug 999820SUSE bug 999820SUSE bug 999820SUSE bug 999820SUSE bug 999820SUSE bug 999820SUSE bug 999820CVE-2016-7416openSUSE Leap 42.1
ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument.
ModerateCVE-2016-7416SUSE bug 999685SUSE bug 999685SUSE bug 999685SUSE bug 999685SUSE bug 999685SUSE bug 999685SUSE bug 999685CVE-2016-7417openSUSE Leap 42.1
ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.
ModerateCVE-2016-7417SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684SUSE bug 999684CVE-2016-7418openSUSE Leap 42.1
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.
ModerateCVE-2016-7418SUSE bug 999819SUSE bug 999819SUSE bug 999819SUSE bug 999819SUSE bug 999819SUSE bug 999819SUSE bug 999819CVE-2016-7421openSUSE Leap 42.1
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size.
LowCVE-2016-7421SUSE bug 999661SUSE bug 999661SUSE bug 999661SUSE bug 999661CVE-2016-7425openSUSE Leap 42.1
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.
ModerateCVE-2016-7425SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 1025354SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932SUSE bug 999932CVE-2016-7426openSUSE Leap 42.1
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
LowCVE-2016-7426SUSE bug 1011406SUSE bug 1011421SUSE bug 1011406SUSE bug 1011406SUSE bug 1011406SUSE bug 1011406SUSE bug 1011406SUSE bug 1011421SUSE bug 1011406SUSE bug 1011406CVE-2016-7427openSUSE Leap 42.1
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
ModerateCVE-2016-7427SUSE bug 1011390SUSE bug 1011421SUSE bug 1011390SUSE bug 1011390SUSE bug 1011390SUSE bug 1011390SUSE bug 1011421SUSE bug 1011390SUSE bug 1011390SUSE bug 1011390CVE-2016-7428openSUSE Leap 42.1
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
ModerateCVE-2016-7428SUSE bug 1011417SUSE bug 1011421SUSE bug 1011417SUSE bug 1011417SUSE bug 1011417SUSE bug 1011417SUSE bug 1011417SUSE bug 1011421SUSE bug 1011417SUSE bug 1011417CVE-2016-7429openSUSE Leap 42.1
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
LowCVE-2016-7429SUSE bug 1011404SUSE bug 1011421SUSE bug 1011404SUSE bug 1011404SUSE bug 1011404SUSE bug 1011404SUSE bug 1011404SUSE bug 1011421SUSE bug 1011404SUSE bug 1011404CVE-2016-7431openSUSE Leap 42.1
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
ModerateCVE-2016-7431SUSE bug 1011395SUSE bug 1011421SUSE bug 1011395SUSE bug 1011395SUSE bug 1011395SUSE bug 1011395SUSE bug 1011395SUSE bug 1011421SUSE bug 1011395SUSE bug 1011395CVE-2016-7433openSUSE Leap 42.1
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
LowCVE-2016-7433SUSE bug 1011411SUSE bug 1011421SUSE bug 1011411SUSE bug 1011411SUSE bug 1011411SUSE bug 1011411SUSE bug 1011411SUSE bug 1011421SUSE bug 1011411SUSE bug 1011411CVE-2016-7434openSUSE Leap 42.1
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
ModerateCVE-2016-7434SUSE bug 1011398SUSE bug 1011421SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398SUSE bug 1011421SUSE bug 1011398SUSE bug 1011398SUSE bug 1011398CVE-2016-7440openSUSE Leap 42.1
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
ModerateCVE-2016-7440SUSE bug 1005581SUSE bug 1005581SUSE bug 1005581SUSE bug 1005581SUSE bug 1005581SUSE bug 1008318SUSE bug 1005581CVE-2016-7444openSUSE Leap 42.1
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.
LowCVE-2016-7444SUSE bug 999646SUSE bug 999646SUSE bug 999646SUSE bug 999646SUSE bug 999646SUSE bug 999646SUSE bug 999646SUSE bug 999646CVE-2016-7445openSUSE Leap 42.1
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
ModerateCVE-2016-7445SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 999817SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662SUSE bug 999817CVE-2016-7446openSUSE Leap 42.1
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
ModerateCVE-2016-7446SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673CVE-2016-7447openSUSE Leap 42.1
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
ModerateCVE-2016-7447SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673CVE-2016-7448openSUSE Leap 42.1
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
ModerateCVE-2016-7448SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673CVE-2016-7449openSUSE Leap 42.1
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
ModerateCVE-2016-7449SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673SUSE bug 999673CVE-2016-7466openSUSE Leap 42.1
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.
ModerateCVE-2016-7466SUSE bug 1000345SUSE bug 1000345SUSE bug 1000345SUSE bug 1000345CVE-2016-7502openSUSE Leap 42.1
The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode.
ImportantCVE-2016-7502SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806CVE-2016-7513openSUSE Leap 42.1
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
ModerateCVE-2016-7513SUSE bug 1000686SUSE bug 1000686SUSE bug 1000686SUSE bug 1000686SUSE bug 1000686SUSE bug 1000686SUSE bug 1000686CVE-2016-7514openSUSE Leap 42.1
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7514SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688SUSE bug 1000688CVE-2016-7515openSUSE Leap 42.1
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
ModerateCVE-2016-7515SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000695SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689SUSE bug 1000689CVE-2016-7516openSUSE Leap 42.1
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
ModerateCVE-2016-7516SUSE bug 1000692SUSE bug 1000692SUSE bug 1000693SUSE bug 1000695SUSE bug 1000692SUSE bug 1000692SUSE bug 1000692SUSE bug 1000692SUSE bug 1000692CVE-2016-7517openSUSE Leap 42.1
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
ModerateCVE-2016-7517SUSE bug 1000693SUSE bug 1000693SUSE bug 1000693SUSE bug 1000693SUSE bug 1000693SUSE bug 1000693CVE-2016-7518openSUSE Leap 42.1
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
ModerateCVE-2016-7518SUSE bug 1000694SUSE bug 1000694SUSE bug 1000694SUSE bug 1000694SUSE bug 1000694SUSE bug 1000694SUSE bug 1000694SUSE bug 1028079SUSE bug 1028079CVE-2016-7519openSUSE Leap 42.1
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7519SUSE bug 1000695SUSE bug 1000689SUSE bug 1000695SUSE bug 1000695SUSE bug 1000695SUSE bug 1000695SUSE bug 1000695CVE-2016-7520openSUSE Leap 42.1
Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
ModerateCVE-2016-7520SUSE bug 1000696SUSE bug 1000696SUSE bug 1000696SUSE bug 1000696SUSE bug 1000696CVE-2016-7521openSUSE Leap 42.1
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7521SUSE bug 1000697SUSE bug 1000697SUSE bug 1000697SUSE bug 1000697SUSE bug 1000697CVE-2016-7522openSUSE Leap 42.1
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7522SUSE bug 1000698SUSE bug 1000698SUSE bug 1000698SUSE bug 1000698SUSE bug 1000698SUSE bug 1000698CVE-2016-7523openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7523SUSE bug 1000699SUSE bug 1000699SUSE bug 1000699SUSE bug 1000699SUSE bug 1000699CVE-2016-7524openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-7524SUSE bug 1000700SUSE bug 1000700SUSE bug 1002422SUSE bug 1000700SUSE bug 1000700SUSE bug 1000700CVE-2016-7525openSUSE Leap 42.1
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7525SUSE bug 1000701SUSE bug 1000701SUSE bug 1000701SUSE bug 1000688SUSE bug 1000701SUSE bug 1000701SUSE bug 1000701CVE-2016-7526openSUSE Leap 42.1
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
ModerateCVE-2016-7526SUSE bug 1000702SUSE bug 1000436SUSE bug 1000436SUSE bug 1000702SUSE bug 1000702SUSE bug 1000702SUSE bug 1000702CVE-2016-7527openSUSE Leap 42.1
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7527SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000702SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436SUSE bug 1000436CVE-2016-7528openSUSE Leap 42.1
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
ModerateCVE-2016-7528SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434SUSE bug 1000434CVE-2016-7529openSUSE Leap 42.1
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
ModerateCVE-2016-7529SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000434SUSE bug 1000399SUSE bug 1000703SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1000399SUSE bug 1054924CVE-2016-7530openSUSE Leap 42.1
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
ModerateCVE-2016-7530SUSE bug 1000703SUSE bug 1000399SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1000703SUSE bug 1054924SUSE bug 1054924SUSE bug 1054924CVE-2016-7531openSUSE Leap 42.1
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
ModerateCVE-2016-7531SUSE bug 1000704SUSE bug 1000704SUSE bug 1000704SUSE bug 1000704SUSE bug 1000704SUSE bug 1000704SUSE bug 1000704CVE-2016-7532openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
ModerateCVE-2016-7532SUSE bug 1000706SUSE bug 1000706SUSE bug 1000706SUSE bug 1000706SUSE bug 1000706CVE-2016-7533openSUSE Leap 42.1
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
ModerateCVE-2016-7533SUSE bug 1000707SUSE bug 1000707SUSE bug 1000707SUSE bug 1000707SUSE bug 1000707SUSE bug 1000707CVE-2016-7534openSUSE Leap 42.1
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
ModerateCVE-2016-7534SUSE bug 1000708SUSE bug 1000708SUSE bug 1000708SUSE bug 1000708SUSE bug 1000708CVE-2016-7535openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
ModerateCVE-2016-7535SUSE bug 1000709SUSE bug 1000709SUSE bug 1000709SUSE bug 1000709SUSE bug 1000709CVE-2016-7537openSUSE Leap 42.1
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
ModerateCVE-2016-7537SUSE bug 1000711SUSE bug 1000711SUSE bug 1000711SUSE bug 1000711SUSE bug 1000711SUSE bug 1000711SUSE bug 1000711CVE-2016-7538openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
ModerateCVE-2016-7538SUSE bug 1000712SUSE bug 1000712SUSE bug 1000712SUSE bug 1000712SUSE bug 1000712SUSE bug 1000712CVE-2016-7539openSUSE Leap 42.1
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
ModerateCVE-2016-7539SUSE bug 1000715SUSE bug 1000715SUSE bug 1000715SUSE bug 1000715SUSE bug 1000715SUSE bug 1000715CVE-2016-7540openSUSE Leap 42.1
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.
ModerateCVE-2016-7540SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394SUSE bug 1000394CVE-2016-7543openSUSE Leap 42.1
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
ImportantCVE-2016-7543SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299SUSE bug 1001299CVE-2016-7553openSUSE Leap 42.1
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.
LowCVE-2016-7553SUSE bug 1001215SUSE bug 1001215SUSE bug 1001215CVE-2016-7555openSUSE Leap 42.1
The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure.
ModerateCVE-2016-7555SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806CVE-2016-7562openSUSE Leap 42.1
The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.
ModerateCVE-2016-7562SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806CVE-2016-7567openSUSE Leap 42.1
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
ModerateCVE-2016-7567SUSE bug 1001600SUSE bug 1001600SUSE bug 1074356SUSE bug 1074356SUSE bug 1001600CVE-2016-7568openSUSE Leap 42.1
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
ImportantCVE-2016-7568SUSE bug 1001900SUSE bug 1001900SUSE bug 1001900SUSE bug 1001900SUSE bug 1001900SUSE bug 1001900CVE-2016-7777openSUSE Leap 42.1
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
ModerateCVE-2016-7777SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106SUSE bug 1000106CVE-2016-7785openSUSE Leap 42.1
The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.
ModerateCVE-2016-7785SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806CVE-2016-7787openSUSE Leap 42.1
A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.
ImportantCVE-2016-7787SUSE bug 1001916SUSE bug 1001916SUSE bug 1001916SUSE bug 1001916CVE-2016-7796openSUSE Leap 42.1
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
ImportantCVE-2016-7796SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765SUSE bug 1001765CVE-2016-7797openSUSE Leap 42.1
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
ModerateCVE-2016-7797SUSE bug 1002767SUSE bug 1002767SUSE bug 1002767CVE-2016-7799openSUSE Leap 42.1
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
ModerateCVE-2016-7799SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421SUSE bug 1002421CVE-2016-7800openSUSE Leap 42.1
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
ModerateCVE-2016-7800SUSE bug 1002422SUSE bug 1002422SUSE bug 1002422SUSE bug 1002422SUSE bug 1002422SUSE bug 1002422SUSE bug 1002422CVE-2016-7905openSUSE Leap 42.1
The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file.
ModerateCVE-2016-7905SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806SUSE bug 1003806CVE-2016-7908openSUSE Leap 42.1
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
ModerateCVE-2016-7908SUSE bug 1002550SUSE bug 1002550SUSE bug 1003030SUSE bug 1002550SUSE bug 1003030SUSE bug 1003030SUSE bug 1002550SUSE bug 1002550SUSE bug 1002550SUSE bug 1002550CVE-2016-7909openSUSE Leap 42.1
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.
ModerateCVE-2016-7909SUSE bug 1002557SUSE bug 1002557SUSE bug 1003032SUSE bug 1002557SUSE bug 1003032SUSE bug 1003032SUSE bug 1002557SUSE bug 1002557SUSE bug 1002557SUSE bug 1002557CVE-2016-7913openSUSE Leap 42.1
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
ModerateCVE-2016-7913SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478SUSE bug 1025354SUSE bug 1010478SUSE bug 1010478SUSE bug 1010478CVE-2016-7917openSUSE Leap 42.1
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
ModerateCVE-2016-7917SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444SUSE bug 1025354SUSE bug 1010444SUSE bug 1010444SUSE bug 1010444CVE-2016-7922openSUSE Leap 42.1
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
ImportantCVE-2016-7922SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7923openSUSE Leap 42.1
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
ImportantCVE-2016-7923SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7924openSUSE Leap 42.1
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
ImportantCVE-2016-7924SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7925openSUSE Leap 42.1
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
ImportantCVE-2016-7925SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7926openSUSE Leap 42.1
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
ImportantCVE-2016-7926SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7927openSUSE Leap 42.1
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
ImportantCVE-2016-7927SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7928openSUSE Leap 42.1
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
ImportantCVE-2016-7928SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7929openSUSE Leap 42.1
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
ImportantCVE-2016-7929SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7930openSUSE Leap 42.1
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
ImportantCVE-2016-7930SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7931openSUSE Leap 42.1
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
ImportantCVE-2016-7931SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7932openSUSE Leap 42.1
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
ImportantCVE-2016-7932SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7933openSUSE Leap 42.1
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
ImportantCVE-2016-7933SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7934openSUSE Leap 42.1
The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
ImportantCVE-2016-7934SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7935openSUSE Leap 42.1
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
ImportantCVE-2016-7935SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7936openSUSE Leap 42.1
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
ImportantCVE-2016-7936SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7937openSUSE Leap 42.1
The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
ImportantCVE-2016-7937SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7938openSUSE Leap 42.1
The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
ImportantCVE-2016-7938SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7939openSUSE Leap 42.1
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
ImportantCVE-2016-7939SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7940openSUSE Leap 42.1
The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
ImportantCVE-2016-7940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7942openSUSE Leap 42.1
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
ModerateCVE-2016-7942SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991SUSE bug 1002991CVE-2016-7944openSUSE Leap 42.1
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
ModerateCVE-2016-7944SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995SUSE bug 1002995CVE-2016-7945openSUSE Leap 42.1
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
ModerateCVE-2016-7945SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998CVE-2016-7946openSUSE Leap 42.1
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
ModerateCVE-2016-7946SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998SUSE bug 1002998CVE-2016-7947openSUSE Leap 42.1
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
ModerateCVE-2016-7947SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000CVE-2016-7948openSUSE Leap 42.1
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
ModerateCVE-2016-7948SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000SUSE bug 1003000CVE-2016-7949openSUSE Leap 42.1
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
ModerateCVE-2016-7949SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1015442SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002CVE-2016-7950openSUSE Leap 42.1
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
ModerateCVE-2016-7950SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1015442SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002SUSE bug 1003002CVE-2016-7951openSUSE Leap 42.1
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
ModerateCVE-2016-7951SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012CVE-2016-7952openSUSE Leap 42.1
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
ModerateCVE-2016-7952SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012SUSE bug 1003012CVE-2016-7953openSUSE Leap 42.1
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
ModerateCVE-2016-7953SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023SUSE bug 1003023CVE-2016-7966openSUSE Leap 42.1
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.
ModerateCVE-2016-7966SUSE bug 1002977SUSE bug 1002977SUSE bug 1002977SUSE bug 1002977CVE-2016-7969openSUSE Leap 42.1
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
ModerateCVE-2016-7969SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982CVE-2016-7972openSUSE Leap 42.1
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
ModerateCVE-2016-7972SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982SUSE bug 1002982CVE-2016-7973openSUSE Leap 42.1
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
ImportantCVE-2016-7973SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7974openSUSE Leap 42.1
The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
ImportantCVE-2016-7974SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7975openSUSE Leap 42.1
The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
ImportantCVE-2016-7975SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7978openSUSE Leap 42.1
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
ImportantCVE-2016-7978SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951CVE-2016-7979openSUSE Leap 42.1
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
ImportantCVE-2016-7979SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951SUSE bug 1001951CVE-2016-7983openSUSE Leap 42.1
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
ImportantCVE-2016-7983SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7984openSUSE Leap 42.1
The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
ImportantCVE-2016-7984SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7985openSUSE Leap 42.1
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
ImportantCVE-2016-7985SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7986openSUSE Leap 42.1
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
ImportantCVE-2016-7986SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7992openSUSE Leap 42.1
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
ImportantCVE-2016-7992SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7993openSUSE Leap 42.1
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
ImportantCVE-2016-7993SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-7995openSUSE Leap 42.1
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.
ModerateCVE-2016-7995SUSE bug 1003612SUSE bug 1003612SUSE bug 1003870SUSE bug 1003870SUSE bug 1003870SUSE bug 1003870SUSE bug 1003612SUSE bug 1003612CVE-2016-7996openSUSE Leap 42.1
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
ModerateCVE-2016-7996SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1067184CVE-2016-7997openSUSE Leap 42.1
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
ImportantCVE-2016-7997SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629SUSE bug 1003629CVE-2016-8283openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
ModerateCVE-2016-8283SUSE bug 1005582SUSE bug 1005582SUSE bug 1005582SUSE bug 1008318SUSE bug 1005582SUSE bug 1005582CVE-2016-8284openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.
LowCVE-2016-8284SUSE bug 1005583SUSE bug 1005583SUSE bug 1008117SUSE bug 1008133SUSE bug 1008141SUSE bug 1008150SUSE bug 1008151SUSE bug 1008152SUSE bug 1005583SUSE bug 1011266SUSE bug 1011267CVE-2016-8288openSUSE Leap 42.1
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.
ModerateCVE-2016-8288SUSE bug 1005586SUSE bug 1005586SUSE bug 1005586CVE-2016-8318openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).
ImportantCVE-2016-8318SUSE bug 1020872SUSE bug 1020872SUSE bug 1020872SUSE bug 1020872SUSE bug 1020872SUSE bug 1020868SUSE bug 1020872SUSE bug 1020872SUSE bug 1020872CVE-2016-8327openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
ModerateCVE-2016-8327SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020893SUSE bug 1020868SUSE bug 1020893SUSE bug 1053919CVE-2016-8332openSUSE Leap 42.1
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
ImportantCVE-2016-8332SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1002414SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662CVE-2016-8568openSUSE Leap 42.1
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
ModerateCVE-2016-8568SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1019036SUSE bug 1019037SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810CVE-2016-8569openSUSE Leap 42.1
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
ModerateCVE-2016-8569SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810SUSE bug 1019036SUSE bug 1019037SUSE bug 1003810SUSE bug 1003810SUSE bug 1003810CVE-2016-8574openSUSE Leap 42.1
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
ImportantCVE-2016-8574SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-8575openSUSE Leap 42.1
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
ImportantCVE-2016-8575SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2016-8576openSUSE Leap 42.1
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.
ModerateCVE-2016-8576SUSE bug 1003878SUSE bug 1003878SUSE bug 1004016SUSE bug 1003878SUSE bug 1004016SUSE bug 1004016SUSE bug 1003878SUSE bug 1003878SUSE bug 1003878SUSE bug 1003878CVE-2016-8577openSUSE Leap 42.1
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
ModerateCVE-2016-8577SUSE bug 1003893SUSE bug 1003893SUSE bug 1004021SUSE bug 1004021SUSE bug 1003893SUSE bug 1003893SUSE bug 1003893SUSE bug 1003893SUSE bug 1003893CVE-2016-8578openSUSE Leap 42.1
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P operation.
ModerateCVE-2016-8578SUSE bug 1003894SUSE bug 1003894SUSE bug 1004023SUSE bug 1004023SUSE bug 1003894SUSE bug 1003894SUSE bug 1003894SUSE bug 1003894SUSE bug 1003894CVE-2016-8602openSUSE Leap 42.1
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
ImportantCVE-2016-8602SUSE bug 1001951SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1004237SUSE bug 1004237SUSE bug 1001951SUSE bug 1004237SUSE bug 1004237SUSE bug 1004237SUSE bug 1004237SUSE bug 1004237SUSE bug 1036453SUSE bug 1004237SUSE bug 1004237SUSE bug 1004237CVE-2016-8605openSUSE Leap 42.1
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.
LowCVE-2016-8605SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221SUSE bug 1004221CVE-2016-8610openSUSE Leap 42.1
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
ModerateCVE-2016-8610SUSE bug 1005878SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005879SUSE bug 1005879SUSE bug 1005879SUSE bug 1005879SUSE bug 1005878SUSE bug 1005879SUSE bug 1005878SUSE bug 1005878SUSE bug 1005879SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1025347SUSE bug 1005878SUSE bug 1005878SUSE bug 1025347SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878SUSE bug 1005878CVE-2016-8615openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8615SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633SUSE bug 1005633CVE-2016-8616openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2016-8616SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634SUSE bug 1005634CVE-2016-8617openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8617SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635SUSE bug 1005635CVE-2016-8618openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-8618SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637SUSE bug 1005637CVE-2016-8619openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-8619SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638SUSE bug 1005638CVE-2016-8620openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8620SUSE bug 1005640SUSE bug 1005640SUSE bug 1005640SUSE bug 1005640SUSE bug 1005640SUSE bug 1005640CVE-2016-8621openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-8621SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642SUSE bug 1005642CVE-2016-8622openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-8622SUSE bug 1005643SUSE bug 1005643SUSE bug 1005643SUSE bug 1005643SUSE bug 1005643SUSE bug 1005643CVE-2016-8623openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8623SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645SUSE bug 1005645CVE-2016-8624openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8624SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646SUSE bug 1005646CVE-2016-8630openSUSE Leap 42.1
The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.
ModerateCVE-2016-8630SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222SUSE bug 1009222CVE-2016-8633openSUSE Leap 42.1
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
ModerateCVE-2016-8633SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833SUSE bug 1008833CVE-2016-8637openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-8637SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340SUSE bug 1008340CVE-2016-8645openSUSE Leap 42.1
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
ModerateCVE-2016-8645SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1025354SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969SUSE bug 1009969CVE-2016-8646openSUSE Leap 42.1
The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.
ModerateCVE-2016-8646SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150SUSE bug 1010150CVE-2016-8649openSUSE Leap 42.1
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
ImportantCVE-2016-8649SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933SUSE bug 1010933CVE-2016-8654openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-8654SUSE bug 1012530SUSE bug 1012530CVE-2016-8655openSUSE Leap 42.1
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
ImportantCVE-2016-8655SUSE bug 1012754SUSE bug 1012754SUSE bug 1012759SUSE bug 1012754SUSE bug 1012759SUSE bug 1012754SUSE bug 1012754SUSE bug 1012759SUSE bug 1013822SUSE bug 1012754SUSE bug 1012759SUSE bug 1012754SUSE bug 1013822SUSE bug 1012754SUSE bug 1012754SUSE bug 1012759SUSE bug 1012754SUSE bug 1012759SUSE bug 1012754SUSE bug 1012759SUSE bug 1012759SUSE bug 1012759SUSE bug 1012759SUSE bug 1012754SUSE bug 1012754SUSE bug 1012754SUSE bug 1012759SUSE bug 1012759SUSE bug 1012759SUSE bug 1052365CVE-2016-8658openSUSE Leap 42.1
Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.
ModerateCVE-2016-8658SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462SUSE bug 1004462CVE-2016-8667openSUSE Leap 42.1
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
ModerateCVE-2016-8667SUSE bug 1004702SUSE bug 1004702SUSE bug 1005004SUSE bug 1004702SUSE bug 1005004SUSE bug 1005004SUSE bug 1004702SUSE bug 1005004SUSE bug 1004702SUSE bug 1004702CVE-2016-8669openSUSE Leap 42.1
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.
ModerateCVE-2016-8669SUSE bug 1004707SUSE bug 1004707SUSE bug 1005005SUSE bug 1004707SUSE bug 1005005SUSE bug 1005005SUSE bug 1004707SUSE bug 1004707SUSE bug 1004707SUSE bug 1004707CVE-2016-8670openSUSE Leap 42.1
Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call.
ModerateCVE-2016-8670SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924SUSE bug 1004924CVE-2016-8677openSUSE Leap 42.1
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
ModerateCVE-2016-8677SUSE bug 1005328SUSE bug 1005328SUSE bug 1005328SUSE bug 1005328SUSE bug 1005328CVE-2016-8682openSUSE Leap 42.1
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
ModerateCVE-2016-8682SUSE bug 1005125SUSE bug 1005125SUSE bug 1005125SUSE bug 1005125SUSE bug 1005125SUSE bug 1005125SUSE bug 1005125CVE-2016-8683openSUSE Leap 42.1
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
ImportantCVE-2016-8683SUSE bug 1005127SUSE bug 1005127SUSE bug 1005127SUSE bug 1005127SUSE bug 1005127SUSE bug 1005127SUSE bug 1005127CVE-2016-8684openSUSE Leap 42.1
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
ModerateCVE-2016-8684SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123SUSE bug 1005123CVE-2016-8685openSUSE Leap 42.1
The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.
ModerateCVE-2016-8685SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005027SUSE bug 1005026SUSE bug 1005026CVE-2016-8686openSUSE Leap 42.1
The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
ImportantCVE-2016-8686SUSE bug 1005027SUSE bug 1005027SUSE bug 1005026SUSE bug 1005026SUSE bug 1005026SUSE bug 1005027CVE-2016-8687openSUSE Leap 42.1
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
ModerateCVE-2016-8687SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070SUSE bug 1005070CVE-2016-8688openSUSE Leap 42.1
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
ModerateCVE-2016-8688SUSE bug 1005076CVE-2016-8689openSUSE Leap 42.1
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
ModerateCVE-2016-8689SUSE bug 1005072SUSE bug 1005072CVE-2016-8690openSUSE Leap 42.1
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
ModerateCVE-2016-8690SUSE bug 1005084SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1007009SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084CVE-2016-8691openSUSE Leap 42.1
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
ModerateCVE-2016-8691SUSE bug 1005090SUSE bug 1005090SUSE bug 1005090SUSE bug 1005090CVE-2016-8692openSUSE Leap 42.1
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
ModerateCVE-2016-8692SUSE bug 1005090SUSE bug 1005090SUSE bug 1005090SUSE bug 1005090CVE-2016-8693openSUSE Leap 42.1
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
ModerateCVE-2016-8693SUSE bug 1005242SUSE bug 1005242SUSE bug 1005242SUSE bug 1005242SUSE bug 1005242CVE-2016-8704openSUSE Leap 42.1
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
ImportantCVE-2016-8704SUSE bug 1007719SUSE bug 1007866SUSE bug 1007871SUSE bug 1007871SUSE bug 1007871SUSE bug 1007871CVE-2016-8705openSUSE Leap 42.1
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
ImportantCVE-2016-8705SUSE bug 1007866SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1007870SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1056865SUSE bug 1007870CVE-2016-8706openSUSE Leap 42.1
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
ImportantCVE-2016-8706SUSE bug 1007866SUSE bug 1007869SUSE bug 1007869SUSE bug 1007869SUSE bug 1007869SUSE bug 1007869SUSE bug 1007869SUSE bug 1007869CVE-2016-8707openSUSE Leap 42.1
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
ImportantCVE-2016-8707SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159SUSE bug 1014159CVE-2016-8735openSUSE Leap 42.1
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
ImportantCVE-2016-8735SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805SUSE bug 1011805CVE-2016-8743openSUSE Leap 42.1
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.
ModerateCVE-2016-8743SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1033513SUSE bug 1016715SUSE bug 1016715SUSE bug 930944SUSE bug 1016715SUSE bug 930944SUSE bug 1016715SUSE bug 1016715SUSE bug 1016715SUSE bug 1086774SUSE bug 1086774SUSE bug 1086774CVE-2016-8745openSUSE Leap 42.1
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions.
ModerateCVE-2016-8745SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119SUSE bug 1015119CVE-2016-8858openSUSE Leap 42.1
** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
ModerateCVE-2016-8858SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1025354SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1005480SUSE bug 1039572SUSE bug 1039572SUSE bug 1005480SUSE bug 1039572SUSE bug 1005480SUSE bug 1039572SUSE bug 1039572SUSE bug 1005480SUSE bug 1039572SUSE bug 1039572SUSE bug 1039572SUSE bug 1039572SUSE bug 1005480SUSE bug 1005480SUSE bug 1039572SUSE bug 1087412SUSE bug 1087412CVE-2016-8862openSUSE Leap 42.1
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
ModerateCVE-2016-8862SUSE bug 1007245SUSE bug 1007245SUSE bug 1009318SUSE bug 1007245SUSE bug 1009318SUSE bug 1007245SUSE bug 1007245SUSE bug 1009318SUSE bug 1009318SUSE bug 1007245SUSE bug 1007245SUSE bug 1007245SUSE bug 1009318SUSE bug 1031267SUSE bug 1009318CVE-2016-8864openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
ImportantCVE-2016-8864SUSE bug 1007829SUSE bug 1007829SUSE bug 1007829SUSE bug 1007829SUSE bug 1007829SUSE bug 1007829SUSE bug 1020526SUSE bug 1024130CVE-2016-8866openSUSE Leap 42.1
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
ModerateCVE-2016-8866SUSE bug 1007245SUSE bug 1007245SUSE bug 1009318SUSE bug 1007245SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1007245SUSE bug 1007245SUSE bug 1009318SUSE bug 1031267SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318SUSE bug 1009318CVE-2016-8867openSUSE Leap 42.1
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
ModerateCVE-2016-8867SUSE bug 1007249SUSE bug 1007249SUSE bug 1007249CVE-2016-8880openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-8880SUSE bug 1006591SUSE bug 1006591SUSE bug 1006591SUSE bug 1006591SUSE bug 1006591CVE-2016-8881openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-8881SUSE bug 1006593SUSE bug 1006593SUSE bug 1006593SUSE bug 1006593SUSE bug 1006593CVE-2016-8882openSUSE Leap 42.1
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
ModerateCVE-2016-8882SUSE bug 1006597SUSE bug 1006597SUSE bug 1006597SUSE bug 1006597SUSE bug 1006597SUSE bug 1006597CVE-2016-8883openSUSE Leap 42.1
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
LowCVE-2016-8883SUSE bug 1006598SUSE bug 1006598SUSE bug 1006598SUSE bug 1006598SUSE bug 1006598SUSE bug 1006598CVE-2016-8884openSUSE Leap 42.1
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.
LowCVE-2016-8884SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1007009SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084CVE-2016-8885openSUSE Leap 42.1
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
LowCVE-2016-8885SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1007009SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084SUSE bug 1007009SUSE bug 1005084CVE-2016-8886openSUSE Leap 42.1
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure.
LowCVE-2016-8886SUSE bug 1006599SUSE bug 1006599SUSE bug 1006599SUSE bug 1006599SUSE bug 1006599SUSE bug 1006599CVE-2016-8887openSUSE Leap 42.1
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
LowCVE-2016-8887SUSE bug 1006836SUSE bug 1006839SUSE bug 1006836SUSE bug 1006836SUSE bug 1006836SUSE bug 1006836CVE-2016-8909openSUSE Leap 42.1
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
ModerateCVE-2016-8909SUSE bug 1006536SUSE bug 1006536SUSE bug 1006536SUSE bug 1007160SUSE bug 1006536SUSE bug 1007160SUSE bug 1007160SUSE bug 1006536SUSE bug 1006536SUSE bug 1006536SUSE bug 1006536CVE-2016-8910openSUSE Leap 42.1
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
ModerateCVE-2016-8910SUSE bug 1006538SUSE bug 1006538SUSE bug 1006538SUSE bug 1007157SUSE bug 1006538SUSE bug 1007157SUSE bug 1007157SUSE bug 1007157SUSE bug 1024178SUSE bug 1006538SUSE bug 1006538SUSE bug 1006538SUSE bug 1007157SUSE bug 1006538SUSE bug 1007157CVE-2016-9042openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9042SUSE bug 1030050CVE-2016-9063openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9063SUSE bug 1010424SUSE bug 1009026SUSE bug 1010424SUSE bug 1009026SUSE bug 1010424SUSE bug 1010424SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240SUSE bug 1047240CVE-2016-9064openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9064SUSE bug 1010402SUSE bug 1010402SUSE bug 1009026SUSE bug 1009026SUSE bug 1010402SUSE bug 1010402CVE-2016-9066openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9066SUSE bug 1010404SUSE bug 1010404SUSE bug 1009026SUSE bug 1010404SUSE bug 1009026SUSE bug 1010404SUSE bug 1010404CVE-2016-9067openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9067SUSE bug 1010405SUSE bug 1009026SUSE bug 1010405SUSE bug 1009026SUSE bug 1010405SUSE bug 1010405CVE-2016-9068openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9068SUSE bug 1010406SUSE bug 1009026SUSE bug 1010406SUSE bug 1009026SUSE bug 1010406SUSE bug 1010406CVE-2016-9069openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9069SUSE bug 1009026SUSE bug 1010405SUSE bug 1010405CVE-2016-9070openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9070SUSE bug 1010420SUSE bug 1009026SUSE bug 1010420SUSE bug 1009026SUSE bug 1010420SUSE bug 1010420CVE-2016-9071openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2016-9071SUSE bug 1010425SUSE bug 1009026SUSE bug 1010425SUSE bug 1009026SUSE bug 1010425SUSE bug 1010425CVE-2016-9073openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9073SUSE bug 1010421SUSE bug 1009026SUSE bug 1010421SUSE bug 1009026SUSE bug 1010421SUSE bug 1010421CVE-2016-9074openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9074SUSE bug 1009026SUSE bug 1010422SUSE bug 1010422SUSE bug 1009026SUSE bug 1010422SUSE bug 1009026SUSE bug 1010422SUSE bug 1010422CVE-2016-9075openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9075SUSE bug 1010408SUSE bug 1009026SUSE bug 1010408SUSE bug 1009026SUSE bug 1010408SUSE bug 1010408CVE-2016-9076openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9076SUSE bug 1010423SUSE bug 1009026SUSE bug 1010423SUSE bug 1009026SUSE bug 1010423SUSE bug 1010423CVE-2016-9077openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9077SUSE bug 1010409SUSE bug 1009026SUSE bug 1010409SUSE bug 1009026SUSE bug 1010409SUSE bug 1010409CVE-2016-9078openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9078SUSE bug 1012807SUSE bug 1012807SUSE bug 1012807SUSE bug 1012807CVE-2016-9079openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9079SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964SUSE bug 1012964CVE-2016-9080openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9080SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015540SUSE bug 1015422SUSE bug 1015540SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542CVE-2016-9083openSUSE Leap 42.1
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
LowCVE-2016-9083SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1025354SUSE bug 1007197CVE-2016-9084openSUSE Leap 42.1
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
LowCVE-2016-9084SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1007197SUSE bug 1025354SUSE bug 1007197CVE-2016-9101openSUSE Leap 42.1
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
ModerateCVE-2016-9101SUSE bug 1007391SUSE bug 1007391SUSE bug 1013668SUSE bug 1013668SUSE bug 1007391SUSE bug 1007391SUSE bug 1013668SUSE bug 1007391SUSE bug 1007391SUSE bug 1007391SUSE bug 1013668SUSE bug 1013668SUSE bug 1007391SUSE bug 1013668SUSE bug 1024181SUSE bug 1024181SUSE bug 1013668SUSE bug 1013668SUSE bug 1013668SUSE bug 1013668SUSE bug 1013668SUSE bug 1007391SUSE bug 1007391SUSE bug 1024181SUSE bug 1013668SUSE bug 1013668SUSE bug 1013668SUSE bug 1013668SUSE bug 1007391SUSE bug 1013668SUSE bug 1007391SUSE bug 1013668SUSE bug 1007391SUSE bug 1013668CVE-2016-9102openSUSE Leap 42.1
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.
ModerateCVE-2016-9102SUSE bug 1007450SUSE bug 1007450SUSE bug 1014256SUSE bug 1007450SUSE bug 1014256SUSE bug 1014256SUSE bug 1007450SUSE bug 1007450SUSE bug 1007450SUSE bug 1007450CVE-2016-9103openSUSE Leap 42.1
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
ModerateCVE-2016-9103SUSE bug 1007454SUSE bug 1007454SUSE bug 1014259SUSE bug 1007454SUSE bug 1014259SUSE bug 1014259SUSE bug 1007454SUSE bug 1007454SUSE bug 1007454CVE-2016-9104openSUSE Leap 42.1
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
ModerateCVE-2016-9104SUSE bug 1007493SUSE bug 1007493SUSE bug 1014297SUSE bug 1007493SUSE bug 1014297SUSE bug 1014297SUSE bug 1007493SUSE bug 1007493SUSE bug 1034990SUSE bug 1007493SUSE bug 1007493CVE-2016-9105openSUSE Leap 42.1
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
ModerateCVE-2016-9105SUSE bug 1007494SUSE bug 1007494SUSE bug 1014279SUSE bug 1007494SUSE bug 1014279SUSE bug 1014279SUSE bug 1007494SUSE bug 1007494SUSE bug 1007494SUSE bug 1007494CVE-2016-9106openSUSE Leap 42.1
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
ModerateCVE-2016-9106SUSE bug 1007495SUSE bug 1007495SUSE bug 1014299SUSE bug 1007495SUSE bug 1007495SUSE bug 1014299SUSE bug 1014299SUSE bug 1007495SUSE bug 1007495SUSE bug 1007495SUSE bug 1007495CVE-2016-9112openSUSE Leap 42.1
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
ModerateCVE-2016-9112SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1007747SUSE bug 1056396SUSE bug 1007739SUSE bug 1007744SUSE bug 1007747SUSE bug 1015662CVE-2016-9113openSUSE Leap 42.1
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
ModerateCVE-2016-9113SUSE bug 1007739SUSE bug 1007747SUSE bug 1007739SUSE bug 1007747SUSE bug 1007739SUSE bug 1007747SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662CVE-2016-9114openSUSE Leap 42.1
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
ModerateCVE-2016-9114SUSE bug 1007740SUSE bug 1007747SUSE bug 1007740SUSE bug 1007747SUSE bug 1007740SUSE bug 1007747SUSE bug 1007740SUSE bug 1007740SUSE bug 1007740SUSE bug 1007740SUSE bug 1007740SUSE bug 1007740SUSE bug 1007740SUSE bug 1007739SUSE bug 1007740SUSE bug 1007744SUSE bug 1015662CVE-2016-9115openSUSE Leap 42.1
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9115SUSE bug 1007741SUSE bug 1007747SUSE bug 1007741SUSE bug 1007747SUSE bug 1007741SUSE bug 1007747SUSE bug 1007741SUSE bug 1007741SUSE bug 1007741SUSE bug 1007741SUSE bug 1007741SUSE bug 1007741SUSE bug 1007741SUSE bug 1007739SUSE bug 1007741SUSE bug 1007744SUSE bug 1015662CVE-2016-9116openSUSE Leap 42.1
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9116SUSE bug 1007742SUSE bug 1007747SUSE bug 1007742SUSE bug 1007747SUSE bug 1007742SUSE bug 1007747SUSE bug 1007742SUSE bug 1007742SUSE bug 1007742SUSE bug 1007742SUSE bug 1007742SUSE bug 1007742SUSE bug 1007742SUSE bug 1007739SUSE bug 1007742SUSE bug 1007744SUSE bug 1015662CVE-2016-9117openSUSE Leap 42.1
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
ModerateCVE-2016-9117SUSE bug 1007743SUSE bug 1007747SUSE bug 1007743SUSE bug 1007747SUSE bug 1007743SUSE bug 1007747SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007743SUSE bug 1007739SUSE bug 1007743SUSE bug 1007744SUSE bug 1015662CVE-2016-9118openSUSE Leap 42.1
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
ModerateCVE-2016-9118SUSE bug 1007744SUSE bug 1007747SUSE bug 1007744SUSE bug 1007747SUSE bug 1007744SUSE bug 1007747SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007744SUSE bug 1007739SUSE bug 1007744SUSE bug 1015662CVE-2016-9131openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
ImportantCVE-2016-9131SUSE bug 1018699SUSE bug 1018700SUSE bug 1018700SUSE bug 1018700SUSE bug 1018699SUSE bug 1018700SUSE bug 1018700SUSE bug 1018699SUSE bug 1018700SUSE bug 1018700SUSE bug 1018700CVE-2016-9137openSUSE Leap 42.1
Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.
ModerateCVE-2016-9137SUSE bug 1008026SUSE bug 1008029SUSE bug 1008026SUSE bug 1008029SUSE bug 1008026SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029SUSE bug 1008029CVE-2016-9147openSUSE Leap 42.1
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
ImportantCVE-2016-9147SUSE bug 1018699SUSE bug 1018701SUSE bug 1018701SUSE bug 1018701SUSE bug 1018699SUSE bug 1018701SUSE bug 1018701SUSE bug 1018701SUSE bug 1018699SUSE bug 1018701SUSE bug 1018701SUSE bug 1018701SUSE bug 1018701CVE-2016-9178openSUSE Leap 42.1
The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.
LowCVE-2016-9178SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1012353SUSE bug 1008650SUSE bug 1012353SUSE bug 1012353SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1008650SUSE bug 1012353SUSE bug 1008650SUSE bug 1012353CVE-2016-9179openSUSE Leap 42.1
lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.
ModerateCVE-2016-9179SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642SUSE bug 1008642CVE-2016-9181openSUSE Leap 42.1
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
ModerateCVE-2016-9181SUSE bug 1008647CVE-2016-9273openSUSE Leap 42.1
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
ModerateCVE-2016-9273SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163SUSE bug 1010163CVE-2016-9297openSUSE Leap 42.1
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
ModerateCVE-2016-9297SUSE bug 1010161SUSE bug 1010161SUSE bug 1010161SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103CVE-2016-9310openSUSE Leap 42.1
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
ModerateCVE-2016-9310SUSE bug 1011377SUSE bug 1011421SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011421SUSE bug 1011377SUSE bug 1011377CVE-2016-9311openSUSE Leap 42.1
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
ModerateCVE-2016-9311SUSE bug 1011377SUSE bug 1011421SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011377SUSE bug 1011421SUSE bug 1011377SUSE bug 1011377CVE-2016-9317openSUSE Leap 42.1
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.
ModerateCVE-2016-9317SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283SUSE bug 1022283CVE-2016-9377openSUSE Leap 42.1
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.
ModerateCVE-2016-9377SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108CVE-2016-9378openSUSE Leap 42.1
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.
ModerateCVE-2016-9378SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108SUSE bug 1009108CVE-2016-9379openSUSE Leap 42.1
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.
ImportantCVE-2016-9379SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111CVE-2016-9380openSUSE Leap 42.1
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
ImportantCVE-2016-9380SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111SUSE bug 1009111CVE-2016-9381openSUSE Leap 42.1
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
ImportantCVE-2016-9381SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109SUSE bug 1009109CVE-2016-9382openSUSE Leap 42.1
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
ImportantCVE-2016-9382SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103SUSE bug 1009103CVE-2016-9383openSUSE Leap 42.1
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
ImportantCVE-2016-9383SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107SUSE bug 1009107CVE-2016-9385openSUSE Leap 42.1
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
ModerateCVE-2016-9385SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104SUSE bug 1009104CVE-2016-9386openSUSE Leap 42.1
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
ImportantCVE-2016-9386SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100SUSE bug 1009100CVE-2016-9395openSUSE Leap 42.1
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
ModerateCVE-2016-9395SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977SUSE bug 1010977CVE-2016-9398openSUSE Leap 42.1
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
ModerateCVE-2016-9398SUSE bug 1010979SUSE bug 1010979SUSE bug 1010979SUSE bug 1010979SUSE bug 1010979SUSE bug 1010979SUSE bug 1010979CVE-2016-9427openSUSE Leap 42.1
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.
ModerateCVE-2016-9427SUSE bug 1011276SUSE bug 1011293SUSE bug 1011276SUSE bug 1011276SUSE bug 1011276SUSE bug 1011276SUSE bug 1011276SUSE bug 1011293CVE-2016-9434openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9434SUSE bug 1011283SUSE bug 1011293SUSE bug 1011283SUSE bug 1011283SUSE bug 1011283SUSE bug 1011283SUSE bug 1011293SUSE bug 1011283SUSE bug 1011283CVE-2016-9435openSUSE Leap 42.1
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
ModerateCVE-2016-9435SUSE bug 1011284SUSE bug 1011293SUSE bug 1011284SUSE bug 1011284SUSE bug 1011284SUSE bug 1011293SUSE bug 1011284SUSE bug 1011284CVE-2016-9436openSUSE Leap 42.1
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
ModerateCVE-2016-9436SUSE bug 1011285SUSE bug 1011293SUSE bug 1011285SUSE bug 1011285SUSE bug 1011285SUSE bug 1011293SUSE bug 1011285SUSE bug 1011285CVE-2016-9437openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
ModerateCVE-2016-9437SUSE bug 1011286SUSE bug 1011293SUSE bug 1011286SUSE bug 1011286SUSE bug 1011286SUSE bug 1011286SUSE bug 1011293SUSE bug 1011286SUSE bug 1011286CVE-2016-9438openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9438SUSE bug 1011287SUSE bug 1011293SUSE bug 1011287SUSE bug 1011287SUSE bug 1011287SUSE bug 1011293CVE-2016-9439openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ImportantCVE-2016-9439SUSE bug 1011288SUSE bug 1011293SUSE bug 1011288SUSE bug 1011288SUSE bug 1011288SUSE bug 1011293SUSE bug 1011288SUSE bug 1011288CVE-2016-9440openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9440SUSE bug 1011289SUSE bug 1011293SUSE bug 1011289SUSE bug 1011289SUSE bug 1011289SUSE bug 1011289SUSE bug 1011293SUSE bug 1011289SUSE bug 1011289CVE-2016-9441openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9441SUSE bug 1011290SUSE bug 1011293SUSE bug 1011290SUSE bug 1011290SUSE bug 1011290SUSE bug 1011290SUSE bug 1011293SUSE bug 1011290SUSE bug 1011290CVE-2016-9442openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause memory corruption in certain conditions via a crafted HTML page.
ModerateCVE-2016-9442SUSE bug 1011291SUSE bug 1011293SUSE bug 1011291SUSE bug 1011291SUSE bug 1011291SUSE bug 1011291SUSE bug 1011293SUSE bug 1011291SUSE bug 1011291CVE-2016-9443openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9443SUSE bug 1011292SUSE bug 1011293SUSE bug 1011292SUSE bug 1011292SUSE bug 1011292SUSE bug 1011292SUSE bug 1011293SUSE bug 1011292SUSE bug 1011292CVE-2016-9444openSUSE Leap 42.1
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
ImportantCVE-2016-9444SUSE bug 1018699SUSE bug 1018702SUSE bug 1018702SUSE bug 1018702SUSE bug 1018699SUSE bug 1018702SUSE bug 1018702SUSE bug 1018699SUSE bug 1018702SUSE bug 1018702SUSE bug 1018702SUSE bug 1018702CVE-2016-9445openSUSE Leap 42.1
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
ImportantCVE-2016-9445SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829CVE-2016-9446openSUSE Leap 42.1
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
ImportantCVE-2016-9446SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829SUSE bug 1010829CVE-2016-9448openSUSE Leap 42.1
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
ModerateCVE-2016-9448SUSE bug 1010161SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1010161SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103SUSE bug 1011103CVE-2016-9453openSUSE Leap 42.1
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.
ImportantCVE-2016-9453SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1007280SUSE bug 1007280SUSE bug 1007280SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107SUSE bug 1011107CVE-2016-9555openSUSE Leap 42.1
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
ImportantCVE-2016-9555SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1012183SUSE bug 1011685SUSE bug 1012183SUSE bug 1012183SUSE bug 1012183SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1012183SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1011685SUSE bug 1012183SUSE bug 1012183SUSE bug 1012183CVE-2016-9556openSUSE Leap 42.1
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
ModerateCVE-2016-9556SUSE bug 1011130SUSE bug 1011130SUSE bug 1011130SUSE bug 1011130SUSE bug 1011130SUSE bug 1013376SUSE bug 1013376SUSE bug 1011130SUSE bug 1013376SUSE bug 1011130SUSE bug 1013376SUSE bug 1011130SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1011130SUSE bug 1013376SUSE bug 1013376SUSE bug 1011130SUSE bug 1011130SUSE bug 1011130SUSE bug 1013376SUSE bug 1011130CVE-2016-9559openSUSE Leap 42.1
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
ModerateCVE-2016-9559SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136SUSE bug 1011136CVE-2016-9560openSUSE Leap 42.1
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
ModerateCVE-2016-9560SUSE bug 1011830SUSE bug 1011830SUSE bug 1011830SUSE bug 1011830SUSE bug 1011830SUSE bug 1011830SUSE bug 1011830CVE-2016-9566openSUSE Leap 42.1
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.
ImportantCVE-2016-9566SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637SUSE bug 1014637CVE-2016-9572openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9572SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1007739SUSE bug 1007744SUSE bug 1014543SUSE bug 1015662CVE-2016-9573openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9573SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1014543SUSE bug 1007739SUSE bug 1007744SUSE bug 1014543SUSE bug 1015662CVE-2016-9574openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9574SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1035082SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499SUSE bug 1015499CVE-2016-9576openSUSE Leap 42.1
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
ImportantCVE-2016-9576SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1013604SUSE bug 1014271SUSE bug 1019079SUSE bug 1017710SUSE bug 1019668SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1013604SUSE bug 1017710SUSE bug 1019079SUSE bug 1013604SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1017710SUSE bug 1019079SUSE bug 1017710SUSE bug 1019079SUSE bug 1019079SUSE bug 1013604SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1017710SUSE bug 1013604SUSE bug 1017710SUSE bug 1013604SUSE bug 1014271SUSE bug 1013604SUSE bug 1014271SUSE bug 1017710SUSE bug 1019079SUSE bug 1013604SUSE bug 1014271SUSE bug 1019079SUSE bug 1014271SUSE bug 1019079SUSE bug 1014271SUSE bug 1019079SUSE bug 1014271SUSE bug 1013604SUSE bug 1013604SUSE bug 1013604CVE-2016-9577openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CriticalCVE-2016-9577SUSE bug 1023078SUSE bug 1023078SUSE bug 1023078SUSE bug 1023078CVE-2016-9578openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9578SUSE bug 1023079SUSE bug 1023078SUSE bug 1023079SUSE bug 1023078SUSE bug 1023079SUSE bug 1023079CVE-2016-9580openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9580SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1007739SUSE bug 1007744SUSE bug 1014975SUSE bug 1015662CVE-2016-9581openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9581SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1014975SUSE bug 1007739SUSE bug 1007744SUSE bug 1014975SUSE bug 1015662CVE-2016-9583openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2016-9583SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400SUSE bug 1015400CVE-2016-9586openSUSE Leap 42.1
curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.
ModerateCVE-2016-9586SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1016653SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1016653SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332SUSE bug 1015332CVE-2016-9591openSUSE Leap 42.1
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
ImportantCVE-2016-9591SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993SUSE bug 1015993CVE-2016-9600openSUSE Leap 42.1
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
LowCVE-2016-9600SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088SUSE bug 1018088CVE-2016-9601openSUSE Leap 42.1
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
LowCVE-2016-9601SUSE bug 1018128SUSE bug 1018128SUSE bug 1036453SUSE bug 1018128SUSE bug 1018128SUSE bug 1018128CVE-2016-9621openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9429. Reason: This candidate is a reservation duplicate of CVE-2016-9429. Notes: All CVE users should reference CVE-2016-9429 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2016-9621SUSE bug 1011293SUSE bug 1012020SUSE bug 1011278SUSE bug 1011293SUSE bug 1012020CVE-2016-9622openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9622SUSE bug 1011293SUSE bug 1012021SUSE bug 1012021SUSE bug 1012021SUSE bug 1011293SUSE bug 1012021SUSE bug 1012021SUSE bug 1012021CVE-2016-9623openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9623SUSE bug 1011293SUSE bug 1012022SUSE bug 1012022SUSE bug 1012022SUSE bug 1011293SUSE bug 1012022SUSE bug 1012022SUSE bug 1012022CVE-2016-9624openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9624SUSE bug 1011293SUSE bug 1012023SUSE bug 1012023SUSE bug 1012023SUSE bug 1011293SUSE bug 1012023SUSE bug 1012023SUSE bug 1012023CVE-2016-9625openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ModerateCVE-2016-9625SUSE bug 1011293SUSE bug 1012024SUSE bug 1012024SUSE bug 1012024SUSE bug 1011293SUSE bug 1012024SUSE bug 1012024SUSE bug 1012024CVE-2016-9626openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
ImportantCVE-2016-9626SUSE bug 1011293SUSE bug 1012025SUSE bug 1012025SUSE bug 1012025SUSE bug 1011293SUSE bug 1012025SUSE bug 1012025SUSE bug 1012025CVE-2016-9627openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9627SUSE bug 1011293SUSE bug 1012026SUSE bug 1012026SUSE bug 1012026SUSE bug 1011293SUSE bug 1012026SUSE bug 1012026SUSE bug 1012026CVE-2016-9628openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9628SUSE bug 1011293SUSE bug 1012027SUSE bug 1012027SUSE bug 1012027SUSE bug 1011293SUSE bug 1012027SUSE bug 1012027SUSE bug 1012027CVE-2016-9629openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9629SUSE bug 1011293SUSE bug 1012028SUSE bug 1012028SUSE bug 1012028SUSE bug 1011293SUSE bug 1012028SUSE bug 1012028SUSE bug 1012028CVE-2016-9630openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9630SUSE bug 1011293SUSE bug 1012029SUSE bug 1012029SUSE bug 1012029SUSE bug 1011293SUSE bug 1012029SUSE bug 1012029SUSE bug 1012029CVE-2016-9631openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page.
ModerateCVE-2016-9631SUSE bug 1011293SUSE bug 1012030SUSE bug 1012030SUSE bug 1012030SUSE bug 1011293SUSE bug 1012030SUSE bug 1012030SUSE bug 1012030CVE-2016-9632openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page.
ModerateCVE-2016-9632SUSE bug 1011293SUSE bug 1012031SUSE bug 1012031SUSE bug 1012031SUSE bug 1011293SUSE bug 1012031SUSE bug 1012031SUSE bug 1012031CVE-2016-9633openSUSE Leap 42.1
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page.
ModerateCVE-2016-9633SUSE bug 1011293SUSE bug 1012032SUSE bug 1012032SUSE bug 1012032SUSE bug 1011293SUSE bug 1012032SUSE bug 1012032SUSE bug 1012032CVE-2016-9634openSUSE Leap 42.1
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.
ImportantCVE-2016-9634SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012102SUSE bug 1012104SUSE bug 1012103SUSE bug 1012102SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104CVE-2016-9635openSUSE Leap 42.1
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.
ImportantCVE-2016-9635SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012104SUSE bug 1012103SUSE bug 1012103SUSE bug 1012104SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104CVE-2016-9636openSUSE Leap 42.1
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.
ImportantCVE-2016-9636SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012104SUSE bug 1012103SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104CVE-2016-9637openSUSE Leap 42.1
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
ImportantCVE-2016-9637SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652SUSE bug 1011652CVE-2016-9650openSUSE Leap 42.1
Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page.
ModerateCVE-2016-9650SUSE bug 1013236CVE-2016-9651openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9651SUSE bug 1013236CVE-2016-9652openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9652SUSE bug 1013236CVE-2016-9756openSUSE Leap 42.1
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
ModerateCVE-2016-9756SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038SUSE bug 1013038CVE-2016-9773openSUSE Leap 42.1
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
ModerateCVE-2016-9773SUSE bug 1013376SUSE bug 1013376SUSE bug 1011130SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1013376SUSE bug 1017421SUSE bug 1013376SUSE bug 1011130SUSE bug 1011130SUSE bug 1013376CVE-2016-9776openSUSE Leap 42.1
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.
ModerateCVE-2016-9776SUSE bug 1013285SUSE bug 1013285SUSE bug 1013285SUSE bug 1013657SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013657SUSE bug 1013285SUSE bug 1013285SUSE bug 1013657SUSE bug 1024182SUSE bug 1024182SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013657SUSE bug 1013657SUSE bug 1013657SUSE bug 1013657SUSE bug 1013285SUSE bug 1013285SUSE bug 1013285SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013285SUSE bug 1013285SUSE bug 1013285SUSE bug 1013657SUSE bug 1013285SUSE bug 1013657SUSE bug 1013657SUSE bug 1013285SUSE bug 1013285CVE-2016-9793openSUSE Leap 42.1
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
ModerateCVE-2016-9793SUSE bug 1013531SUSE bug 1013542SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1025354SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013531SUSE bug 1013542SUSE bug 1013531SUSE bug 1013531CVE-2016-9794openSUSE Leap 42.1
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
ImportantCVE-2016-9794SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013543SUSE bug 1013533SUSE bug 1013543SUSE bug 1013543SUSE bug 1013533SUSE bug 1013543SUSE bug 1013543SUSE bug 1013604SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013533SUSE bug 1013543SUSE bug 1013543SUSE bug 1013543SUSE bug 1013543CVE-2016-9806openSUSE Leap 42.1
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.
ImportantCVE-2016-9806SUSE bug 1013540SUSE bug 1013540SUSE bug 1013540SUSE bug 1013540SUSE bug 1013540SUSE bug 1013540SUSE bug 1017589SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1017589SUSE bug 1017589SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1017589SUSE bug 1013540SUSE bug 1013540SUSE bug 1017589SUSE bug 1017589SUSE bug 1017589CVE-2016-9807openSUSE Leap 42.1
The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.
ImportantCVE-2016-9807SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655SUSE bug 1013655CVE-2016-9808openSUSE Leap 42.1
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
ImportantCVE-2016-9808SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1013653SUSE bug 1012102SUSE bug 1012104SUSE bug 1012103SUSE bug 1013653SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653CVE-2016-9809openSUSE Leap 42.1
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
ModerateCVE-2016-9809SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659SUSE bug 1013659CVE-2016-9810openSUSE Leap 42.1
The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.
ModerateCVE-2016-9810SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663SUSE bug 1013663CVE-2016-9811openSUSE Leap 42.1
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
ModerateCVE-2016-9811SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669SUSE bug 1013669CVE-2016-9812openSUSE Leap 42.1
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
ModerateCVE-2016-9812SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678SUSE bug 1013678CVE-2016-9813openSUSE Leap 42.1
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
ImportantCVE-2016-9813SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680SUSE bug 1013680CVE-2016-9830openSUSE Leap 42.1
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
ModerateCVE-2016-9830SUSE bug 1013640SUSE bug 1013640SUSE bug 1013640SUSE bug 1013640SUSE bug 1013640SUSE bug 1013640CVE-2016-9840openSUSE Leap 42.1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
ModerateCVE-2016-9840SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1023215SUSE bug 1023215SUSE bug 1023215SUSE bug 1023215SUSE bug 1023215SUSE bug 1023215SUSE bug 1003579SUSE bug 1038505SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579CVE-2016-9841openSUSE Leap 42.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
ModerateCVE-2016-9841SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1003579SUSE bug 1038505SUSE bug 1003579SUSE bug 1003579SUSE bug 1064070SUSE bug 1064070SUSE bug 1003579SUSE bug 1003579SUSE bug 1064070SUSE bug 1070162CVE-2016-9842openSUSE Leap 42.1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
ModerateCVE-2016-9842SUSE bug 1003580SUSE bug 1003580SUSE bug 1003580SUSE bug 1023215SUSE bug 1003580SUSE bug 1038505SUSE bug 1003580SUSE bug 1003580SUSE bug 1003580CVE-2016-9843openSUSE Leap 42.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
ModerateCVE-2016-9843SUSE bug 1003580SUSE bug 1013882SUSE bug 1003580SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882SUSE bug 1003580SUSE bug 1013882SUSE bug 1038505SUSE bug 1003580SUSE bug 1003580SUSE bug 1013882SUSE bug 1013882SUSE bug 1013882CVE-2016-9893openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9893SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015541SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015541CVE-2016-9894openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9894SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015527SUSE bug 1015422SUSE bug 1015527SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542CVE-2016-9895openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9895SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015529SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015529CVE-2016-9896openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9896SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015530SUSE bug 1015422SUSE bug 1015530SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542CVE-2016-9897openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9897SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015531SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015531CVE-2016-9898openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9898SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015533SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015533CVE-2016-9899openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9899SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015528SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015528CVE-2016-9900openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9900SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015534SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015534CVE-2016-9901openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9901SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015536SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015536CVE-2016-9902openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9902SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015537SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015537CVE-2016-9903openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9903SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015538SUSE bug 1015422SUSE bug 1015538SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542CVE-2016-9904openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9904SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015535SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015535CVE-2016-9905openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2016-9905SUSE bug 1015422SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015542SUSE bug 1015422SUSE bug 1015527SUSE bug 1015528SUSE bug 1015529SUSE bug 1015530SUSE bug 1015531SUSE bug 1015533SUSE bug 1015534SUSE bug 1015535SUSE bug 1015536SUSE bug 1015537SUSE bug 1015538SUSE bug 1015540SUSE bug 1015541SUSE bug 1015542SUSE bug 1015422SUSE bug 1015542CVE-2016-9907openSUSE Leap 42.1
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
ModerateCVE-2016-9907SUSE bug 1014109SUSE bug 1014490SUSE bug 1014490SUSE bug 1014109SUSE bug 1014109SUSE bug 1014490SUSE bug 1014109SUSE bug 1014109SUSE bug 1014490SUSE bug 1014490SUSE bug 1014109SUSE bug 1014490SUSE bug 1014490SUSE bug 1014490SUSE bug 1014109SUSE bug 1014109SUSE bug 1014109SUSE bug 1014490SUSE bug 1014109SUSE bug 1014109SUSE bug 1014109SUSE bug 1014109SUSE bug 1014109SUSE bug 1014109SUSE bug 1014490SUSE bug 1014109SUSE bug 1014490SUSE bug 1014109SUSE bug 1014490SUSE bug 1014109CVE-2016-9911openSUSE Leap 42.1
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
ModerateCVE-2016-9911SUSE bug 1014111SUSE bug 1014507SUSE bug 1014507SUSE bug 1014111SUSE bug 1014111SUSE bug 1014507SUSE bug 1014111SUSE bug 1014111SUSE bug 1014507SUSE bug 1014507SUSE bug 1014111SUSE bug 1014507SUSE bug 1014507SUSE bug 1014507SUSE bug 1014507SUSE bug 1014111SUSE bug 1014111SUSE bug 1014111SUSE bug 1014507SUSE bug 1014111SUSE bug 1014507SUSE bug 1014507SUSE bug 1014111SUSE bug 1014507SUSE bug 1014111SUSE bug 1014111SUSE bug 1014111SUSE bug 1014111SUSE bug 1014111SUSE bug 1014111SUSE bug 1014507SUSE bug 1014111SUSE bug 1014507SUSE bug 1014111SUSE bug 1014507SUSE bug 1014507SUSE bug 1014111CVE-2016-9921openSUSE Leap 42.1
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.
ModerateCVE-2016-9921SUSE bug 1014702SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169CVE-2016-9922openSUSE Leap 42.1
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
ModerateCVE-2016-9922SUSE bug 1014702SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1014702SUSE bug 1015169SUSE bug 1015169CVE-2016-9932openSUSE Leap 42.1
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
ModerateCVE-2016-9932SUSE bug 1012651SUSE bug 1016340SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651SUSE bug 1012651CVE-2016-9933openSUSE Leap 42.1
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
ModerateCVE-2016-9933SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187SUSE bug 1015187CVE-2016-9934openSUSE Leap 42.1
ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
ModerateCVE-2016-9934SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188SUSE bug 1015188CVE-2016-9935openSUSE Leap 42.1
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.
ModerateCVE-2016-9935SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1015189SUSE bug 1048097SUSE bug 1015189CVE-2016-9957openSUSE Leap 42.1
Stack-based buffer overflow in game-music-emu before 0.6.1.
ModerateCVE-2016-9957SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941CVE-2016-9958openSUSE Leap 42.1
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
ModerateCVE-2016-9958SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941CVE-2016-9959openSUSE Leap 42.1
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
ModerateCVE-2016-9959SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941CVE-2016-9960openSUSE Leap 42.1
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
ModerateCVE-2016-9960SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941CVE-2016-9961openSUSE Leap 42.1
game-music-emu before 0.6.1 mishandles unspecified integer values.
ModerateCVE-2016-9961SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941SUSE bug 1015941CVE-2016-9962openSUSE Leap 42.1
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.
ModerateCVE-2016-9962SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568SUSE bug 1012568CVE-2017-0381openSUSE Leap 42.1
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.
ImportantCVE-2017-0381SUSE bug 1020102SUSE bug 1020102SUSE bug 1020102SUSE bug 1020102SUSE bug 1020102SUSE bug 1020102CVE-2017-2583openSUSE Leap 42.1
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.
ModerateCVE-2017-2583SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1030573SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602SUSE bug 1020602CVE-2017-2584openSUSE Leap 42.1
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.
ModerateCVE-2017-2584SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851SUSE bug 1019851CVE-2017-2596openSUSE Leap 42.1
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
LowCVE-2017-2596SUSE bug 1022785SUSE bug 1022785SUSE bug 1022785SUSE bug 1022785SUSE bug 1022785SUSE bug 1022785SUSE bug 1027179SUSE bug 1022785SUSE bug 1022785SUSE bug 1022785CVE-2017-2615openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-2615SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004SUSE bug 1023004CVE-2017-2616openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-2616SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041SUSE bug 1023041CVE-2017-2619openSUSE Leap 42.1
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
ImportantCVE-2017-2619SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1036283SUSE bug 1036283SUSE bug 1036283SUSE bug 1036283SUSE bug 1036283SUSE bug 1027147SUSE bug 1036283SUSE bug 1027147SUSE bug 1036283SUSE bug 1036283SUSE bug 1036283SUSE bug 1036283SUSE bug 1027147SUSE bug 1036283SUSE bug 1027147SUSE bug 1036283SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1036283SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147SUSE bug 1027147CVE-2017-2620openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-2620SUSE bug 1024834SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024972SUSE bug 1024972SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024972SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024834SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024972SUSE bug 1024972SUSE bug 1024834SUSE bug 1024834SUSE bug 1024972SUSE bug 1024834SUSE bug 1024972CVE-2017-2636openSUSE Leap 42.1
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
ImportantCVE-2017-2636SUSE bug 1027565SUSE bug 1027575SUSE bug 1027565SUSE bug 1027575SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565SUSE bug 1027575SUSE bug 1028372SUSE bug 1027565SUSE bug 1027575SUSE bug 1027565SUSE bug 1027575SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565SUSE bug 1027565SUSE bug 1027575SUSE bug 1028372SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1027565SUSE bug 1027575SUSE bug 1028372SUSE bug 1027565SUSE bug 1027575SUSE bug 1028372SUSE bug 1027565SUSE bug 1028372SUSE bug 1028372SUSE bug 1027565SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565SUSE bug 1028372SUSE bug 1027575SUSE bug 1027575SUSE bug 1027575SUSE bug 1027575SUSE bug 1027565SUSE bug 1028372SUSE bug 1027565CVE-2017-2640openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-2640SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835SUSE bug 1028835CVE-2017-2671openSUSE Leap 42.1
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.
ModerateCVE-2017-2671SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1027179SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003SUSE bug 1031003CVE-2017-2784openSUSE Leap 42.1
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications.
ImportantCVE-2017-2784SUSE bug 1029017SUSE bug 1029017CVE-2017-3135openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-3135SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130SUSE bug 1024130CVE-2017-3136openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-3136SUSE bug 1033461SUSE bug 1033466SUSE bug 1033466SUSE bug 1033466SUSE bug 1033466SUSE bug 1033466SUSE bug 1033466SUSE bug 1033466SUSE bug 1033461SUSE bug 1033466SUSE bug 1033466CVE-2017-3137openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-3137SUSE bug 1033461SUSE bug 1033467SUSE bug 1033467SUSE bug 1033467SUSE bug 1033467SUSE bug 1034162SUSE bug 1033467SUSE bug 1033467SUSE bug 1033467SUSE bug 1033467SUSE bug 1033467SUSE bug 1033461SUSE bug 1033467SUSE bug 1076118CVE-2017-3138openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-3138SUSE bug 1033461SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468SUSE bug 1033461SUSE bug 1033468SUSE bug 1033468SUSE bug 1033468CVE-2017-3231openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
ModerateCVE-2017-3231SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3238openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ImportantCVE-2017-3238SUSE bug 1020882SUSE bug 1020882SUSE bug 1020882SUSE bug 1020882SUSE bug 1020882SUSE bug 1020882SUSE bug 1020868SUSE bug 1020882SUSE bug 1020882SUSE bug 1020882CVE-2017-3241openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3241SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3243openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).
ModerateCVE-2017-3243SUSE bug 1020891SUSE bug 1020891SUSE bug 1020891SUSE bug 1020891SUSE bug 1020868SUSE bug 1020891SUSE bug 1020891SUSE bug 1020891CVE-2017-3244openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ImportantCVE-2017-3244SUSE bug 1020877SUSE bug 1020877SUSE bug 1020877SUSE bug 1020877SUSE bug 1020877SUSE bug 1020877SUSE bug 1020868SUSE bug 1020877SUSE bug 1020877SUSE bug 1020877CVE-2017-3252openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).
ImportantCVE-2017-3252SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3253openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts).
ImportantCVE-2017-3253SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3257openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ImportantCVE-2017-3257SUSE bug 1020878SUSE bug 1020878SUSE bug 1020878SUSE bug 1020878SUSE bug 1020878SUSE bug 1020868SUSE bug 1020878SUSE bug 1020878CVE-2017-3258openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ImportantCVE-2017-3258SUSE bug 1020875SUSE bug 1020875SUSE bug 1020875SUSE bug 1020875SUSE bug 1020875SUSE bug 1020875SUSE bug 1020868SUSE bug 1020875SUSE bug 1020875SUSE bug 1020875CVE-2017-3259openSUSE Leap 42.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).
LowCVE-2017-3259SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3260openSUSE Leap 42.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).
CriticalCVE-2017-3260SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905CVE-2017-3261openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
ModerateCVE-2017-3261SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3265openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).
ModerateCVE-2017-3265SUSE bug 1020885SUSE bug 1020885SUSE bug 1020885SUSE bug 1020885SUSE bug 1020885SUSE bug 1020885SUSE bug 1020868SUSE bug 1020885SUSE bug 1020885SUSE bug 1020885CVE-2017-3272openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3272SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3273openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
ImportantCVE-2017-3273SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020876SUSE bug 1020868SUSE bug 1020876SUSE bug 1053919CVE-2017-3289openSUSE Leap 42.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
CriticalCVE-2017-3289SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1020905SUSE bug 1024218CVE-2017-3290openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS v3.0 Base Score 7.9 (Integrity and Availability impacts).
ImportantCVE-2017-3290SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856CVE-2017-3291openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3291SUSE bug 1020884SUSE bug 1020884SUSE bug 1020884SUSE bug 1020884SUSE bug 1020884SUSE bug 1020884SUSE bug 1020868SUSE bug 1020884SUSE bug 1020884SUSE bug 1020884SUSE bug 998309SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2017-3302openSUSE Leap 42.1
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
ModerateCVE-2017-3302SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1034850SUSE bug 1034911SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1022428SUSE bug 1034850CVE-2017-3305openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client, aka, "The Riddle".
ModerateCVE-2017-3305SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1034850SUSE bug 924663SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1037590SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1029396SUSE bug 1034850CVE-2017-3308openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2017-3308SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3309openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2017-3309SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3312openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3312SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 1020868SUSE bug 1020873SUSE bug 1020873SUSE bug 1020873SUSE bug 998309SUSE bug 998309SUSE bug 998309CVE-2017-3313openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).
LowCVE-2017-3313SUSE bug 1020890SUSE bug 1020890SUSE bug 1020890SUSE bug 1020890SUSE bug 1020890SUSE bug 1020890SUSE bug 1034911SUSE bug 1020890SUSE bug 1020890SUSE bug 1020890SUSE bug 1020868SUSE bug 1020890CVE-2017-3316openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS v3.0 Base Score 8.4 (Confidentiality, Integrity and Availability impacts).
ImportantCVE-2017-3316SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856SUSE bug 1020856CVE-2017-3317openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).
LowCVE-2017-3317SUSE bug 1020894SUSE bug 1020894SUSE bug 1020894SUSE bug 1020894SUSE bug 1020894SUSE bug 1020894SUSE bug 1020868SUSE bug 1020894SUSE bug 1020894SUSE bug 1020894CVE-2017-3318openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).
LowCVE-2017-3318SUSE bug 1020896SUSE bug 1020896SUSE bug 1020896SUSE bug 1020896SUSE bug 1020896SUSE bug 1020868SUSE bug 1020896SUSE bug 1020896SUSE bug 1020896CVE-2017-3329openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3329SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3332openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: VirtualBox SVGA Emulation). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS v3.0 Base Score 8.4 (Integrity and Availability impacts).
ImportantCVE-2017-3332SUSE bug 1020856CVE-2017-3450openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3450SUSE bug 1034850CVE-2017-3452openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3452SUSE bug 1034850CVE-2017-3453openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3453SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3456openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3456SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3461openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3461SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3462openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3462SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3463openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2017-3463SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3464openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2017-3464SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3513openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).
ModerateCVE-2017-3513SUSE bug 1034854CVE-2017-3538openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N).
ModerateCVE-2017-3538SUSE bug 1034854CVE-2017-3558openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H).
ModerateCVE-2017-3558SUSE bug 1034854CVE-2017-3559openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H).
ModerateCVE-2017-3559SUSE bug 1034854CVE-2017-3561openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2017-3561SUSE bug 1034854CVE-2017-3563openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2017-3563SUSE bug 1034854CVE-2017-3575openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H).
ModerateCVE-2017-3575SUSE bug 1034854CVE-2017-3576openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2017-3576SUSE bug 1034854CVE-2017-3587openSUSE Leap 42.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H).
ModerateCVE-2017-3587SUSE bug 1034854CVE-2017-3599openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.
LowCVE-2017-3599SUSE bug 1034850CVE-2017-3600openSUSE Leap 42.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2017-3600SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1029014SUSE bug 1034850SUSE bug 1034850SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850SUSE bug 1048715SUSE bug 1034850CVE-2017-3731openSUSE Leap 42.1
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k.
ModerateCVE-2017-3731SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1025347SUSE bug 1025354SUSE bug 1022085SUSE bug 1022085SUSE bug 1025347SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1021641SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1064118SUSE bug 1064119SUSE bug 1064118SUSE bug 1064119SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1022085SUSE bug 1064118SUSE bug 1064119CVE-2017-3732openSUSE Leap 42.1
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.
LowCVE-2017-3732SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1025354SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1021641SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086SUSE bug 1049418SUSE bug 1049421SUSE bug 1049422SUSE bug 1049421SUSE bug 1049421SUSE bug 1049422SUSE bug 1066242SUSE bug 1066242SUSE bug 957814SUSE bug 1066242SUSE bug 1071906SUSE bug 1071906SUSE bug 1022086SUSE bug 1022086SUSE bug 1022086CVE-2017-5006openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2017-5006SUSE bug 1022049CVE-2017-5007openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2017-5007SUSE bug 1022049CVE-2017-5008openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2017-5008SUSE bug 1022049CVE-2017-5009openSUSE Leap 42.1
WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2017-5009SUSE bug 1022049CVE-2017-5010openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ImportantCVE-2017-5010SUSE bug 1022049CVE-2017-5011openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page.
ImportantCVE-2017-5011SUSE bug 1022049CVE-2017-5012openSUSE Leap 42.1
A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2017-5012SUSE bug 1022049CVE-2017-5013openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2017-5013SUSE bug 1022049CVE-2017-5014openSUSE Leap 42.1
Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5014SUSE bug 1022049CVE-2017-5015openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
ImportantCVE-2017-5015SUSE bug 1022049CVE-2017-5016openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page.
ImportantCVE-2017-5016SUSE bug 1022049CVE-2017-5017openSUSE Leap 42.1
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page.
ImportantCVE-2017-5017SUSE bug 1022049CVE-2017-5018openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
ImportantCVE-2017-5018SUSE bug 1022049CVE-2017-5019openSUSE Leap 42.1
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2017-5019SUSE bug 1022049CVE-2017-5020openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page.
ImportantCVE-2017-5020SUSE bug 1022049CVE-2017-5021openSUSE Leap 42.1
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5021SUSE bug 1022049CVE-2017-5022openSUSE Leap 42.1
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2017-5022SUSE bug 1022049CVE-2017-5023openSUSE Leap 42.1
Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.
ImportantCVE-2017-5023SUSE bug 1022049CVE-2017-5024openSUSE Leap 42.1
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
ImportantCVE-2017-5024SUSE bug 1022049CVE-2017-5025openSUSE Leap 42.1
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
ImportantCVE-2017-5025SUSE bug 1022049CVE-2017-5026openSUSE Leap 42.1
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.
ImportantCVE-2017-5026SUSE bug 1022049CVE-2017-5029openSUSE Leap 42.1
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
ModerateCVE-2017-5029SUSE bug 1028848SUSE bug 1028875SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905SUSE bug 1035905CVE-2017-5030openSUSE Leap 42.1
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
ImportantCVE-2017-5030SUSE bug 1028848SUSE bug 1028875CVE-2017-5031openSUSE Leap 42.1
A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5031SUSE bug 1028848SUSE bug 1028875CVE-2017-5032openSUSE Leap 42.1
PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2017-5032SUSE bug 1028848SUSE bug 1028875CVE-2017-5033openSUSE Leap 42.1
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.
ModerateCVE-2017-5033SUSE bug 1028848SUSE bug 1028875CVE-2017-5034openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
ImportantCVE-2017-5034SUSE bug 1028848SUSE bug 1028875CVE-2017-5035openSUSE Leap 42.1
Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.
ImportantCVE-2017-5035SUSE bug 1028848SUSE bug 1028875CVE-2017-5036openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file.
ImportantCVE-2017-5036SUSE bug 1028848SUSE bug 1028875CVE-2017-5037openSUSE Leap 42.1
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
ImportantCVE-2017-5037SUSE bug 1028848SUSE bug 1028875CVE-2017-5038openSUSE Leap 42.1
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
ImportantCVE-2017-5038SUSE bug 1028848SUSE bug 1028875CVE-2017-5039openSUSE Leap 42.1
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2017-5039SUSE bug 1028848SUSE bug 1028875CVE-2017-5040openSUSE Leap 42.1
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.
ModerateCVE-2017-5040SUSE bug 1028848SUSE bug 1028875CVE-2017-5041openSUSE Leap 42.1
Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page.
ModerateCVE-2017-5041SUSE bug 1028848SUSE bug 1028875CVE-2017-5042openSUSE Leap 42.1
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.
LowCVE-2017-5042SUSE bug 1028848SUSE bug 1028875CVE-2017-5043openSUSE Leap 42.1
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
ImportantCVE-2017-5043SUSE bug 1028848SUSE bug 1028875CVE-2017-5044openSUSE Leap 42.1
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5044SUSE bug 1028848SUSE bug 1028875CVE-2017-5045openSUSE Leap 42.1
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.
ModerateCVE-2017-5045SUSE bug 1028848SUSE bug 1028875CVE-2017-5046openSUSE Leap 42.1
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.
ModerateCVE-2017-5046SUSE bug 1028848SUSE bug 1028875CVE-2017-5052openSUSE Leap 42.1
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.
ImportantCVE-2017-5052SUSE bug 1031677CVE-2017-5053openSUSE Leap 42.1
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
ImportantCVE-2017-5053SUSE bug 1031677CVE-2017-5054openSUSE Leap 42.1
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.
ImportantCVE-2017-5054SUSE bug 1031677CVE-2017-5055openSUSE Leap 42.1
A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5055SUSE bug 1031677CVE-2017-5056openSUSE Leap 42.1
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5056SUSE bug 1031677CVE-2017-5057openSUSE Leap 42.1
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
ImportantCVE-2017-5057SUSE bug 1035103CVE-2017-5058openSUSE Leap 42.1
A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ImportantCVE-2017-5058SUSE bug 1035103CVE-2017-5059openSUSE Leap 42.1
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.
ImportantCVE-2017-5059SUSE bug 1035103CVE-2017-5060openSUSE Leap 42.1
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
ModerateCVE-2017-5060SUSE bug 1035103CVE-2017-5061openSUSE Leap 42.1
A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
LowCVE-2017-5061SUSE bug 1035103CVE-2017-5062openSUSE Leap 42.1
A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.
ImportantCVE-2017-5062SUSE bug 1035103CVE-2017-5063openSUSE Leap 42.1
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2017-5063SUSE bug 1035103CVE-2017-5064openSUSE Leap 42.1
Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2017-5064SUSE bug 1035103CVE-2017-5065openSUSE Leap 42.1
Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page.
ModerateCVE-2017-5065SUSE bug 1035103CVE-2017-5066openSUSE Leap 42.1
Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.
ModerateCVE-2017-5066SUSE bug 1035103CVE-2017-5067openSUSE Leap 42.1
An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2017-5067SUSE bug 1035103CVE-2017-5068openSUSE Leap 42.1
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.
ImportantCVE-2017-5068SUSE bug 1037594SUSE bug 1037594CVE-2017-5069openSUSE Leap 42.1
Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.
ModerateCVE-2017-5069SUSE bug 1035103CVE-2017-5193openSUSE Leap 42.1
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
ModerateCVE-2017-5193SUSE bug 1018357SUSE bug 1018357CVE-2017-5194openSUSE Leap 42.1
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
ModerateCVE-2017-5194SUSE bug 1018357SUSE bug 1018357CVE-2017-5195openSUSE Leap 42.1
Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.
ModerateCVE-2017-5195SUSE bug 1018357SUSE bug 1018357CVE-2017-5196openSUSE Leap 42.1
Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.
ModerateCVE-2017-5196SUSE bug 1018357SUSE bug 1018357CVE-2017-5202openSUSE Leap 42.1
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
ImportantCVE-2017-5202SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5203openSUSE Leap 42.1
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
ImportantCVE-2017-5203SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5204openSUSE Leap 42.1
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
ImportantCVE-2017-5204SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5205openSUSE Leap 42.1
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
ImportantCVE-2017-5205SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5208openSUSE Leap 42.1
Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.
ImportantCVE-2017-5208SUSE bug 1018756SUSE bug 1018756SUSE bug 1018756SUSE bug 1019328SUSE bug 1018756CVE-2017-5209openSUSE Leap 42.1
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
ModerateCVE-2017-5209SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1021610SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531SUSE bug 1019531CVE-2017-5225openSUSE Leap 42.1
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
ModerateCVE-2017-5225SUSE bug 1019611SUSE bug 1019611SUSE bug 1019611SUSE bug 1019611SUSE bug 1019611SUSE bug 1019611CVE-2017-5330openSUSE Leap 42.1
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
ImportantCVE-2017-5330SUSE bug 1018648SUSE bug 1018648CVE-2017-5331openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5331SUSE bug 1018756SUSE bug 1019328SUSE bug 1018756CVE-2017-5332openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5332SUSE bug 1018756SUSE bug 1019328SUSE bug 1018756CVE-2017-5333openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5333SUSE bug 1018756SUSE bug 1019328SUSE bug 1018756CVE-2017-5335openSUSE Leap 42.1
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.
ModerateCVE-2017-5335SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057CVE-2017-5336openSUSE Leap 42.1
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.
ModerateCVE-2017-5336SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057CVE-2017-5337openSUSE Leap 42.1
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
ModerateCVE-2017-5337SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057SUSE bug 1018832SUSE bug 1018832SUSE bug 1018832SUSE bug 1021057CVE-2017-5338openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2017-5338SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037CVE-2017-5339openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2017-5339SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037SUSE bug 1019037CVE-2017-5341openSUSE Leap 42.1
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
ImportantCVE-2017-5341SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5342openSUSE Leap 42.1
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
ImportantCVE-2017-5342SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5373openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5373SUSE bug 1021824SUSE bug 1021824SUSE bug 1021824SUSE bug 1021824SUSE bug 1021824SUSE bug 1021824SUSE bug 1021991CVE-2017-5374openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5374SUSE bug 1021841SUSE bug 1021841SUSE bug 1021991CVE-2017-5375openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5375SUSE bug 1021814SUSE bug 1021814SUSE bug 1021814SUSE bug 1021814SUSE bug 1021814SUSE bug 1021991CVE-2017-5376openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5376SUSE bug 1021817SUSE bug 1021817SUSE bug 1021817SUSE bug 1021817SUSE bug 1021817SUSE bug 1021991CVE-2017-5377openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5377SUSE bug 1021826SUSE bug 1021826SUSE bug 1021826SUSE bug 1021991CVE-2017-5378openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5378SUSE bug 1021818SUSE bug 1021818SUSE bug 1021818SUSE bug 1021818SUSE bug 1021818SUSE bug 1021991CVE-2017-5379openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5379SUSE bug 1021827SUSE bug 1021827SUSE bug 1021827SUSE bug 1021991CVE-2017-5380openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5380SUSE bug 1021819SUSE bug 1021819SUSE bug 1021819SUSE bug 1021819SUSE bug 1021819SUSE bug 1021991CVE-2017-5381openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5381SUSE bug 1021830SUSE bug 1021830SUSE bug 1021991CVE-2017-5382openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5382SUSE bug 1021831SUSE bug 1021831SUSE bug 1021991CVE-2017-5383openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5383SUSE bug 1021822SUSE bug 1021822SUSE bug 1021822SUSE bug 1021822SUSE bug 1021822SUSE bug 1021991CVE-2017-5384openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5384SUSE bug 1021832SUSE bug 1021832SUSE bug 1021991CVE-2017-5385openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5385SUSE bug 1021833SUSE bug 1021833SUSE bug 1021991CVE-2017-5386openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5386SUSE bug 1021823SUSE bug 1021823SUSE bug 1021991SUSE bug 1021823SUSE bug 1021823SUSE bug 1021991CVE-2017-5387openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2017-5387SUSE bug 1021839SUSE bug 1021839SUSE bug 1021991CVE-2017-5388openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2017-5388SUSE bug 1021840SUSE bug 1021840SUSE bug 1021991CVE-2017-5389openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5389SUSE bug 1021828SUSE bug 1021828SUSE bug 1021828SUSE bug 1021991CVE-2017-5390openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5390SUSE bug 1021820SUSE bug 1021820SUSE bug 1021820SUSE bug 1021820SUSE bug 1021820SUSE bug 1021991CVE-2017-5391openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5391SUSE bug 1021835SUSE bug 1021835SUSE bug 1021991CVE-2017-5392openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5392SUSE bug 1021836CVE-2017-5393openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5393SUSE bug 1021837SUSE bug 1021837SUSE bug 1021991CVE-2017-5394openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5394SUSE bug 1021834CVE-2017-5395openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2017-5395SUSE bug 1021838CVE-2017-5396openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5396SUSE bug 1021821SUSE bug 1021821SUSE bug 1021821SUSE bug 1021821SUSE bug 1021821SUSE bug 1021991CVE-2017-5398openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5398SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5399openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5399SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5400openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5400SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5401openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5401SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5402openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5402SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5403openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5403SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5404openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5404SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5405openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5405SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5406openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5406SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5407openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5407SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5408openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5408SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5410openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5410SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5412openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5412SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5413openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5413SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393CVE-2017-5414openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5414SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5415openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5415SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5416openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5416SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5417openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5417SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393CVE-2017-5418openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5418SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5419openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5419SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5420openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5420SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5421openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5421SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5422openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5422SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5426openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5426SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5427openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5427SUSE bug 1028391SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393SUSE bug 1028391SUSE bug 1028393CVE-2017-5428openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5428SUSE bug 1029822SUSE bug 1029822SUSE bug 1029822SUSE bug 1029822CVE-2017-5429openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5429SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5430openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5430SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5432openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5432SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5433openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5433SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5434openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5434SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5435openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5435SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5436openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5436SUSE bug 1035082SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204SUSE bug 1035204CVE-2017-5437openSUSE Leap 42.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10195, CVE-2016-10196, CVE-2016-10197. Reason: This candidate is a duplicate of CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. Notes: All CVE users should reference CVE-2016-10195, CVE-2016-10196, and/or CVE-2016-10197 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ImportantCVE-2017-5437SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5438openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5438SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5439openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5439SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5440openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5440SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5441openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5441SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5442openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5442SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5443openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5443SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5444openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5444SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5445openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5445SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5446openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5446SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5447openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5447SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5448openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5448SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5449openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5449SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5451openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5451SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5454openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
LowCVE-2017-5454SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5459openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5459SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5460openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5460SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5461openSUSE Leap 42.1
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
ImportantCVE-2017-5461SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5462openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5462SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5464openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5464SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5465openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5465SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5466openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5466SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5467openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2017-5467SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5469openSUSE Leap 42.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2017-5469SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209SUSE bug 1035082SUSE bug 1035209CVE-2017-5482openSUSE Leap 42.1
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
ImportantCVE-2017-5482SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5483openSUSE Leap 42.1
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
ImportantCVE-2017-5483SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5484openSUSE Leap 42.1
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
ImportantCVE-2017-5484SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5485openSUSE Leap 42.1
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
ImportantCVE-2017-5485SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5486openSUSE Leap 42.1
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
ImportantCVE-2017-5486SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940SUSE bug 1020940CVE-2017-5495openSUSE Leap 42.1
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP ports can trigger this vulnerability, prior to authentication. Most distributions restrict the Quagga telnet interface to local access only by default. The Quagga telnet interface 'vty' input buffer grows automatically, without bound, so long as a newline is not entered. This allows an attacker to cause the Quagga daemon to allocate unbounded memory by sending very long strings without a newline. Eventually the daemon is terminated by the system, or the system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free Range Routing (FRR) Protocol Suite 2017-01-10.
ModerateCVE-2017-5495SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669SUSE bug 1021669CVE-2017-5498openSUSE Leap 42.1
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
LowCVE-2017-5498SUSE bug 1020353SUSE bug 1020451SUSE bug 1020353SUSE bug 1020451SUSE bug 1020353SUSE bug 1020353SUSE bug 1020353SUSE bug 1020353SUSE bug 1020353CVE-2017-5506openSUSE Leap 42.1
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
ModerateCVE-2017-5506SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436SUSE bug 1020436CVE-2017-5507openSUSE Leap 42.1
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
ModerateCVE-2017-5507SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439SUSE bug 1020439CVE-2017-5508openSUSE Leap 42.1
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
ModerateCVE-2017-5508SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1020441SUSE bug 1086782SUSE bug 1086782SUSE bug 1086782CVE-2017-5510openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
ImportantCVE-2017-5510SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446SUSE bug 1020446CVE-2017-5511openSUSE Leap 42.1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
ImportantCVE-2017-5511SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448SUSE bug 1020448CVE-2017-5525openSUSE Leap 42.1
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
LowCVE-2017-5525SUSE bug 1020491SUSE bug 1020491SUSE bug 1020491SUSE bug 1020491SUSE bug 1020491CVE-2017-5526openSUSE Leap 42.1
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
LowCVE-2017-5526SUSE bug 1020589SUSE bug 1020589SUSE bug 1020589SUSE bug 1020589SUSE bug 1020589SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777SUSE bug 1059777CVE-2017-5545openSUSE Leap 42.1
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
ModerateCVE-2017-5545SUSE bug 1021610SUSE bug 1021610SUSE bug 1021610SUSE bug 1021610SUSE bug 1021610SUSE bug 1021610SUSE bug 1021610CVE-2017-5551openSUSE Leap 42.1
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.
LowCVE-2017-5551SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 995968SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258SUSE bug 995968SUSE bug 1021258SUSE bug 1021258SUSE bug 1021258CVE-2017-5592openSUSE Leap 42.1
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for profanity (0.4.7 - 0.5.0).
ModerateCVE-2017-5592SUSE bug 1024696SUSE bug 1024696CVE-2017-5627openSUSE Leap 42.1
An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file.
ImportantCVE-2017-5627SUSE bug 1022503SUSE bug 1022503SUSE bug 1022503SUSE bug 1022503CVE-2017-5628openSUSE Leap 42.1
An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file.
ImportantCVE-2017-5628SUSE bug 1022504SUSE bug 1022504SUSE bug 1022504SUSE bug 1022504CVE-2017-5647openSUSE Leap 42.1
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C.
ImportantCVE-2017-5647SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1036642SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1033448SUSE bug 1036642CVE-2017-5648openSUSE Leap 42.1
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application.
LowCVE-2017-5648SUSE bug 1033447SUSE bug 1033447SUSE bug 1033447SUSE bug 1033447SUSE bug 1033447SUSE bug 1033447SUSE bug 1033447CVE-2017-5667openSUSE Leap 42.1
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
ModerateCVE-2017-5667SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541SUSE bug 1022541CVE-2017-5669openSUSE Leap 42.1
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
ModerateCVE-2017-5669SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1026914SUSE bug 1090078CVE-2017-5834openSUSE Leap 42.1
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
ModerateCVE-2017-5834SUSE bug 1023848SUSE bug 1023848SUSE bug 1023848SUSE bug 1023848SUSE bug 1023848CVE-2017-5835openSUSE Leap 42.1
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
LowCVE-2017-5835SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822SUSE bug 1023822CVE-2017-5836openSUSE Leap 42.1
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
LowCVE-2017-5836SUSE bug 1023807SUSE bug 1023848SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807SUSE bug 1023807CVE-2017-5837openSUSE Leap 42.1
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
LowCVE-2017-5837SUSE bug 1023259SUSE bug 1024076SUSE bug 1024079SUSE bug 1024076SUSE bug 1024076SUSE bug 1024076SUSE bug 1024076SUSE bug 1024076SUSE bug 1024076CVE-2017-5838openSUSE Leap 42.1
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
ModerateCVE-2017-5838SUSE bug 1023259SUSE bug 1023259SUSE bug 1023259SUSE bug 1024051SUSE bug 1024051SUSE bug 1024051SUSE bug 1024051SUSE bug 1024051CVE-2017-5839openSUSE Leap 42.1
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.
LowCVE-2017-5839SUSE bug 1023259SUSE bug 1024047SUSE bug 1024047SUSE bug 1024047SUSE bug 1024047SUSE bug 1024047CVE-2017-5840openSUSE Leap 42.1
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
LowCVE-2017-5840SUSE bug 1023259SUSE bug 1024034SUSE bug 1024034SUSE bug 1024034SUSE bug 1024034CVE-2017-5841openSUSE Leap 42.1
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
LowCVE-2017-5841SUSE bug 1023259SUSE bug 1024030SUSE bug 1024062SUSE bug 1024030SUSE bug 1024030SUSE bug 1024030SUSE bug 1024030CVE-2017-5842openSUSE Leap 42.1
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
LowCVE-2017-5842SUSE bug 1023259SUSE bug 1024041SUSE bug 1024041SUSE bug 1024041SUSE bug 1024041SUSE bug 1024041CVE-2017-5844openSUSE Leap 42.1
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
LowCVE-2017-5844SUSE bug 1023259SUSE bug 1024079SUSE bug 1024079SUSE bug 1024079SUSE bug 1024079SUSE bug 1024079SUSE bug 1024079SUSE bug 1024079CVE-2017-5845openSUSE Leap 42.1
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.
LowCVE-2017-5845SUSE bug 1023259SUSE bug 1024062SUSE bug 1024062SUSE bug 1024062SUSE bug 1024062SUSE bug 1024062CVE-2017-5856openSUSE Leap 42.1
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
ModerateCVE-2017-5856SUSE bug 1023053SUSE bug 1023053SUSE bug 1024186SUSE bug 1024186SUSE bug 1023053SUSE bug 1023053SUSE bug 1023053SUSE bug 1023053SUSE bug 1023053SUSE bug 1024186CVE-2017-5896openSUSE Leap 42.1
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
ModerateCVE-2017-5896SUSE bug 1024679SUSE bug 1031053SUSE bug 1023761CVE-2017-5897openSUSE Leap 42.1
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
CriticalCVE-2017-5897SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1025039SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1025039SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762SUSE bug 1023762CVE-2017-5898openSUSE Leap 42.1
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.
ModerateCVE-2017-5898SUSE bug 1023907SUSE bug 1023907SUSE bug 1024307SUSE bug 1024307SUSE bug 1023907SUSE bug 1023907SUSE bug 1023907SUSE bug 1024307SUSE bug 1023907SUSE bug 1024307SUSE bug 1023907SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307SUSE bug 1024307CVE-2017-5930openSUSE Leap 42.1
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.
ModerateCVE-2017-5930SUSE bug 1024211SUSE bug 1024211SUSE bug 1024211SUSE bug 1024211CVE-2017-5938openSUSE Leap 42.1
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
ModerateCVE-2017-5938SUSE bug 1024393SUSE bug 1024393SUSE bug 1024393SUSE bug 1024393CVE-2017-5951openSUSE Leap 42.1
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
ModerateCVE-2017-5951SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1036453SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114SUSE bug 1032114CVE-2017-5953openSUSE Leap 42.1
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
ModerateCVE-2017-5953SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724SUSE bug 1024724CVE-2017-5970openSUSE Leap 42.1
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
ImportantCVE-2017-5970SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1025013SUSE bug 1024938SUSE bug 1024938SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013SUSE bug 1024938SUSE bug 1025013CVE-2017-5974openSUSE Leap 42.1
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5974SUSE bug 1024517SUSE bug 1024517SUSE bug 1024517SUSE bug 1024517SUSE bug 1024517CVE-2017-5975openSUSE Leap 42.1
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5975SUSE bug 1024528SUSE bug 1024528SUSE bug 1024528SUSE bug 1024528SUSE bug 1024528CVE-2017-5976openSUSE Leap 42.1
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
ModerateCVE-2017-5976SUSE bug 1024531SUSE bug 1024531SUSE bug 1024531SUSE bug 1024531SUSE bug 1024531CVE-2017-5977openSUSE Leap 42.1
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file.
ModerateCVE-2017-5977SUSE bug 1024534SUSE bug 1024534SUSE bug 1024534SUSE bug 1024534SUSE bug 1024534CVE-2017-5978openSUSE Leap 42.1
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file.
ModerateCVE-2017-5978SUSE bug 1024533SUSE bug 1024533SUSE bug 1024533SUSE bug 1024533SUSE bug 1024533CVE-2017-5979openSUSE Leap 42.1
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
ModerateCVE-2017-5979SUSE bug 1024535SUSE bug 1024535SUSE bug 1024535SUSE bug 1024535SUSE bug 1024535CVE-2017-5980openSUSE Leap 42.1
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
ModerateCVE-2017-5980SUSE bug 1024536SUSE bug 1024536SUSE bug 1024536SUSE bug 1024536SUSE bug 1024536CVE-2017-5981openSUSE Leap 42.1
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file.
ModerateCVE-2017-5981SUSE bug 1024539SUSE bug 1024539SUSE bug 1024539SUSE bug 1024539SUSE bug 1024539CVE-2017-5985openSUSE Leap 42.1
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
ModerateCVE-2017-5985SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264SUSE bug 1028264CVE-2017-5986openSUSE Leap 42.1
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
ModerateCVE-2017-5986SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1027066SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1027066SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235SUSE bug 1025235CVE-2017-6074openSUSE Leap 42.1
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
CriticalCVE-2017-6074SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1033287SUSE bug 1033287SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1033287SUSE bug 1033287SUSE bug 1033287SUSE bug 1033287SUSE bug 1026024SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1033287SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024SUSE bug 1026024CVE-2017-6188openSUSE Leap 42.1
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.
ModerateCVE-2017-6188SUSE bug 1026539SUSE bug 1026539SUSE bug 1026539SUSE bug 1026539SUSE bug 1026539SUSE bug 1026539CVE-2017-6214openSUSE Leap 42.1
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
ModerateCVE-2017-6214SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1027179SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722SUSE bug 1026722CVE-2017-6318openSUSE Leap 42.1
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
ModerateCVE-2017-6318SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197SUSE bug 1027197CVE-2017-6335openSUSE Leap 42.1
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
ImportantCVE-2017-6335SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255SUSE bug 1027255CVE-2017-6345openSUSE Leap 42.1
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
ModerateCVE-2017-6345SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027179SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190SUSE bug 1027190CVE-2017-6346openSUSE Leap 42.1
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
ModerateCVE-2017-6346SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027179SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1027189SUSE bug 1064388SUSE bug 1064388SUSE bug 1064388CVE-2017-6347openSUSE Leap 42.1
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission.
ModerateCVE-2017-6347SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179SUSE bug 1027179CVE-2017-6348openSUSE Leap 42.1
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
ModerateCVE-2017-6348SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178SUSE bug 1027178CVE-2017-6353openSUSE Leap 42.1
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.
ModerateCVE-2017-6353SUSE bug 1025235SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1025235SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066SUSE bug 1027066CVE-2017-6384openSUSE Leap 42.1
Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.
ImportantCVE-2017-6384SUSE bug 1027614SUSE bug 1027614SUSE bug 1027614CVE-2017-6410openSUSE Leap 42.1
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file.
ModerateCVE-2017-6410SUSE bug 1027309SUSE bug 1027520SUSE bug 1027309SUSE bug 1027520SUSE bug 1027309SUSE bug 1027520SUSE bug 1027520CVE-2017-6451openSUSE Leap 42.1
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.
ImportantCVE-2017-6451SUSE bug 1030050SUSE bug 1030050CVE-2017-6458openSUSE Leap 42.1
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
ImportantCVE-2017-6458SUSE bug 1030050SUSE bug 1030050CVE-2017-6460openSUSE Leap 42.1
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
ImportantCVE-2017-6460SUSE bug 1030050SUSE bug 1030050CVE-2017-6462openSUSE Leap 42.1
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
ImportantCVE-2017-6462SUSE bug 1030050SUSE bug 1030050CVE-2017-6463openSUSE Leap 42.1
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
ImportantCVE-2017-6463SUSE bug 1030050SUSE bug 1030050CVE-2017-6464openSUSE Leap 42.1
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
ModerateCVE-2017-6464SUSE bug 1030050SUSE bug 1030050SUSE bug 1030050CVE-2017-6503openSUSE Leap 42.1
WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.
ModerateCVE-2017-6503SUSE bug 1028072SUSE bug 1028072SUSE bug 1028072SUSE bug 1028072SUSE bug 1028072CVE-2017-6504openSUSE Leap 42.1
WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking.
ModerateCVE-2017-6504SUSE bug 1028073SUSE bug 1028073SUSE bug 1028073SUSE bug 1028073SUSE bug 1028073CVE-2017-6507openSUSE Leap 42.1
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic.
ModerateCVE-2017-6507SUSE bug 1029696SUSE bug 1029696SUSE bug 1029696SUSE bug 1029696SUSE bug 1029696SUSE bug 1029696CVE-2017-6508openSUSE Leap 42.1
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
ModerateCVE-2017-6508SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301SUSE bug 1028301CVE-2017-6542openSUSE Leap 42.1
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
ImportantCVE-2017-6542SUSE bug 1029256SUSE bug 1029256SUSE bug 1029256SUSE bug 1029256CVE-2017-6596openSUSE Leap 42.1
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a 'Denial of Service attack' in the context of the user running the affected application.
ModerateCVE-2017-6596SUSE bug 1028904SUSE bug 1028904SUSE bug 1028904CVE-2017-6820openSUSE Leap 42.1
rcube_utils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
ModerateCVE-2017-6820SUSE bug 1029035SUSE bug 1029035SUSE bug 1029035SUSE bug 1029035SUSE bug 1029035SUSE bug 1029035SUSE bug 1029035CVE-2017-6827openSUSE Leap 42.1
Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.
ImportantCVE-2017-6827SUSE bug 1026979SUSE bug 1026979SUSE bug 1026979SUSE bug 1026979SUSE bug 1026979SUSE bug 1026979CVE-2017-6828openSUSE Leap 42.1
Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file.
ImportantCVE-2017-6828SUSE bug 1026980SUSE bug 1026980SUSE bug 1026980SUSE bug 1026980SUSE bug 1026980SUSE bug 1026980CVE-2017-6829openSUSE Leap 42.1
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6829SUSE bug 1026981SUSE bug 1026981SUSE bug 1026981SUSE bug 1026981SUSE bug 1026981SUSE bug 1026981CVE-2017-6830openSUSE Leap 42.1
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6830SUSE bug 1026982SUSE bug 1026982SUSE bug 1026982SUSE bug 1026982SUSE bug 1026982SUSE bug 1026982CVE-2017-6831openSUSE Leap 42.1
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6831SUSE bug 1026983SUSE bug 1026983SUSE bug 1026983CVE-2017-6832openSUSE Leap 42.1
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6832SUSE bug 1026984SUSE bug 1026984SUSE bug 1026984CVE-2017-6833openSUSE Leap 42.1
The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
ModerateCVE-2017-6833SUSE bug 1026985SUSE bug 1026985SUSE bug 1026985CVE-2017-6834openSUSE Leap 42.1
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6834SUSE bug 1026986SUSE bug 1026986SUSE bug 1026986SUSE bug 1026986SUSE bug 1026986SUSE bug 1026986CVE-2017-6835openSUSE Leap 42.1
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
ModerateCVE-2017-6835SUSE bug 1026988SUSE bug 1026988SUSE bug 1026988CVE-2017-6836openSUSE Leap 42.1
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-6836SUSE bug 1026987SUSE bug 1026987SUSE bug 1026987CVE-2017-6837openSUSE Leap 42.1
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
ImportantCVE-2017-6837SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978CVE-2017-6838openSUSE Leap 42.1
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ImportantCVE-2017-6838SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978CVE-2017-6839openSUSE Leap 42.1
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
ImportantCVE-2017-6839SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978SUSE bug 1026978CVE-2017-6850openSUSE Leap 42.1
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
LowCVE-2017-6850SUSE bug 1021868SUSE bug 1021868SUSE bug 1021868SUSE bug 1021868SUSE bug 1021868CVE-2017-7184openSUSE Leap 42.1
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
ImportantCVE-2017-7184SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030575SUSE bug 1030573SUSE bug 1030573SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030575SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030573SUSE bug 1030573SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030573SUSE bug 1030575SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030575SUSE bug 1030573SUSE bug 1030573SUSE bug 1030573SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575SUSE bug 1030573SUSE bug 1030575CVE-2017-7187openSUSE Leap 42.1
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
ModerateCVE-2017-7187SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1027179SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213SUSE bug 1030213CVE-2017-7207openSUSE Leap 42.1
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
LowCVE-2017-7207SUSE bug 1030263SUSE bug 1030263SUSE bug 1030263SUSE bug 1036453SUSE bug 1030263SUSE bug 1030263SUSE bug 1030263SUSE bug 1030263SUSE bug 1030263SUSE bug 1030263CVE-2017-7261openSUSE Leap 42.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.
ModerateCVE-2017-7261SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1027179SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052SUSE bug 1031052CVE-2017-7294openSUSE Leap 42.1
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.
ImportantCVE-2017-7294SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1027179SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031481SUSE bug 1031440SUSE bug 1031440SUSE bug 1031440SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481SUSE bug 1031440SUSE bug 1031481CVE-2017-7308openSUSE Leap 42.1
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
ImportantCVE-2017-7308SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031660SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1027179SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031660SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660SUSE bug 1031579SUSE bug 1031660CVE-2017-7392openSUSE Leap 42.1
In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.
ModerateCVE-2017-7392SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886CVE-2017-7393openSUSE Leap 42.1
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution.
ModerateCVE-2017-7393SUSE bug 1031875SUSE bug 1031875SUSE bug 1031875SUSE bug 1031879SUSE bug 1031879SUSE bug 1031875SUSE bug 1031875SUSE bug 1031875SUSE bug 1031879SUSE bug 1031879SUSE bug 1031875CVE-2017-7394openSUSE Leap 42.1
In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames.
ImportantCVE-2017-7394SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879SUSE bug 1031879CVE-2017-7395openSUSE Leap 42.1
In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server.
ImportantCVE-2017-7395SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877SUSE bug 1031877CVE-2017-7396openSUSE Leap 42.1
In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server.
ModerateCVE-2017-7396SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886SUSE bug 1031886CVE-2017-7407openSUSE Leap 42.1
The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.
ModerateCVE-2017-7407SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309SUSE bug 1032309CVE-2017-7418openSUSE Leap 42.1
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.
ModerateCVE-2017-7418SUSE bug 1032443CVE-2017-7494openSUSE Leap 42.1
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
ImportantCVE-2017-7494SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1038231SUSE bug 1040816SUSE bug 1038231SUSE bug 1040816SUSE bug 1038231SUSE bug 1040816SUSE bug 1038231SUSE bug 1038231CVE-2017-7572openSUSE Leap 42.1
The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the owner of a process requesting a polkit operation is checked by polkitd via /proc/<pid>/status, by which time the requesting process may have been replaced by a different process with the same PID that has different privileges then the original requester.
CriticalCVE-2017-7572SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717SUSE bug 1032717CVE-2017-7585openSUSE Leap 42.1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
ImportantCVE-2017-7585SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033915SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054CVE-2017-7586openSUSE Leap 42.1
In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
ImportantCVE-2017-7586SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053SUSE bug 1033053CVE-2017-7616openSUSE Leap 42.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
ModerateCVE-2017-7616SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336SUSE bug 1033336CVE-2017-7618openSUSE Leap 42.1
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
ModerateCVE-2017-7618SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340SUSE bug 1033340CVE-2017-7741openSUSE Leap 42.1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
ImportantCVE-2017-7741SUSE bug 1033054SUSE bug 1033054SUSE bug 1033915SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033915SUSE bug 1033054SUSE bug 1033915SUSE bug 1033915CVE-2017-7742openSUSE Leap 42.1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
ImportantCVE-2017-7742SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033914SUSE bug 1033914SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033054SUSE bug 1033914SUSE bug 1033054SUSE bug 1033914SUSE bug 1033914CVE-2017-7853openSUSE Leap 42.1
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.
ModerateCVE-2017-7853SUSE bug 1034570SUSE bug 1034570SUSE bug 1034570SUSE bug 1034570SUSE bug 1034570SUSE bug 1034570SUSE bug 1034570CVE-2017-7875openSUSE Leap 42.1
In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.
ImportantCVE-2017-7875SUSE bug 1034567SUSE bug 1034567SUSE bug 1034567SUSE bug 1034567SUSE bug 1034567CVE-2017-7941openSUSE Leap 42.1
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
ModerateCVE-2017-7941SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876SUSE bug 1034876CVE-2017-8114openSUSE Leap 42.1
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
ImportantCVE-2017-8114SUSE bug 1036955SUSE bug 1036955SUSE bug 1036955SUSE bug 1036955SUSE bug 1036955CVE-2017-8291openSUSE Leap 42.1
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
ImportantCVE-2017-8291SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453SUSE bug 1036453CVE-2017-8364openSUSE Leap 42.1
The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.
ImportantCVE-2017-8364SUSE bug 1036941SUSE bug 1036941SUSE bug 1036941CVE-2017-8400openSUSE Leap 42.1
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution.
ImportantCVE-2017-8400SUSE bug 1037050SUSE bug 1037050SUSE bug 1037050SUSE bug 1037050CVE-2017-8401openSUSE Leap 42.1
In SWFTools 0.9.2, an out-of-bounds read of heap data can occur in the function png_load() in lib/png.c:724. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS.
ModerateCVE-2017-8401SUSE bug 1037051SUSE bug 1037051SUSE bug 1037051SUSE bug 1037051CVE-2017-8422openSUSE Leap 42.1
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
ImportantCVE-2017-8422SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 749065SUSE bug 869959SUSE bug 1033300SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1041511SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244SUSE bug 1036244kinitkinit-develkinit-langsles-releasechromedriverchromiumchromium-desktop-gnomechromium-desktop-kdechromium-ffmpegsumoirssiirssi-develhaproxysuse-sle12-cloud-compute-releaseopenstack-cinderopenstack-cinder-volumepython-cinderopenstack-neutronopenstack-neutron-dhcp-agentopenstack-neutron-ha-toolopenstack-neutron-l3-agentopenstack-neutron-lbaas-agentopenstack-neutron-linuxbridge-agentopenstack-neutron-metadata-agentopenstack-neutron-metering-agentopenstack-neutron-openvswitch-agentopenstack-neutron-vpn-agentpython-neutronpython-Beakerpython-keystoneclientpython-keystoneclient-docpython-pycryptopython-pymongopython-requestsruby2.1-rubygem-chefrubygem-chefImageMagicklibMagick++-6_Q16-3libMagickCore-6_Q16-1libMagickCore-6_Q16-1-32bitlibMagickWand-6_Q16-1sled-releaseMozillaFirefoxMozillaFirefox-translationsaaa_baseaaa_base-extrasaccountsserviceaccountsservice-langlibaccountsservice0typelib-1_0-AccountsService-1_0alsalibasound2libasound2-32bitargyllcmsavahiavahi-langlibavahi-client3libavahi-client3-32bitlibavahi-common3libavahi-common3-32bitlibavahi-core7libdns_sdlibdns_sd-32bitbashbash-docbash-langlibreadline6libreadline6-32bitreadline-docbind-libsbind-libs-32bitbind-utilsbogofilterbzip2libbz2-1libbz2-1-32bitcifs-utilsclamavcolordcolord-gtk-langcolord-langlibcolord-gtk1libcolord2libcolord2-32bitlibcolorhug2coolkeycoreutilscoreutils-langcpiocpio-langtartar-langcpp48gcc48gcc48-32bitgcc48-c++gcc48-gijgcc48-gij-32bitgcc48-infolibasan0libasan0-32bitlibatomic1libatomic1-32bitlibffi4libffi4-32bitlibgcc_s1libgcc_s1-32bitlibgcj48libgcj48-32bitlibgcj48-jarlibgcj_bc1libgfortran3libgomp1libgomp1-32bitlibitm1libitm1-32bitlibquadmath0libstdc++48-devellibstdc++48-devel-32bitlibstdc++6libstdc++6-32bitlibtsan0croncroniecupscups-clientcups-libscups-libs-32bitcups-filterscups-filters-cups-browsedcups-filters-foomatic-ripcups-filters-ghostscriptcups-pk-helpercups-pk-helper-langcurllibcurl4libcurl4-32bitcvscyrus-saslcyrus-sasl-32bitcyrus-sasl-crammd5cyrus-sasl-crammd5-32bitcyrus-sasl-digestmd5cyrus-sasl-digestmd5-32bitcyrus-sasl-gssapicyrus-sasl-gssapi-32bitcyrus-sasl-plaincyrus-sasl-plain-32bitcyrus-sasl-saslauthdlibsasl2-3libsasl2-3-32bitdbus-1dbus-1-x11libdbus-1-3libdbus-1-3-32bitdbus-1-glibdbus-1-glib-32bitdhcpdhcp-clientdiadia-langdracutecryptfs-utilsecryptfs-utils-32bitelfutilslibasm1libdw1libdw1-32bitlibebl1libebl1-32bitlibelf1libelf1-32bitemacsemacs-infoemacs-x11etagsempathyempathy-langtelepathy-mission-control-plugin-goaevinceevince-langlibevdocument3-4libevview3-3typelib-1_0-EvinceDocument-3_0typelib-1_0-EvinceView-3_0expatlibexpat1libexpat1-32bitfacterfetchmailfilefile-magiclibmagic1libmagic1-32bitfinchlibpurplelibpurple-langlibpurple-meanwhilelibpurple-tclpidginflash-playerflash-player-gnomefreerdplibfreerdp-1_0libfreerdp-1_0-pluginsft2demosfuselibfuse2g3utilsmgettygdgd-32bitgdk-pixbuf-langgdk-pixbuf-query-loadersgdk-pixbuf-query-loaders-32bitlibgdk_pixbuf-2_0-0libgdk_pixbuf-2_0-0-32bittypelib-1_0-GdkPixbuf-2_0gdk-pixbuf-loader-rsvglibrsvg-2-2librsvg-2-2-32bitrsvg-viewgdmgdm-branding-upstreamgdm-langgdmflexiserverlibgdm1typelib-1_0-Gdm-1_0gimpgimp-langgimp-plugins-pythonlibgimp-2_0-0libgimpui-2_0-0glib2-langglib2-toolslibgio-2_0-0libgio-2_0-0-32bitlibgio-famlibglib-2_0-0libglib-2_0-0-32bitlibgmodule-2_0-0libgmodule-2_0-0-32bitlibgobject-2_0-0libgobject-2_0-0-32bitlibgthread-2_0-0libgthread-2_0-0-32bitglibcglibc-32bitglibc-develglibc-devel-32bitglibc-i18ndataglibc-localeglibc-locale-32bitnscdgnome-keyringgnome-keyring-32bitgnome-keyring-langgnome-keyring-pamgnome-keyring-pam-32bitlibgck-modules-gnome-keyringgnome-online-accountsgnome-online-accounts-langlibgoa-1_0-0libgoa-backend-1_0-1typelib-1_0-Goa-1_0gnome-shellgnome-shell-browser-plugingnome-shell-calendargnome-shell-langgnutlslibgnutls28libgnutls28-32bitgpg2gpg2-langgpgmelibgpgme11groffgvimvimvim-datagziphardlinkhpliphplip-hpijshplip-saneibus-chewingibus-pinyiniputilsjava-1_7_0-openjdkjava-1_7_0-openjdk-headlessjava-1_7_0-openjdk-pluginkbdkernel-defaultkernel-default-develkernel-default-extrakernel-develkernel-macroskernel-sourcekernel-symskernel-xenkernel-xen-develkrb5krb5-32bitkrb5-clientkrb5-appl-clientslcmsliblcms1liblcms1-32bitlibHX28libHX28-32bitlibIlmImf-Imf_2_1-21libIlmImf-Imf_2_1-21-32bitopenexrlibX11-6libX11-6-32bitlibX11-datalibX11-xcb1libX11-xcb1-32bitlibXRes1libXRes1-32bitlibXcursor1libXcursor1-32bitlibXext6libXext6-32bitlibXfixes3libXfixes3-32bitlibXfont1libXi6libXi6-32bitlibXinerama1libXinerama1-32bitlibXp6libXp6-32bitlibXrandr2libXrandr2-32bitlibXrender1libXrender1-32bitlibXt6libXt6-32bitlibXtst6libXtst6-32bitlibXv1libXv1-32bitlibXvMC1libXxf86dga1libXxf86vm1libXxf86vm1-32bitlibaugeas0libblkid1libblkid1-32bitlibmount1libmount1-32bitlibsmartcols1libuuid-devellibuuid1libuuid1-32bitpython-libmountutil-linuxutil-linux-langutil-linux-systemduuiddlibcgroup1libdcerpc-binding0libdcerpc-binding0-32bitlibdcerpc0libdcerpc0-32bitlibgensec0libgensec0-32bitlibndr-krb5pac0libndr-krb5pac0-32bitlibndr-nbt0libndr-nbt0-32bitlibndr-standard0libndr-standard0-32bitlibndr0libndr0-32bitlibnetapi0libnetapi0-32bitlibpdb0libpdb0-32bitlibregistry0libsamba-credentials0libsamba-credentials0-32bitlibsamba-hostconfig0libsamba-hostconfig0-32bitlibsamba-util0libsamba-util0-32bitlibsamdb0libsamdb0-32bitlibsmbclient-raw0libsmbclient-raw0-32bitlibsmbclient0libsmbclient0-32bitlibsmbconf0libsmbconf0-32bitlibsmbldap0libsmbldap0-32bitlibtevent-util0libtevent-util0-32bitlibwbclient0libwbclient0-32bitsambasamba-32bitsamba-clientsamba-client-32bitsamba-docsamba-libssamba-libs-32bitsamba-winbindsamba-winbind-32bitlibdmx1libecpg6libpq5libpq5-32bitpostgresql93libevent-2_0-5libexif12libexif12-32bitlibfbembed2_5libfreebl3libfreebl3-32bitlibsoftokn3libsoftokn3-32bitmozilla-nssmozilla-nss-32bitmozilla-nss-certsmozilla-nss-certs-32bitmozilla-nss-toolslibfreetype6libfreetype6-32bitlibgadu3libgc1libgcrypt20libgcrypt20-32bitlibgnomesulibgnomesu-langlibgnomesu0libgssglue1libgssglue1-32bitlibgudev-1_0-0libgudev-1_0-0-32bitlibudev1libudev1-32bitsystemdsystemd-32bitsystemd-bash-completionsystemd-sysvinitudevlibid3tag0libipa_hbac0libsss_idmap0python-sssd-configsssdsssd-32bitsssd-adsssd-ipasssd-krb5sssd-krb5-commonsssd-ldapsssd-proxysssd-toolslibjavascriptcoregtk-1_0-0libjavascriptcoregtk-1_0-0-32bitlibjavascriptcoregtk-3_0-0libwebkit2gtk-3_0-25libwebkitgtk-1_0-0libwebkitgtk-1_0-0-32bitlibwebkitgtk-3_0-0libwebkitgtk2-langlibwebkitgtk3-langtypelib-1_0-JavaScriptCore-3_0typelib-1_0-WebKit-3_0libjbig2libjbig2-32bitlibjson-c2libjson-c2-32bitlibltdl7libltdl7-32bitliblua5_2lualiblzo2-2liblzo2-2-32bitlibmikmod3libmikmod3-32bitlibmms0libmodplug1libmspack0libmusicbrainz4libmysqlclient18libmysqlclient18-32bitlibmysqlclient_r18libmysqlclient_r18-32bitmariadbmariadb-clientmariadb-errormessageslibneon27libopenssl0_9_8libopenssl0_9_8-32bitlibopenssl1_0_0libopenssl1_0_0-32bitopenssllibpango-1_0-0libpango-1_0-0-32bitpango-modulespango-modules-32bittypelib-1_0-Pango-1_0libpcsclite1libpcsclite1-32bitpcsc-litelibpng12-0libpng12-0-32bitlibpng16-16libpng16-16-32bitlibpolkit0libpolkit0-32bitpolkittypelib-1_0-Polkit-1_0libpoppler-glib8libpoppler-qt4-4libpoppler44poppler-toolslibproxy1libproxy1-32bitlibproxy1-config-gnome3libproxy1-config-gnome3-32bitlibproxy1-networkmanagerlibproxy1-networkmanager-32bitlibpulse-mainloop-glib0libpulse-mainloop-glib0-32bitlibpulse0libpulse0-32bitpulseaudiopulseaudio-esound-compatpulseaudio-gdm-hookspulseaudio-langpulseaudio-module-bluetoothpulseaudio-module-gconfpulseaudio-module-jackpulseaudio-module-lircpulseaudio-module-x11pulseaudio-module-zeroconfpulseaudio-utilslibpython2_7-1_0libpython2_7-1_0-32bitpython-basepython-develpython-xmllibpython3_4m1_0python3-baselibqt4libqt4-32bitlibqt4-qt3supportlibqt4-qt3support-32bitlibqt4-sqllibqt4-sql-32bitlibqt4-sql-mysqllibqt4-sql-mysql-32bitlibqt4-sql-postgresqllibqt4-sql-postgresql-32bitlibqt4-sql-sqlitelibqt4-sql-sqlite-32bitlibqt4-sql-unixODBClibqt4-sql-unixODBC-32bitlibqt4-x11libqt4-x11-32bitlibraptor2-0raptorlibraw9libreofficelibreoffice-baselibreoffice-base-drivers-mysqllibreoffice-base-drivers-postgresqllibreoffice-calclibreoffice-calc-extensionslibreoffice-drawlibreoffice-filters-optionallibreoffice-gnomelibreoffice-icon-theme-tangolibreoffice-impresslibreoffice-l10n-aflibreoffice-l10n-arlibreoffice-l10n-calibreoffice-l10n-cslibreoffice-l10n-dalibreoffice-l10n-delibreoffice-l10n-enlibreoffice-l10n-eslibreoffice-l10n-filibreoffice-l10n-frlibreoffice-l10n-gulibreoffice-l10n-hilibreoffice-l10n-hulibreoffice-l10n-itlibreoffice-l10n-jalibreoffice-l10n-kolibreoffice-l10n-nblibreoffice-l10n-nllibreoffice-l10n-nnlibreoffice-l10n-pllibreoffice-l10n-pt-BRlibreoffice-l10n-pt-PTlibreoffice-l10n-rulibreoffice-l10n-sklibreoffice-l10n-svlibreoffice-l10n-xhlibreoffice-l10n-zh-Hanslibreoffice-l10n-zh-Hantlibreoffice-l10n-zulibreoffice-mailmergelibreoffice-mathlibreoffice-officebeanlibreoffice-pyunolibreoffice-writerlibreoffice-writer-extensionslibrpcsecgss3libsilc-1_1-2libsilcclient-1_1-3silc-toolkitlibsmilibsmi2libsndfile1libsndfile1-32bitlibsnmp30libsnmp30-32bitnet-snmpperl-SNMPsnmp-mibslibsoup-2_4-1libsoup-2_4-1-32bitlibsoup-langtypelib-1_0-Soup-2_4libspice-client-glib-2_0-8libspice-client-gtk-2_0-4libspice-client-gtk-3_0-4libspice-controller0typelib-1_0-SpiceClientGlib-2_0typelib-1_0-SpiceClientGtk-3_0libssh4libtag1libtag1-32bitlibtag_c0libtag_c0-32bittagliblibtasn1libtasn1-6libtasn1-6-32bitlibtiff5libtiff5-32bitlibudisks2-0udisks2udisks2-langlibvirtlibvirt-clientlibvirt-client-32bitlibvirt-daemonlibvirt-daemon-config-networklibvirt-daemon-config-nwfilterlibvirt-daemon-driver-interfacelibvirt-daemon-driver-libxllibvirt-daemon-driver-lxclibvirt-daemon-driver-networklibvirt-daemon-driver-nodedevlibvirt-daemon-driver-nwfilterlibvirt-daemon-driver-qemulibvirt-daemon-driver-secretlibvirt-daemon-driver-storagelibvirt-daemon-lxclibvirt-daemon-qemulibvirt-daemon-xenlibvirt-doclibvorbis0libvorbis0-32bitlibvorbisenc2libvorbisenc2-32bitlibvorbisfile3libvorbisfile3-32bitlibvte9libxcb-dri2-0libxcb-dri2-0-32bitlibxcb-glx0libxcb-glx0-32bitlibxcb-randr0libxcb-render0libxcb-render0-32bitlibxcb-shape0libxcb-shm0libxcb-shm0-32bitlibxcb-sync1libxcb-xf86dri0libxcb-xfixes0libxcb-xfixes0-32bitlibxcb-xkb1libxcb-xkb1-32bitlibxcb-xv0libxcb1libxcb1-32bitlibxerces-c-3_1libxerces-c-3_1-32bitlibxml2-2libxml2-2-32bitlibxml2-toolslibyaml-0-2libzip2libzmq3logrotatem4mipv6dmozilla-nsprmozilla-nspr-32bitmuttntpntp-docopenscopenslpopenslp-32bitopensshopenssh-helperspampam-32bitpam-docpam-modulespam-modules-32bitpam_krb5pam_krb5-32bitpam_sshpam_ssh-32bitpatchpcsc-ccidperlperl-32bitperl-baseperl-docperl-Config-IniFilesperl-HTML-Parserperl-LWP-Protocol-httpsperl-Tkperl-YAML-LibYAMLpidgin-otrpppprocmailpuppetpythonpython-cursespython-tkpython3python-cupshelperssystem-config-printersystem-config-printer-commonsystem-config-printer-common-langsystem-config-printer-dbus-serviceudev-configure-printerpython-imagingpython-libxml2python-pyOpenSSLpython-pywbemqemuqemu-block-curlqemu-ipxeqemu-kvmqemu-seabiosqemu-sgabiosqemu-toolsqemu-vgabiosqemu-x86radvdrhythmboxrhythmbox-langrsyncrsyslogrtkitrubyshimsocatsquashfsstrongswanstrongswan-docstrongswan-ipsecstrongswan-libs0sudosysconfigsysconfig-netconfigsyslog-servicesysvinit-toolswhoistelepathy-gabbletelepathy-idletftptigervncxorg-x11-XvncunixODBCunixODBC-32bitvinovino-langvorbis-toolsvorbis-tools-langw3mwdiffwgetwiresharkxalan-j2xenxen-kmp-defaultxen-libsxen-libs-32bitxf86-video-intelxinetdxlockmorexorg-x11xorg-x11-essentialsxrdbxorg-x11-libsxorg-x11-serverxorg-x11-server-extrayast2yast2-corezooDirectFBlib++dfb-1_7-1libdirectfb-1_7-1libdirectfb-1_7-1-32bitautofsbinutilsbusyboxdnsmasqe2fsprogslibcom_err2libcom_err2-32bitlibext2fs2gnome-settings-daemongnome-settings-daemon-langgstreamer-0_10-plugins-badgstreamer-0_10-plugins-bad-langlibgstbasecamerabinsrc-0_10-23libgstbasecamerabinsrc-0_10-23-32bitlibgstbasevideo-0_10-23libgstbasevideo-0_10-23-32bitlibgstcodecparsers-0_10-23libgstphotography-0_10-23libgstphotography-0_10-23-32bitlibgstsignalprocessor-0_10-23libgstsignalprocessor-0_10-23-32bitlibgstvdp-0_10-23libgstvdp-0_10-23-32bithyper-viculibicu52_1libicu52_1-32bitlibicu52_1-datajava-1_8_0-openjdk-pluginjava-1_8_0-openjdkjava-1_8_0-openjdk-headlesslibFLAC8libFLAC8-32bitlibQt5Core5libQt5DBus5libQt5Gui5libQt5Widgets5libarchive13libsamba-passdb0libsamba-passdb0-32bitpostgresql94mozilla-nss-sysinitmozilla-nss-sysinit-32bitlibsss_sudolibjasper1libjasper1-32bitlibjpeg-turbolibjpeg62libjpeg62-32bitlibjpeg62-turbolibjpeg8libjpeg8-32bitlibturbojpeg0libksba8libmpfr4libpng15-15libruby2_1-2_1ruby2.1ruby2.1-stdliblibspice-server1libssh2-1libssh2-1-32bitlibvdpau1libvdpau1-32bitlibwmf-0_2-7mailxopenvpnp7zipperl-XML-LibXMLpigzrpcbindrpmrpm-32bitrpm-buildsblim-sfcbtcpdumpunzipwpa_supplicantxdg-utilsNetworkManagerNetworkManager-langlibnm-glib-vpn1libnm-glib4libnm-util2libnm0typelib-1_0-NM-1_0typelib-1_0-NMClient-1_0typelib-1_0-NetworkManager-1_0atlibQtWebKit4libQtWebKit4-32bitlibbonobolibbonobo-32bitlibbonobo-langlibkde4libkde4-32bitlibkdecore4libkdecore4-32bitlibksuseinstall1libksuseinstall1-32bitlibnetpbm11libnetpbm11-32bitnetpbmaugeasaugeas-lensescrackliblibcrack2libcrack2-32bitctagsdosfstoolseogeog-langevince-browser-pluginevince-plugin-djvudocumentevince-plugin-dvidocumentevince-plugin-pdfdocumentevince-plugin-psdocumentevince-plugin-tiffdocumentevince-plugin-xpsdocumentnautilus-evincefontconfigfontconfig-32bitlibfreerdp2ghostscriptghostscript-x11libgoa-1_0-0-32bitgrub2grub2-i386-pcgrub2-snapper-plugingrub2-systemd-sleep-plugingrub2-x86_64-efigrub2-x86_64-xengtk2-datagtk2-langgtk2-toolsgtk2-tools-32bitlibgtk-2_0-0libgtk-2_0-0-32bittypelib-1_0-Gtk-2_0imobiledevice-toolslibimobiledevice6kdumplhasaliblhasa0libFLAC++6libFLAC++6-32bitlibQt5Concurrent5libQt5Network5libQt5OpenGL5libQt5PrintSupport5libQt5Sql5libQt5Sql5-mysqllibQt5Sql5-postgresqllibQt5Sql5-sqlitelibQt5Sql5-unixODBClibQt5Test5libQt5Xml5libQt5WebKit5libQt5WebKit5-importslibQt5WebKitWidgets5libXvnc1libasan2libasan2-32bitlibmpx0libmpx0-32bitlibmpxwrappers0libmpxwrappers0-32bitlibfdisk1libdcerpc-atsvc0libsamba-errors0libsamba-errors0-32bitlibgif6libgif6-32bitlibgraphite2-3libgraphite2-3-32bitlibgypsy0libhogweed2libhogweed2-32bitlibnettle4libnettle4-32bitlibidn11libidn11-32bitlibjavascriptcoregtk-4_0-18libwebkit2gtk-4_0-37libwebkit2gtk3-langtypelib-1_0-JavaScriptCore-4_0typelib-1_0-WebKit2-4_0webkit2gtk-4_0-injected-bundleslibldap-2_4-2libldap-2_4-2-32bitopenldap2-clientlibldb1libldb1-32bitlibndp0libnewt0_52libopenssl-devellibotr5libpoppler60libproxy1-pacrunner-webkitlibreoffice-icon-theme-galaxylibreoffice-l10n-rolibreofficekitlibspice-client-glib-helperlibsqlite3-0libsqlite3-0-32bitsqlite3libsrtp1libsystemd0libsystemd0-32bitlibthai-datalibthai0libthai0-32bitlibusbmuxd4libxcb-dri3-0libxcb-dri3-0-32bitlibxcb-present0libxcb-present0-32bitlibxcb-sync1-32bitlibxcb-xinerama0python3-cursessupportutilsupdate-alternativesxfsprogsxscreensaverxscreensaver-datayast2-usersapparmor-docsapparmor-parserapparmor-profilesapparmor-utilslibapparmor1libapparmor1-32bitpam_apparmorpam_apparmor-32bitperl-apparmoraudiofilelibaudiofile1libaudiofile1-32bitdrm-kmp-defaultlibpurple-branding-upstreamlibpurple-plugin-sametimegegl-0_2gegl-0_2-langlibgegl-0_2-0gstreamergstreamer-langgstreamer-utilslibgstreamer-1_0-0libgstreamer-1_0-0-32bittypelib-1_0-Gst-1_0gstreamer-0_10-plugins-basegstreamer-0_10-plugins-base-32bitgstreamer-0_10-plugins-base-langlibgstapp-0_10-0libgstapp-0_10-0-32bitlibgstinterfaces-0_10-0libgstinterfaces-0_10-0-32bitgstreamer-0_10-plugins-goodgstreamer-0_10-plugins-good-langgstreamer-plugins-badgstreamer-plugins-bad-langlibgstadaptivedemux-1_0-0libgstbadaudio-1_0-0libgstbadbase-1_0-0libgstbadvideo-1_0-0libgstbasecamerabinsrc-1_0-0libgstcodecparsers-1_0-0libgstgl-1_0-0libgstmpegts-1_0-0libgstphotography-1_0-0libgsturidownloader-1_0-0gstreamer-plugins-basegstreamer-plugins-base-langlibgstallocators-1_0-0libgstapp-1_0-0libgstapp-1_0-0-32bitlibgstaudio-1_0-0libgstaudio-1_0-0-32bitlibgstfft-1_0-0libgstfft-1_0-0-32bitlibgstpbutils-1_0-0libgstpbutils-1_0-0-32bitlibgstriff-1_0-0libgstrtp-1_0-0libgstrtsp-1_0-0libgstsdp-1_0-0libgsttag-1_0-0libgsttag-1_0-0-32bitlibgstvideo-1_0-0libgstvideo-1_0-0-32bittypelib-1_0-GstAudio-1_0typelib-1_0-GstPbutils-1_0typelib-1_0-GstTag-1_0typelib-1_0-GstVideo-1_0gstreamer-plugins-goodgstreamer-plugins-good-langguileguile-modules-2_0libguile-2_0-22lftplibXpm4libXpm4-32bitlibass5libcairo-gobject2libcairo-gobject2-32bitlibcairo-script-interpreter2libcairo2libcairo2-32bitlibcares2libcares2-32bitpostgresql96libgme0libsss_nss_idmap0libopenjp2-7libopus0libosip2libpcre1libpcre1-32bitlibpcre16-0libpcrecpp0libpcrecpp0-32bitlibplist++3libplist3libquicktime0libreoffice-l10n-pt_BRlibreoffice-l10n-pt_PTlibreoffice-l10n-zh_CNlibreoffice-l10n-zh_TWlibspice-client-gtk-3_0-5libtirpc-netconfiglibtirpc3libtirpc3-32bitlibvirglrenderer0libvirt-adminlibvirt-daemon-driver-storage-corelibvirt-daemon-driver-storage-disklibvirt-daemon-driver-storage-iscsilibvirt-daemon-driver-storage-logicallibvirt-daemon-driver-storage-mpathlibvirt-daemon-driver-storage-rbdlibvirt-daemon-driver-storage-scsilibvirt-libslibvmtools0open-vm-toolsopen-vm-tools-desktoplibwireshark8libwiretap6libwscodecs1libwsutil7wireshark-gtklibxslt-toolslibxslt1libxslt1-32bitlibz1libz1-32bitzlib-devellibzzip-0-13minicompidgin-plugin-otrrrdtoolrrdtool-cachedsane-backendssane-backends-32bitsane-backends-autoconfigunrarcluster-md-kmp-defaultcluster-network-kmp-defaultdlm-kmp-defaultgfs2-kmp-defaultocfs2-kmp-defaultsle-ha-releaseconntrack-toolsctdbfence-agentslibpacemaker3pacemakerpacemaker-clipacemaker-ctspacemaker-remotelighttpdpython-PyYAMLruby2.1-rubygem-bundlerlibpcreposix0sle-module-adv-systems-management-releasepuppet-serverdockersle-module-containers-releasecups154cups154-clientcups154-filterscups154-libssle-module-legacy-releasejava-1_6_0-ibmjava-1_6_0-ibm-fontsjava-1_6_0-ibm-jdbcjava-1_6_0-ibm-pluginsyslog-ngsle-module-public-cloudcpp5gcc5gcc5-c++gcc5-fortrangcc5-infogcc5-localelibffi-devel-gcc5libstdc++6-devel-gcc5sle-module-toolchain-releaseapache2-mod_php5php5php5-bcmathphp5-bz2php5-calendarphp5-ctypephp5-curlphp5-dbaphp5-domphp5-enchantphp5-exifphp5-fastcgiphp5-fileinfophp5-fpmphp5-ftpphp5-gdphp5-gettextphp5-gmpphp5-iconvphp5-intlphp5-jsonphp5-ldapphp5-mbstringphp5-mcryptphp5-mysqlphp5-odbcphp5-opensslphp5-pcntlphp5-pdophp5-pearphp5-pgsqlphp5-pspellphp5-shmopphp5-snmpphp5-soapphp5-socketsphp5-sqlitephp5-suhosinphp5-sysvmsgphp5-sysvsemphp5-sysvshmphp5-tokenizerphp5-wddxphp5-xmlreaderphp5-xmlrpcphp5-xmlwriterphp5-xslphp5-zipphp5-zlibsle-module-web-scriptingapache2-mod_php7php7php7-bcmathphp7-bz2php7-calendarphp7-ctypephp7-curlphp7-dbaphp7-domphp7-enchantphp7-exifphp7-fastcgiphp7-fileinfophp7-fpmphp7-ftpphp7-gdphp7-gettextphp7-gmpphp7-iconvphp7-imapphp7-intlphp7-jsonphp7-ldapphp7-mbstringphp7-mcryptphp7-mysqlphp7-odbcphp7-opcachephp7-opensslphp7-pcntlphp7-pdophp7-pearphp7-pear-Archive_Tarphp7-pgsqlphp7-pharphp7-posixphp7-pspellphp7-shmopphp7-snmpphp7-soapphp7-socketsphp7-sqlitephp7-sysvmsgphp7-sysvsemphp7-sysvshmphp7-tokenizerphp7-wddxphp7-xmlreaderphp7-xmlrpcphp7-xmlwriterphp7-xslphp7-zipphp7-zlibapache2-mod_wsginodejs4nodejs4-develnodejs4-docsnpm4nodejs6nodejs6-develnodejs6-docsnpm6alsa-docsantapache-commons-beanutilsapache-commons-beanutils-javadocapache-commons-daemonapache-commons-daemon-javadocapache-commons-httpclientapache2apache2-docapache2-example-pagesapache2-preforkapache2-utilsapache2-workerapache2-mod_jkapache2-mod_nssapache2-mod_perlautomakeavahi-utilsbindbind-chrootenvbind-docbzip2-docgcc48-localecvs-doccyrus-sasl-otpcyrus-sasl-otp-32bitcyrus-sasl-sqlauxpropcyrus-sasl-sqlauxprop-32bitdhcp-relaydhcp-serverdovecot22dovecot22-backend-mysqldovecot22-backend-pgsqldovecot22-backend-sqlitedracut-fipslibasm1-32bitemacs-elemacs-noxfetchmailconffreeradius-serverfreeradius-server-docfreeradius-server-libsfreeradius-server-utilsgit-coreglibc-htmlglibc-infoglibc-profileglibc-profile-32bitlibgnutls-openssl27groff-fullgxditviewguestfs-dataguestfs-toolsguestfsdlibguestfs0perl-Sys-Guestfsgvjakarta-commons-fileuploadjakarta-commons-fileupload-javadocjava-1_7_0-openjdk-demojava-1_7_0-openjdk-develkernel-default-basekernel-default-mankernel-xen-basekrb5-dockrb5-plugin-kdb-ldapkrb5-plugin-preauth-otpkrb5-plugin-preauth-pkinitkrb5-serverkrb5-appl-serverslibapr-util1libapr-util1-dbd-sqlite3libapr1libcgroup-toolspostgresql93-contribpostgresql93-docspostgresql93-serverlibfreebl3-hmaclibfreebl3-hmac-32bitlibsoftokn3-hmaclibsoftokn3-hmac-32bitlibgcrypt20-hmaclibgcrypt20-hmac-32bitlibtoollibtool-32bitliblua5_2-32bitmariadb-toolslibneon27-32bitlibopenssl1_0_0-hmaclibopenssl1_0_0-hmac-32bitopenssl-docpython-base-32bitqt4-x11-toolstifflibupsclient1nutnut-drivers-netlibvirt-lock-sanlocklibvorbis-docpython-vtevte2-langlibxml2-doclogwatchmailmanopenslp-serveropenssh-fipsopenvswitchopenvswitch-kmp-defaultopenvswitch-kmp-xenopenvswitch-switchopieopie-32bitperl-Cyrus-IMAPperl-Cyrus-SIEVE-managesieveppc64-diagpython-32bitpython-demopython-gdbmpython-idleqemu-guest-agentqemu-langqemu-ppcqemu-s390quaggarsyslog-diag-toolsrsyslog-docrsyslog-module-gssapirsyslog-module-gtlsrsyslog-module-mysqlrsyslog-module-pgsqlrsyslog-module-relprsyslog-module-snmprsyslog-module-udpspoofsquidsquidGuardsquidGuard-docstunnelsystemtapsystemtap-runtimesystemtap-servertomcattomcat-admin-webappstomcat-docs-webapptomcat-el-2_2-apitomcat-javadoctomcat-jsp-2_2-apitomcat-libtomcat-servlet-3_0-apitomcat-webappsxen-doc-htmlxen-toolsxen-tools-domUdavfs2freeradius-server-krb5freeradius-server-ldapfreeradius-server-mysqlfreeradius-server-perlfreeradius-server-postgresqlfreeradius-server-pythonfreeradius-server-sqlitepython-libguestfsipsec-toolsjava-1_7_1-ibmjava-1_7_1-ibm-alsajava-1_7_1-ibm-jdbcjava-1_7_1-ibm-pluginjava-1_8_0-ibmjava-1_8_0-ibm-alsajava-1_8_0-ibm-pluginjava-1_8_0-openjdk-demojava-1_8_0-openjdk-develpostgresql94-contribpostgresql94-docspostgresql94-serverlibhivex0perl-Win-Hivexlibicu-doclibjansson4libmpfr4-32bitopenldap2openldap2-back-metaopenvpn-auth-pam-pluginpowerpc-utilsqemu-block-rbdsmtsmt-supportstrongswan-hmactomcat-el-3_0-apitomcat-jsp-2_3-apitomcat-servlet-3_1-apivsftpdflexflex-32bitlibbonobo-docchronydstatgiflib-progsgrub2-arm64-efigrub2-powerpc-ieee1275grub2-s390x-emuvirt-p2vvirt-v2vlibidn-toolslibnghttp2-14libtcnative-1-0libvirt-nsslibvncclient0libvncserver0openvswitch-dpdkopenvswitch-dpdk-switchqemu-armqemu-block-sshres-signingkeysapache2-mod_apparmorcrashcrash-kmp-defaultjakarta-taglibs-standardjakarta-taglibs-standard-javadocpostgresql96-contribpostgresql96-docspostgresql96-serverlibmicrohttpd10memcachedperl-DBD-mysqlpolicycoreutilspolicycoreutils-pythonpython-docpython-doc-pdftpm2.0-toolsFastCGIperl-FastCGIsle-sdk-releaseImageMagick-devellibMagick++-develperl-PerlMagickMozillaFirefox-develaaa_base-malloccheckaccountsservice-develalsa-develant-jmfant-scriptsant-swingapache2-develaugeas-develavahi-compat-howl-develavahi-compat-mDNSResponder-devellibavahi-devellibhowl0bash-develreadline-develbind-develcheckbashismscifs-utils-develcoolkey-develctdb-develcups-develcyrus-sasl-develdbus-1-develdbus-1-devel-docdbus-1-glib-develdhcp-develdovecot22-develevince-develfile-develfinch-devellibpurple-develpidgin-develfirebird-devellibfbembed-develfreeradius-server-develfreerdp-develfreetype2-develfuse-develfuse-devel-staticlibulockmgr1gc-develgcc48-adagcc48-fortrangcc48-javagcc48-obj-c++gcc48-objcgcc48-objc-32bitlibada48libffi48-devellibgcj48-devellibgfortran3-32bitlibobjc4libobjc4-32bitlibquadmath0-32bitgd-develgdk-pixbuf-develgdm-develgimp-develgitgit-archgit-cvsgit-daemongit-emailgit-guigit-svngit-webgitkglib2-develglib2-devel-staticglibc-devel-staticgnome-online-accounts-develgnome-shell-develhplip-develicecreamlzo-develid3libkernel-docskernel-obs-buildkernel-zfcpdumpkrb5-devellib3ds-1-3libHX-devellibX11-devellibXcursor-devellibXext-devellibXfixes-devellibXfont-devellibXi-devellibXinerama-devellibXp-devellibXrandr-devellibXrender-devellibXres-devellibXt-devellibXtst-devellibXv-devellibXvMC-devellibXxf86dga-devellibXxf86vm-devellibapr-util1-devellibapr1-devellibasm-devellibdw-devellibebl-devellibelf-devellibblkid-devellibmount-devellibsmartcols-devellibbz2-devellibcgroup-devellibcolord-devellibcolord-gtk-develtypelib-1_0-ColorHug-1_0typelib-1_0-Colord-1_0typelib-1_0-ColordGtk-1_0libcurl-devellibdcerpc-atsvc-devellibdcerpc-devellibdcerpc-samr-devellibdcerpc-samr0libgensec-devellibndr-devellibndr-krb5pac-devellibndr-nbt-devellibndr-standard-devellibnetapi-devellibpdb-devellibregistry-devellibsamba-credentials-devellibsamba-hostconfig-devellibsamba-policy-devellibsamba-policy0libsamba-util-devellibsamdb-devellibsmbclient-devellibsmbclient-raw-devellibsmbconf-devellibsmbldap-devellibsmbsharemodes-devellibsmbsharemodes0libtevent-util-devellibwbclient-develsamba-core-develsamba-test-devellibdmx-devellibevent-devellibexif-devellibexpat-devellibgadu-devellibgcrypt-devellibgnomesu-devellibgnutls-devellibgnutls-openssl-devellibgnutlsxx-devellibgnutlsxx28libgpgme-devellibgssglue-devellibgudev-1_0-devellibudev-develsystemd-develtypelib-1_0-GUdev-1_0libguestfs-develocaml-libguestfs-devellibid3tag-devellibipa_hbac-devellibsss_idmap-devellibsss_nss_idmap-devellibwebkitgtk-devellibwebkitgtk3-develtypelib-1_0-JavaScriptCore-1_0typelib-1_0-WebKit-1_0libjbig-devellibjson-c-develliblcms-devellibmikmod-devellibmms-devellibmodplug-devellibmspack-devellibmusicbrainz-devellibmysqlclient-devellibmysqld-devellibmysqld18libneon-devellibpacemaker-devellibpcp3pcppcp-import-iostat2pcppcp-import-mrtg2pcppcp-import-sar2pcppcp-import-sheet2pcpperl-PCP-LogImportperl-PCP-LogSummaryperl-PCP-MMVperl-PCP-PMDAlibpcscspy0pcsc-lite-devellibpng12-compat-devellibpng12-devellibpng16-compat-devellibpng16-devellibpoppler-devellibpoppler-glib-devellibpoppler-qt4-develtypelib-1_0-Poppler-0_18libproxy-devellibpulse-devellibqt4-devellibqt4-devel-doclibqt4-devel-doc-datalibqt4-linguistlibqt4-private-headers-devellibraptor-devellibraw-devellibraw-devel-staticlibrpcsecgss-devellibrsvg-develtypelib-1_0-Rsvg-2_0libserf-1-1silc-toolkit-devellibsmi-devellibsndfile-devellibsoup-devellibssh-devellibssh-devel-doclibsvn_auth_gnome_keyring-1-0libsvn_auth_kwallet-1-0subversionsubversion-bash-completionsubversion-develsubversion-perlsubversion-pythonsubversion-serversubversion-toolslibtag-devellibtasn1-devellibtiff-devellibvirt-devellibvorbis-devellibxcb-composite0libxcb-damage0libxcb-devellibxcb-devel-doclibxcb-dpms0libxcb-record0libxcb-res0libxcb-screensaver0libxcb-xevie0libxcb-xprint0libxcb-xtest0libxcb-xvmc0libxml2-devellibyaml-devellibzip-develzeromq-devellua-develmozilla-nspr-develmozilla-nss-develnet-snmp-develnewt-develnewt-staticnut-cginut-developenexr-developenslp-develoscpam-develpango-develperl-Tk-develphp5-develpolkit-develpostgresql93-develppp-develpython3-develquagga-develrhythmbox-develruby-develspice-gtk-develtypelib-1_0-SpiceClientGtk-2_0sudo-develsystemtap-sdt-develudisks2-develunixODBC-develvte2-develwireshark-develxalan-j2-demoxalan-j2-manualxen-develxfigxorg-x11-develxorg-x11-server-sdkyast2-core-develyast2-devel-docDirectFB-devellib++dfb-develbinutils-develbinutils-goldcross-ppc-binutilscross-spu-binutilse2fsprogs-devellibcom_err-devellibext2fs-develflac-develgnome-settings-daemon-develgstreamer-0_10-plugins-bad-develhivex-develjava-1_7_1-ibm-develjava-1_8_0-ibm-devellibQt5Bootstrap-devel-staticlibQt5Concurrent-devellibQt5Core-devellibQt5Core-private-headers-devellibQt5DBus-devellibQt5DBus-private-headers-devellibQt5Gui-devellibQt5Gui-private-headers-devellibQt5Network-devellibQt5Network-private-headers-devellibQt5OpenGL-devellibQt5OpenGL-private-headers-devellibQt5OpenGLExtensions-devel-staticlibQt5PlatformSupport-devel-staticlibQt5PlatformSupport-private-headers-devellibQt5PrintSupport-devellibQt5PrintSupport-private-headers-devellibQt5Sql-devellibQt5Sql-private-headers-devellibQt5Test-devellibQt5Test-private-headers-devellibQt5Widgets-devellibQt5Widgets-private-headers-devellibQt5Xml-devellibqt5-qtbase-common-devellibqt5-qtbase-devellibqt5-qtbase-doclibqt5-qtbase-private-headers-devellibarchive-devellibsamba-passdb-devellibgypsy-devellibicu-devellibjasper-devellibjpeg62-devellibjpeg8-devellibksba-devellibpcp-devellibspice-server-devellibssh2-devellibtidy-0_99-0libtidy-0_99-0-develtidylibvdpau-devellibwmf-devellibwmf-gnomelibxerces-c-develmercurialmpfr-developenldap2-back-perlpostgresql94-develrpm-develruby2.1-develLibVNCServer-develNetworkManager-develpython-avahibsh2bsh2-classgenbsh2-javadoccracklib-develcups-ddkeog-devellibQtWebKit-devellibbonobo-devellibnetpbm-develmdbtoolssgmltoolfontconfig-develghostscript-develgiflib-develgraphite2-develgtk2-devellhasa-devellibQt5PlatformHeaders-devellibQt5WebKit-private-headers-devellibQt5WebKit5-devellibQt5WebKitWidgets-devellibQt5WebKitWidgets-private-headers-devellibidn-devellibimobiledevice-devellibldb-develpyldbpyldb-devellibnettle-devellibotr-devellibpoppler-cpp0libreoffice-sdklibtcnative-1-0-devellibusbmuxd-devellibwmf-toolsmysql-connector-javaocamlocaml-compiler-libsocaml-rpm-macrosocaml-runtimeopenldap2-developenldap2-devel-staticphp7-develsqlite3-develwebkit2gtk3-develxfsprogs-develFastCGI-develapache-pdfboxapache2-mod_perl-develaudiofile-develcairo-develcrash-develgegl-develgit-docgstreamer-0_10-plugins-base-develtypelib-1_0-GstApp-0_10typelib-1_0-GstInterfaces-0_10gstreamer-develgstreamer-plugins-bad-devellibgstinsertbin-1_0-0gstreamer-plugins-base-develtypelib-1_0-GstAllocators-1_0typelib-1_0-GstApp-1_0typelib-1_0-GstFft-1_0typelib-1_0-GstRtp-1_0typelib-1_0-GstRtsp-1_0typelib-1_0-GstSdp-1_0guile-devellibguilereadline-v-18-18libXpm-devellibXpm-toolslibapparmor-devellibass-devellibbotan-1_10-0libbotan-devellibcares-devellibgit2-24libgme-develpython-ldbpython-ldb-devellibmicrohttpd-devellibopus-devellibopus-devel-staticlibosip2-develpcre-develpcre-devel-staticpcre-toolslibplist++-devellibplist-devellibquicktime-devellibtirpc-devellibunrar-devellibunrar5_0_14libxslt-develzziplib-develpostgresql96-develrrdtool-develsane-backends-develvirglrenderer-develyodlzlib-devel-32bitzlib-devel-staticsle-we-releaselibreoffice-l10n-bglibreoffice-l10n-hrlibreoffice-l10n-ltlibreoffice-l10n-uksle-bsk-releasekrb5-minikrb5-mini-develpython-Jinja2libwmfflutelibbaselibfontslibformulaliblayoutlibloaderlibrepositorylibrevengelibrevenge-devellibrevenge-generators-0_0-0libserializermddsmdds-develpentaho-libxmlpentaho-reporting-flow-enginesacperl-Capture-Tinypython-tdbpython-teventtdbteventghostscript-minighostscript-mini-develgogo-docgcc5-golibgo7libudev-mini-devellibudev-mini1systemd-minisystemd-mini-develudev-minipopplercracklib-dict-smallocaml-ocamldockdelibs4kdelibs4-branding-upstreamkdelibs4-corekdelibs4-doclibkde4-devellibkdecore4-devellibmdbodbc1mdbtools-develvirtuosovirtuoso-driversvirtuoso-serverlynxpython-Twisteddpkgfirebirdlibfbclient2libfbclient2-develPackageKitPackageKit-branding-upstreamflaclibsshMozillaFirefox-branding-SLEcompat-openssl098libxml2freetype2postgresql93-libslibmspackxerces-clibziplibarchivelibssh2_orglibksbawebkitgtkwebkitgtk3libXfontspicefltklibfltk1libgcryptlibpng16libqt4-sql-pluginsevolution-data-serverevolution-data-server-langlibcamel-1_2-45libcamel-1_2-45-32bitlibebackend-1_2-7libebackend-1_2-7-32bitlibebook-1_2-14libebook-1_2-14-32bitlibebook-contacts-1_2-0libebook-contacts-1_2-0-32bitlibecal-1_2-16libecal-1_2-16-32bitlibedata-book-1_2-20libedata-book-1_2-20-32bitlibedata-cal-1_2-23libedata-cal-1_2-23-32bitlibedataserver-1_2-18libedataserver-1_2-18-32bitlibqt5-qtbaselibyamlrpm-pythonlibsndfilezeromqjasperopenssh-askpass-gnomempfrlibvdpauapache-commons-loggingcmis-clientgraphite2hyphenlibabwlibabw-0_1-1libcdrlibcdr-0_1-1libcmis-0_5-5libe-booklibe-book-0_1-1libetonyeklibetonyek-0_1-1libfreehandlibfreehand-0_1-1libgltflibgltf-0_0-0libhyphen0libixionlibixion-0_10-0liblangtagliblangtag1libmspublibmspub-0_1-1libmwawlibmwaw-0_3-3libodfgenlibodfgen-0_1-1liborcusliborcus-0_8-0libpagemakerlibpagemaker-0_0-0libreoffice-share-linkerlibreoffice-voikkolibrevenge-0_0-0librevenge-stream-0_0-0libvisiolibvisio-0_1-1libvoikkolibvoikko1libwpslibwps-0_4-4malaga-suomimyspell-af_ZAmyspell-armyspell-be_BYmyspell-bg_BGmyspell-bn_BDmyspell-bs_BAmyspell-camyspell-cs_CZmyspell-da_DKmyspell-demyspell-dictionariesmyspell-el_GRmyspell-enmyspell-esmyspell-et_EEmyspell-fr_FRmyspell-gu_INmyspell-he_ILmyspell-hi_INmyspell-hr_HRmyspell-hu_HUmyspell-it_ITmyspell-lo_LAmyspell-lt_LTmyspell-lv_LVmyspell-nl_NLmyspell-nomyspell-pl_PLmyspell-pt_BRmyspell-pt_PTmyspell-romyspell-ru_RUmyspell-sk_SKmyspell-sl_SImyspell-srmyspell-sv_SEmyspell-te_INmyspell-th_THmyspell-vimyspell-zu_ZAlibpng12LibVNCServergdk-pixbufldblibtalloc2libtalloc2-32bitlibtdb1libtdb1-32bitlibtevent0libtevent0-32bitpytallocpytalloc-32bittallocboostboost-license1_54_0hunspellhunspell-32bithunspell-toolslibOpenCOLLADA0libboost_atomic1_54_0libboost_date_time1_54_0libboost_filesystem1_54_0libboost_iostreams1_54_0libboost_program_options1_54_0libboost_regex1_54_0libboost_signals1_54_0libboost_system1_54_0libboost_thread1_54_0libixion-0_11-0liborcus-0_11-0myspell-af_NAmyspell-ar_AEmyspell-ar_BHmyspell-ar_DZmyspell-ar_EGmyspell-ar_IQmyspell-ar_JOmyspell-ar_KWmyspell-ar_LBmyspell-ar_LYmyspell-ar_MAmyspell-ar_OMmyspell-ar_QAmyspell-ar_SAmyspell-ar_SDmyspell-ar_SYmyspell-ar_TNmyspell-ar_YEmyspell-bn_INmyspell-bsmyspell-ca_ADmyspell-ca_ESmyspell-ca_ES_valenciamyspell-ca_FRmyspell-ca_ITmyspell-de_ATmyspell-de_CHmyspell-de_DEmyspell-en_AUmyspell-en_BSmyspell-en_BZmyspell-en_CAmyspell-en_GBmyspell-en_GHmyspell-en_IEmyspell-en_INmyspell-en_JMmyspell-en_MWmyspell-en_NAmyspell-en_NZmyspell-en_PHmyspell-en_TTmyspell-en_USmyspell-en_ZAmyspell-en_ZWmyspell-es_ARmyspell-es_BOmyspell-es_CLmyspell-es_COmyspell-es_CRmyspell-es_CUmyspell-es_DOmyspell-es_ECmyspell-es_ESmyspell-es_GTmyspell-es_HNmyspell-es_MXmyspell-es_NImyspell-es_PAmyspell-es_PEmyspell-es_PRmyspell-es_PYmyspell-es_SVmyspell-es_UYmyspell-es_VEmyspell-fr_BEmyspell-fr_CAmyspell-fr_CHmyspell-fr_LUmyspell-fr_MCmyspell-lightproof-enmyspell-lightproof-hu_HUmyspell-lightproof-pt_BRmyspell-lightproof-ru_RUmyspell-nb_NOmyspell-nl_BEmyspell-nn_NOmyspell-pt_AOmyspell-ro_ROmyspell-sr_CSmyspell-sr_Latn_CSmyspell-sr_Latn_RSmyspell-sr_RSmyspell-sv_FImyspell-temyspell-vi_VNopenCOLLADAgifliblibnettlepostgresql94-libslibotrlibcilkrts5libcilkrts5-32bitlibffi-gcc5liblsan0libstdc++6-localelibubsan0libubsan0-32bitpython-backports.ssl_match_hostnamepython-tornadocairoyast2-ntp-clientpoppler-qtimaplibc-client2007e_suselibimobiledevicelibimobiledevice-toolslibimobiledevice4libusbmuxd2usbmuxdlibidnlibstoragelibstorage-rubylibstorage6libX11libXfixeslibXilibXrandrlibXrenderlibXtstlibXvlibXvMCgtk2pcregclibasslibgmelibgstegl-1_0-0libpng15opuslibXpmzliblibquicktimegeglzzipliblibpcaplibpcap1libpcap1-32bitapparmorfirebird-classiclibtirpclibtirpc1libtirpc1-32bitlibxsltlibplistlibplist++1libplist1openjpeg2libncurses5libncurses5-32bitlibncurses6libncurses6-32bitncursesncurses-develncurses-utilstackterminfoterminfo-baselibixion-0_12-0liborcus-0_12-0libstarofficelibstaroffice-0_0-0libzmflibzmf-0_0-0myspell-uk_UAlibICElibICE6libICE6-32bitlibXdmcplibXdmcp6libXdmcp6-32bitlibicallibical1libical1-32bitlibzyppzypperzypper-loglibrsvglibsouplibrawpostgresql96-libsliblouisliblouis-dataliblouis9python3-louisxerces-j2SuSEfirewall2webkit2gtk3libwpdlibwpd-0_10-10shadowcephceph-commonlibcephfs1librados2libradosstriper1librbd1python-cephfspython-radospython-rbdkernel-firmwareucode-amdlibXcursorvirglrendererlibQtQuick5libqt5-qtdeclarativelibvpxlibvpx1libvpx1-32bitvpx-toolslibexiflibeventlibvorbistransfigspice-vdagentdb48-utilslibdb-4_8libdb-4_8-32bitlibwavpack1wavpacklibyaml-cpp0_5yaml-cppshotwellshotwell-langlibcdiolibcdio14libcdio14-32bitlibiso9660-8ucode-intellibid3taggwenhywfargwenhywfar-langgwenhywfar-toolslibgwengui-gtk2-0libgwenhywfar60libgwenhywfar60-pluginsyast2-pkg-bindingsdrmpython-tallocpython-talloc-32bitspice-gtkvirt-installvirt-managervirt-manager-commonPackageKit-backend-zyppPackageKit-gstreamer-pluginPackageKit-gtk3-modulePackageKit-langlibpackagekit-glib2-18typelib-1_0-PackageKitGlib-1_0rzszzshgnome-documentsgnome-documents-langgnome-documents_books-commongnome-shell-search-provider-documentslibboost_locale1_54_0libboost_random1_54_0libepubgenlibepubgen-0_1-1libixion-0_13-0liborcus-0_13-0libqxplibqxp-0_0-0libreoffice-branding-upstreamlibreoffice-gtk2libreoffice-icon-themesmyspell-idmyspell-id_IDlibnetfilter_cthelperlibnetfilter_cthelper0libnetfilter_cttimeoutlibnetfilter_cttimeout1hawk2hawkhawk-templatesldirectordmonitoring-plugins-metadataresource-agentskgraft-patch-3_12_38-44-defaultkgraft-patch-3_12_38-44-xenkgraft-patch-SLE12_Update_3sle-live-patching-releasekgraft-patch-3_12_39-47-defaultkgraft-patch-3_12_39-47-xenkgraft-patch-SLE12_Update_4kgraft-patch-3_12_32-33-defaultkgraft-patch-3_12_32-33-xenkgraft-patch-3_12_36-38-defaultkgraft-patch-3_12_36-38-xenkgraft-patch-SLE12_Update_1kgraft-patch-SLE12_Update_2kgraft-patch-3_12_43-52_6-defaultkgraft-patch-3_12_43-52_6-xenkgraft-patch-SLE12_Update_5kgraft-patch-3_12_44-52_10-defaultkgraft-patch-3_12_44-52_10-xenkgraft-patch-SLE12_Update_6kgraft-patch-3_12_44-52_18-defaultkgraft-patch-3_12_44-52_18-xenkgraft-patch-SLE12_Update_7kgraft-patch-3_12_48-52_27-defaultkgraft-patch-3_12_48-52_27-xenkgraft-patch-SLE12_Update_8kgraft-patch-3_12_51-52_31-defaultkgraft-patch-3_12_51-52_31-xenkgraft-patch-SLE12_Update_9kgraft-patch-3_12_51-60_20-defaultkgraft-patch-3_12_51-60_20-xenkgraft-patch-SLE12-SP1_Update_1kgraft-patch-3_12_60-52_49-defaultkgraft-patch-3_12_60-52_49-xenkgraft-patch-SLE12_Update_14kgraft-patch-3_12_59-60_41-defaultkgraft-patch-3_12_59-60_41-xenkgraft-patch-SLE12-SP1_Update_5kgraft-patch-3_12_59-60_45-defaultkgraft-patch-3_12_59-60_45-xenkgraft-patch-SLE12-SP1_Update_6kgraft-patch-3_12_60-52_54-defaultkgraft-patch-3_12_60-52_54-xenkgraft-patch-SLE12_Update_15kgraft-patch-3_12_51-52_34-defaultkgraft-patch-3_12_51-52_34-xenkgraft-patch-SLE12_Update_10kgraft-patch-3_12_49-11-defaultkgraft-patch-3_12_49-11-xenkgraft-patch-SLE12-SP1_Update_0kgraft-patch-3_12_57-60_35-defaultkgraft-patch-3_12_57-60_35-xenkgraft-patch-SLE12-SP1_Update_4kgraft-patch-3_12_53-60_30-defaultkgraft-patch-3_12_53-60_30-xenkgraft-patch-SLE12-SP1_Update_3kgraft-patch-3_12_51-60_25-defaultkgraft-patch-3_12_51-60_25-xenkgraft-patch-SLE12-SP1_Update_2kgraft-patch-3_12_62-60_62-defaultkgraft-patch-3_12_62-60_62-xenkgraft-patch-SLE12-SP1_Update_7kgraft-patch-3_12_51-52_39-defaultkgraft-patch-3_12_51-52_39-xenkgraft-patch-SLE12_Update_11kgraft-patch-3_12_62-60_64_8-defaultkgraft-patch-3_12_62-60_64_8-xenkgraft-patch-SLE12-SP1_Update_8kgraft-patch-3_12_67-60_64_18-defaultkgraft-patch-3_12_67-60_64_18-xenkgraft-patch-SLE12-SP1_Update_9kgraft-patch-3_12_67-60_64_21-defaultkgraft-patch-3_12_67-60_64_21-xenkgraft-patch-SLE12-SP1_Update_10kgraft-patch-4_4_21-84-defaultkgraft-patch-SLE12-SP2_Update_2kgraft-patch-4_4_21-90-defaultkgraft-patch-SLE12-SP2_Update_3kgraft-patch-4_4_21-69-defaultkgraft-patch-SLE12-SP2_Update_0kgraft-patch-3_12_67-60_64_24-defaultkgraft-patch-3_12_67-60_64_24-xenkgraft-patch-SLE12-SP1_Update_11kgraft-patch-4_4_21-81-defaultkgraft-patch-SLE12-SP2_Update_1kgraft-patch-3_12_55-52_42-defaultkgraft-patch-3_12_55-52_42-xenkgraft-patch-SLE12_Update_12kgraft-patch-3_12_55-52_45-defaultkgraft-patch-3_12_55-52_45-xenkgraft-patch-SLE12_Update_13kgraft-patch-4_4_59-92_24-defaultkgraft-patch-SLE12-SP2_Update_9kgraft-patch-4_4_74-92_29-defaultkgraft-patch-SLE12-SP2_Update_10kgraft-patch-4_4_59-92_17-defaultkgraft-patch-SLE12-SP2_Update_7kgraft-patch-4_4_59-92_20-defaultkgraft-patch-SLE12-SP2_Update_8kgraft-patch-4_4_49-92_11-defaultkgraft-patch-SLE12-SP2_Update_5kgraft-patch-4_4_49-92_14-defaultkgraft-patch-SLE12-SP2_Update_6kgraft-patch-4_4_38-93-defaultkgraft-patch-SLE12-SP2_Update_4kgraft-patch-4_4_74-92_32-defaultkgraft-patch-SLE12-SP2_Update_11kgraft-patch-4_4_74-92_35-defaultkgraft-patch-SLE12-SP2_Update_12kgraft-patch-4_4_74-92_38-defaultkgraft-patch-SLE12-SP2_Update_13kgraft-patch-4_4_90-92_45-defaultkgraft-patch-SLE12-SP2_Update_14kgraft-patch-4_4_90-92_50-defaultkgraft-patch-SLE12-SP2_Update_15kgraft-patch-4_4_103-92_53-defaultkgraft-patch-SLE12-SP2_Update_16kgraft-patch-3_12_69-60_64_29-defaultkgraft-patch-3_12_69-60_64_29-xenkgraft-patch-SLE12-SP1_Update_12kgraft-patch-3_12_69-60_64_32-defaultkgraft-patch-3_12_69-60_64_32-xenkgraft-patch-SLE12-SP1_Update_13kgraft-patch-3_12_69-60_64_35-defaultkgraft-patch-3_12_69-60_64_35-xenkgraft-patch-SLE12-SP1_Update_14kgraft-patch-3_12_74-60_64_40-defaultkgraft-patch-3_12_74-60_64_40-xenkgraft-patch-SLE12-SP1_Update_15kgraft-patch-4_4_103-92_56-defaultkgraft-patch-SLE12-SP2_Update_17kgraft-patch-4_4_114-92_64-defaultkgraft-patch-SLE12-SP2_Update_18kgraft-patch-4_4_120-92_70-defaultkgraft-patch-SLE12-SP2_Update_20kgraft-patch-4_4_73-5-defaultkgraft-patch-SLE12-SP3_Update_0kgraft-patch-4_4_82-6_3-defaultkgraft-patch-SLE12-SP3_Update_1kgraft-patch-4_4_82-6_6-defaultkgraft-patch-SLE12-SP3_Update_2kgraft-patch-4_4_92-6_18-defaultkgraft-patch-SLE12-SP3_Update_4kgraft-patch-4_4_82-6_9-defaultkgraft-patch-SLE12-SP3_Update_3kgraft-patch-4_4_92-6_30-defaultkgraft-patch-SLE12-SP3_Update_5kgraft-patch-4_4_103-6_33-defaultkgraft-patch-SLE12-SP3_Update_6kgraft-patch-4_4_103-6_38-defaultkgraft-patch-SLE12-SP3_Update_7kgraft-patch-4_4_114-94_11-defaultkgraft-patch-SLE12-SP3_Update_8kgraft-patch-4_4_120-94_17-defaultkgraft-patch-SLE12-SP3_Update_10kgraft-patch-4_4_114-94_14-defaultkgraft-patch-SLE12-SP3_Update_9kgraft-patch-4_4_126-94_22-defaultkgraft-patch-SLE12-SP3_Update_11saltsalt-apisalt-bash-completionsalt-cloudsalt-docsalt-mastersalt-minionsalt-proxysalt-sshsalt-syndicsalt-zsh-completionruby2.1-rubygem-puppetrubygem-puppetruby2.1-rubygem-passengerrubygem-passengerrubygem-passenger-apache2python-setuptoolsruby2.1-rubygem-rack-1_4rubygem-rack-1_4sles12-docker-imagesles12sp1-docker-imagecontainerdruby2.1-rubygem-docker-apiruby2.1-rubygem-exconrubygem-docker-apirubygem-exconruncsles11sp4-docker-imageportussles12sp2-docker-imagedocker-libnetworkdocker-runcgolang-github-docker-libnetworkdocker-distributiondocker-distribution-registrylibpmi0libslurm29libslurm31pdshperl-slurmslurmslurm-auth-noneslurm-develslurm-docslurm-luaslurm-mungeslurm-pam_slurmslurm-pluginsslurm-sched-wikislurm-slurmdb-directslurm-slurmdbdslurm-sqlslurm-torqueslurmlibssle-module-hpc-releasecompat-libldap-2_3-0compat-libgcrypt11kernel-ec2kernel-ec2-develkernel-ec2-extrapython-rsapython-tablibpython-paramikopython-PyJWTgcc5-32bitgcc5-adagcc5-ada-32bitgcc5-c++-32bitgcc5-fortran-32bitlibada5libada5-32bitlibffi-devel-gcc5-32bitlibstdc++6-devel-gcc5-32bitphp5-opcachephp5-posixphp5-imapphp5-pharnodejs-commonsle-pos-releaselibfpm_pb0libospf0libospfapiclient0libquagga_pb0libzebra1python-louistcmu-runnerxerces-j2-xml-apisxerces-j2-xml-resolverlibshibsp-lite6libshibsp6shibboleth-splibsaml8opensamlopensaml-binopensaml-schemasdovecotlibmicrohttpdlibxmltooling6xmltoolingxmltooling-schemaslibrelplibrelp0kernel-computekernel-compute-basekernel-compute-develkernel-compute_debugkernel-compute_debug-develkernel-devel-rtkernel-rtkernel-rt-basekernel-rt-develkernel-rt_debugkernel-rt_debug-develkernel-source-rtkernel-syms-rtSUSE-Linux-Enterprise-RT-releasecluster-md-kmp-rtcluster-network-kmp-rtdlm-kmp-rtgfs2-kmp-rtocfs2-kmp-rtcrash-kmp-rtSUSE_SLES_SAP-releaselibstorage5kgraft-patch-3_12_60-52_57-defaultkgraft-patch-3_12_60-52_57-xenkgraft-patch-SLE12_Update_16kgraft-patch-3_12_60-52_60-defaultkgraft-patch-3_12_60-52_60-xenkgraft-patch-SLE12_Update_17kgraft-patch-3_12_60-52_63-defaultkgraft-patch-3_12_60-52_63-xenkgraft-patch-SLE12_Update_18clamsapkgraft-patch-3_12_61-52_80-defaultkgraft-patch-3_12_61-52_80-xenkgraft-patch-SLE12_Update_23kgraft-patch-3_12_61-52_77-defaultkgraft-patch-3_12_61-52_77-xenkgraft-patch-SLE12_Update_22kgraft-patch-3_12_61-52_66-defaultkgraft-patch-3_12_61-52_66-xenkgraft-patch-SLE12_Update_19kgraft-patch-3_12_61-52_69-defaultkgraft-patch-3_12_61-52_69-xenkgraft-patch-SLE12_Update_20kgraft-patch-3_12_61-52_72-defaultkgraft-patch-3_12_61-52_72-xenkgraft-patch-SLE12_Update_21kgraft-patch-3_12_61-52_83-defaultkgraft-patch-3_12_61-52_83-xenkgraft-patch-SLE12_Update_24kgraft-patch-3_12_61-52_86-defaultkgraft-patch-3_12_61-52_86-xenkgraft-patch-SLE12_Update_25lighttpd-mod_cmllighttpd-mod_magnetlighttpd-mod_mysql_vhostlighttpd-mod_rrdtoollighttpd-mod_trigger_b4_dllighttpd-mod_webdavkgraft-patch-3_12_74-60_64_48-defaultkgraft-patch-3_12_74-60_64_48-xenkgraft-patch-SLE12-SP1_Update_17kgraft-patch-3_12_74-60_64_45-defaultkgraft-patch-3_12_74-60_64_45-xenkgraft-patch-SLE12-SP1_Update_16kgraft-patch-3_12_74-60_64_51-defaultkgraft-patch-3_12_74-60_64_51-xenkgraft-patch-SLE12-SP1_Update_18kgraft-patch-3_12_74-60_64_54-defaultkgraft-patch-3_12_74-60_64_54-xenkgraft-patch-SLE12-SP1_Update_19kgraft-patch-3_12_74-60_64_57-defaultkgraft-patch-3_12_74-60_64_57-xenkgraft-patch-SLE12-SP1_Update_20kgraft-patch-3_12_74-60_64_60-defaultkgraft-patch-3_12_74-60_64_60-xenkgraft-patch-SLE12-SP1_Update_21kgraft-patch-3_12_74-60_64_63-defaultkgraft-patch-3_12_74-60_64_63-xenkgraft-patch-SLE12-SP1_Update_22kgraft-patch-3_12_74-60_64_66-defaultkgraft-patch-3_12_74-60_64_66-xenkgraft-patch-SLE12-SP1_Update_23kgraft-patch-3_12_74-60_64_69-defaultkgraft-patch-3_12_74-60_64_69-xenkgraft-patch-SLE12-SP1_Update_24kgraft-patch-3_12_74-60_64_82-defaultkgraft-patch-3_12_74-60_64_82-xenkgraft-patch-SLE12-SP1_Update_25kgraft-patch-3_12_74-60_64_85-defaultkgraft-patch-3_12_74-60_64_85-xenkgraft-patch-SLE12-SP1_Update_26cryptctlkgraft-patch-4_4_114-92_67-defaultkgraft-patch-SLE12-SP2_Update_19python-magicfltk-develfltk-devel-staticevolution-data-server-develtypelib-1_0-EBook-1_2typelib-1_0-EBookContacts-1_2typelib-1_0-EDataServer-1_2libnetfilter_cthelper-devellibnetfilter_cttimeout-devellibffi48hyphen-devellibabw-devellibabw-devel-doclibcdr-devellibcdr-devel-doclibcmis-c-0_5-5libcmis-c-devellibcmis-devellibe-book-devellibe-book-devel-doclibetonyek-devellibetonyek-devel-doclibfreehand-devellibfreehand-devel-doclibixion-develliblangtag-devellibmspub-devellibmspub-devel-doclibmwaw-devellibmwaw-devel-doclibodfgen-devellibodfgen-devel-docliborcus-devellibvisio-devellibvisio-devel-doclibvoikko-devellibwps-develhivexlibtalloc-devellibtdb-devellibtevent-develpytalloc-develboost-develhunspell-develhunspell-devel-32bitlibboost_chrono1_54_0libboost_graph1_54_0libboost_graph_parallel1_54_0libboost_log1_54_0libboost_math1_54_0libboost_mpi1_54_0libboost_python1_54_0libboost_serialization1_54_0libboost_test1_54_0libboost_timer1_54_0libboost_wave1_54_0libhyphen0-32bityast2-ntp-client-devel-docimap-develobs-service-source_validatorlibstorage-develyast2-users-devel-doctypelib-1_0-GstRiff-1_0libpcap-develBotanlibgit2libICE-devellibXdmcp-devellibical-devellibical-devel-staticlibzypp-devellibzypp-devel-docnasmliblouis-develtcmu-runner-develxerces-j2-demoxerces-j2-scriptslibwpd-devellibwpd-devel-doclibcephfs-devellibrados-devellibradosstriper-devellibrbd-develshibboleth-sp-devellibsaml-develbuildbuild-initvm-s390build-initvm-x86_64build-mkbaselibslibqt5-qtdeclarative-devellibqt5-qtdeclarative-private-headers-devellibqt5-qtdeclarative-toolslibxmltooling-devellibvpx-devellibdb-4_8-develwavpack-devellibcdio++0libcdio-devellibudf0librelp-develmemcached-develgwenhywfar-devellibgwengui-qt4-0yast2-pkg-bindings-devel-docpython-talloc-develPackageKit-devellibpackagekit-glib2-devellibboost_context1_54_0libepubgen-devellibqxp-devellibqxp-doclibqxp-toolsruby2.1-rubygem-sle2dockersle2dockerapache2-mod_auth_kerbapache2-mod_security2tdb-toolsapache-commons-collectionsapache-commons-collections-javadoccyrus-imapdkgraft-patch-3_12_61-52_89-defaultkgraft-patch-3_12_61-52_89-xenkgraft-patch-SLE12_Update_26kgraft-patch-3_12_61-52_92-defaultkgraft-patch-3_12_61-52_92-xenkgraft-patch-SLE12_Update_27kgraft-patch-3_12_61-52_101-defaultkgraft-patch-3_12_61-52_101-xenkgraft-patch-SLE12_Update_28kgraft-patch-3_12_61-52_106-defaultkgraft-patch-3_12_61-52_106-xenkgraft-patch-SLE12_Update_29kgraft-patch-3_12_61-52_111-defaultkgraft-patch-3_12_61-52_111-xenkgraft-patch-SLE12_Update_30kgraft-patch-3_12_61-52_119-defaultkgraft-patch-3_12_61-52_119-xenkgraft-patch-SLE12_Update_31kgraft-patch-3_12_61-52_122-defaultkgraft-patch-3_12_61-52_122-xenkgraft-patch-SLE12_Update_32kgraft-patch-3_12_61-52_125-defaultkgraft-patch-3_12_61-52_125-xenkgraft-patch-SLE12_Update_33lttng-moduleslttng-modules-kmp-defaultncurses-devel-32bittbootlibvirt-daemon-hookslibtcmu1qemu-block-iscsidnsmasq-utilspython-glanceclientpython-keystonemiddlewarepython-novaclientpython-novaclient-docpython-swiftclientpython-swiftclient-docopenstack-ceilometeropenstack-ceilometer-agent-computeopenstack-novaopenstack-nova-computeopenstack-suseopenstack-suse-sudopython-ceilometerpython-novapython-python-memcachediperfiperf-devellibiperf0MozillaThunderbirdMozillaThunderbird-buildsymbolsMozillaThunderbird-develMozillaThunderbird-translations-commonMozillaThunderbird-translations-otherkde-cli-tools5kde-cli-tools5-langgo1.4go1.4-dockcoreaddonskcoreaddons-develkcoreaddons-devel-32bitkcoreaddons-langlibKF5CoreAddons5libKF5CoreAddons5-32bitffmpegffmpeg-devellibavcodec-devellibavcodec56libavcodec56-32bitlibavdevice-devellibavdevice56libavdevice56-32bitlibavfilter-devellibavfilter5libavfilter5-32bitlibavformat-devellibavformat56libavformat56-32bitlibavresample-devellibavresample2libavresample2-32bitlibavutil-devellibavutil54libavutil54-32bitlibpostproc-devellibpostproc53libpostproc53-32bitlibswresample-devellibswresample1libswresample1-32bitlibswscale-devellibswscale3libswscale3-32bitimlib2imlib2-develimlib2-filtersimlib2-loaderslibImlib2-1libprotobuf-lite8libprotobuf8libprotoc8moshninjaperl-Switchprotobufprotobuf-develprotobuf-javapython-protobufzncznc-develznc-perlznc-python3znc-tclkarchivekarchive-develkarchive-devel-32bitlibKF5Archive5libKF5Archive5-32bitredisfreexlfreexl-devellibfreexl1openjpeg2-devellibopenjpeg1openjpegopenjpeg-develSDL2lamelame-doclame-mp3rtplibSDL2-2_0-0libSDL2-devellibavcodec57libavdevice57libavfilter6libavformat57libavresample3libavutil55libmp3lame-devellibmp3lame0libpostproc54libswresample2libswscale4libtwolame-devellibtwolame0twolamelibopenjp2-7-32bitlibmbedtls9libmbedtls9-32bitmbedtlsmbedtls-devellibgit2-develjqlibjq-devellibjq1libSDL2-2_0-0-32bitlibSDL2-devel-32bitansiblemongodbmongodb-mongoperfmongodb-mongosmongodb-servermongodb-shelltorerlangerlang-debuggererlang-debugger-srcerlang-dialyzererlang-dialyzer-srcerlang-diametererlang-diameter-srcerlang-docerlang-epmderlang-eterlang-et-srcerlang-gserlang-gs-srcerlang-jinterfaceerlang-jinterface-srcerlang-observererlang-observer-srcerlang-reltoolerlang-reltool-srcerlang-srcerlang-wxerlang-wx-srcenigmailphpMyAdminkopetekopete-develnginxkdelibs4-apidocskiokio-32bitkio-corekio-core-32bitkio-develkio-devel-32bitkio-langlibksuseinstall-develgeotiffgeotiff-devellibgeotiff2libavcodec57-32bitlibavdevice57-32bitlibavfilter6-32bitlibavformat57-32bitlibavresample3-32bitlibavutil55-32bitlibpostproc54-32bitlibswresample2-32bitlibswscale4-32bitkauthkauth-develkauth-devel-32bitlibKF5Auth5libKF5Auth5-32bitlibKF5Auth5-langffmpeg2ffmpeg2-develakonadi_resourcesakregator5blogilo5kaddressbook5kalarm5kdepimkmail5knotes5kontact5korganizer5ktnef5messagelibmessagelib-develarklibkerfuffle15libkerfuffle16libre2-0re2re2-devellibre2-0-32bitdrkonqi5plasma5-workspaceplasma5-workspace-develplasma5-workspace-langplasma5-workspace-libslibsox3soxsox-devellibmadlibmad-devellibmad0libmad0-32bitlibmp3lame0-32bitgo-racego1.9go1.9-docgo1.9-racego1.8go1.8-docgo1.8-racepython-Djangovim-plugin-nginxpdns-recursorhdf5hdf5-develhdf5-devel-datahdf5-devel-statichdf5-exampleshdf5-openmpihdf5-openmpi-develhdf5-openmpi-devel-staticlibhdf5-10libhdf5-10-openmpilibhdf5_cpp12libhdf5_fortran10libhdf5_fortran10-openmpilibhdf5_hl10libhdf5_hl10-openmpilibhdf5_hl_cpp11libhdf5hl_fortran10libhdf5hl_fortran10-openmpiNetworkManager-glibNetworkManager-gnomeOpenEXROpenEXR-32bitOpenEXR-x86halhal-32bithal-dochal-x86libpackagekit-glib10PolicyKitPolicyKit-32bitPolicyKit-docPolicyKit-x86amavisd-newphp5-dbasephp5-hashlibavahi-client3-x86libavahi-common3-x86libavahi-core5libdns_sd-x86bind-libs-x86boost-licenselibboost_program_options1_36_0libboost_regex1_36_0libboost_signals1_36_0libbz2-1-x86cifs-mountldapsmblibsmbclient0-x86libtalloc1libtalloc1-32bitlibtalloc1-x86libtdb1-x86libwbclient0-x86samba-client-x86samba-krb-printingsamba-winbind-x86samba-x86cups-libs-x86libcurl4-x86dbus-1-32bitdbus-1-x86libcom_err2-x86enscriptevince-docevolution-data-server-32bitevolution-data-server-x86libexpat1-x86file-32bitfile-x86findutilsfindutils-locatefreeradius-server-dialupadminfreetype2-32bitfreetype2-x86fvwm2ghostscript-fonts-otherghostscript-fonts-rusghostscript-fonts-stdghostscript-libraryghostscript-omnilibgimpprintglib2glib2-doclibgio-2_0-0-x86libglib-2_0-0-x86libgmodule-2_0-0-x86libgobject-2_0-0-x86libgthread-2_0-0-x86gmimegmime-2_4gmime-doclibgmime-2_0-3libgmime-2_4-2gnome-screensavergnome-screensaver-langlibgnutls26libgnutls26-32bitlibgnutls26-x86gstreamer-0_10-plugins-base-docgstreamer-0_10-plugins-base-x86libgstapp-0_10-0-x86libgstinterfaces-0_10-0-x86gstreamer-0_10-plugins-good-docgtk2-32bitgtk2-docgtk2-x86vim-basejava-1_4_2-ibmjava-1_4_2-ibm-jdbcjava-1_4_2-ibm-pluginjava-1_6_0-ibm-alsakde4-kgreeter-pluginskdebase4-wallpaperskdebase4-workspacekdebase4-workspace-ksysguarddkdmkwinkdebase3-runtimekdebase3-runtime-32bitkdebase3-runtime-x86kdelibs3kdelibs3-32bitkdelibs3-default-stylekdelibs3-default-style-32bitkdelibs3-default-style-x86kdelibs3-x86libkde4-x86libkdecore4-x86kernel-paekernel-pae-basekernel-pae-develkernel-ppc64kernel-ppc64-basekernel-ppc64-develkernel-tracekernel-trace-basekernel-trace-develkrb5-apps-clientskrb5-apps-serverskrb5-x86kvmliblcms1-x86libMagickCore1libMagickCore1-32bitlibQtWebKit4-x86libqt4-qt3support-x86libqt4-sql-x86libqt4-x11-x86libqt4-x86libadns1libapr-util1-32bitlibapr1-32bitlibarchive2libdrmlibdrm-32bitlibdrm-x86libexif-32bitlibexif-x86libexiv2-4libgtoplibgtop-2_0-7libgtop-doclibgtop-langlibiculibicu-32bitlibicu-x86libltdl7-x86libtool-x86libmysqlclient15libmysqlclient15-32bitlibmysqlclient15-x86libmysqlclient_r15mysqlmysql-Maxmysql-clientlibneon27-x86neonlibnetpbm10libnetpbm10-32bitlibnetpbm10-x86libopensc2libopensc2-32bitlibopensc2-x86opensc-32bitopensc-x86libopenssl0_9_8-x86libpng12-0-x86libpoppler-glib4libpoppler-qt4-3libpoppler5libpulse-browse0libpulse0-x86libpython2_6-1_0libpython2_6-1_0-32bitlibpython2_6-1_0-x86python-base-x86pyxmllibrpcsecgsslibsampleratelibsamplerate-32bitlibsamplerate-x86libsndfile-32bitlibsndfile-x86libsnmp15libsnmp15-32bitlibsnmp15-x86libsoup-2_4-1-x86libtiff3libtiff3-32bitlibtiff3-x86libvirt-pythonlibvorbis-32bitlibvorbis-x86libxml2-32bitlibxml2-x86libxslt-32bitlibxslt-x86log4netmanmono-coremono-datamono-data-postgresqlmono-data-sqlitemono-locale-extrasmono-nunitmono-webmono-winformsmozilla-xulrunner190mozilla-xulrunner190-32bitmozilla-xulrunner190-gnomevfsmozilla-xulrunner190-translationsmozilla-xulrunner190-x86mozilla-xulrunner191mozilla-xulrunner191-32bitmozilla-xulrunner191-gnomevfsmozilla-xulrunner191-translationsmozilla-xulrunner191-x86nagiosnagios-wwwnagios-pluginsnagios-plugins-extrasopenssh-askpassopenswanopenswan-docpam-x86pam_krb5-x86pam_ldappam_ldap-32bitpam_ldap-x86pam_mountpam_mount-32bitpam_mount-x86perl-x86perl-spamassassinspamassassinpostgresqlpostgresql-contribpostgresql-docspostgresql-libspostgresql-libs-32bitpostgresql-libs-x86postgresql-serverpython-x86qt3qt3-32bitqt3-x86ruby-doc-htmlruby-tkstarsysstatsysstat-isagsystemtap-clientxen-doc-pdfxen-kmp-paexorg-x11-xauthxpdf-toolsxtermacpidapache2-mod_php53php53php53-bcmathphp53-bz2php53-calendarphp53-ctypephp53-curlphp53-dbaphp53-domphp53-exifphp53-fastcgiphp53-fileinfophp53-ftpphp53-gdphp53-gettextphp53-gmpphp53-iconvphp53-intlphp53-jsonphp53-ldapphp53-mbstringphp53-mcryptphp53-mysqlphp53-odbcphp53-opensslphp53-pcntlphp53-pdophp53-pearphp53-pgsqlphp53-pspellphp53-shmopphp53-snmpphp53-soapphp53-suhosinphp53-sysvmsgphp53-sysvsemphp53-sysvshmphp53-tokenizerphp53-wddxphp53-xmlreaderphp53-xmlrpcphp53-xmlwriterphp53-xslphp53-zipphp53-zlibdbus-1-glib-x86dhcpcddhcpv6ecryptfs-utils-x86edfoomatic-filtersglibc-locale-x86glibc-profile-x86glibc-x86kdenetwork4-filesharingkgetkrdckrfblibtalloc2-x86libcap-progslibcap2libcap2-32bitlibcap2-x86libfreebl3-x86mozilla-nss-x86libgdiplus0mysql-toolsnewtpython-newtlibrsvg-32bitlibrsvg-x86libxcryptlibxcrypt-32bitlibxcrypt-x86pam-modules-x86pwdutilspwdutils-plugin-auditlibzip1lvm2mozilla-xulrunner192mozilla-xulrunner192-32bitmozilla-xulrunner192-gnomemozilla-xulrunner192-translationsmozilla-xulrunner192-x86ofedofed-docofed-kmp-defaultofed-kmp-paeofed-kmp-ppc64ofed-kmp-traceopenslp-x86opie-x86pangopango-32bitpango-docpango-x86pcsc-lite-32bitpcsc-lite-x86perl-libwww-perlpure-ftpdsquid3system-config-printer-langt1libtgttomcat6tomcat6-admin-webappstomcat6-docs-webapptomcat6-javadoctomcat6-jsp-2_1-apitomcat6-libtomcat6-servlet-2_5-apitomcat6-webappsvtevte-docvte-langxorg-x11-libs-32bitxorg-x11-libs-x86MesaMesa-32bitMesa-x86ant-traxkcalckcharselectkdesshkdfkfloppykgpgktimerkwalletmanagerkwikdiskoktetalibboost_thread1_36_0libldap-2_4-2-x86libgnutls-extra26ibutilsibutils-32bitjakarta-commons-httpclient3java-1_7_0-ibmjava-1_7_0-ibm-alsajava-1_7_0-ibm-jdbcjava-1_7_0-ibm-pluginjpeglibjpeglibjpeg-32bitlibjpeg-x86postgresql91postgresql91-contribpostgresql91-docspostgresql91-serverlibsoftokn3-x86libopenssl0_9_8-hmaclibopenssl0_9_8-hmac-32bitlibotr2libproxy0libproxy0-32bitlibproxy0-config-gnomelibproxy0-config-kde4libproxy0-networkmanagerlibproxy0-x86libtspi1libtspi1-32bitlibtspi1-x86trousersnut-classicnfs-clientopenCryptokiopenCryptoki-32bitopenCryptoki-64bitperl-Module-Buildperl-Test-Simplepython-pamtaglib-32bittaglib-x86unixODBC_23virt-utilsx3270xorg-x11-libxcbxorg-x11-libxcb-32bitxorg-x11-libxcb-x86xorg-x11-server-dmxxorg-x11-server-rdpa2psbash-x86libreadline5libreadline5-32bitlibreadline5-x86boost-license1_49_0libboost_system1_49_0libboost_thread1_49_0coreutils-x86libdw1-x86libebl1-x86libelf1-x86fastjarkdebase4-runtimekdirstatlibFLAC8-x86libblkid1-x86libuuid1-x86uuid-runtimelibevent-1_4-2libgcc_s1-x86libstdc++6-x86libgcrypt11libgcrypt11-32bitlibgcrypt11-x86libjasperlibjasper-32bitlibjasper-x86liblzo2-2-x86libmpfr1libmpfr1-32bitlibmpfr1-x86libmysql55client18libmysql55client18-32bitlibmysql55client18-x86libmysql55client_r18libmysql55client_r18-32bitlibmysql55client_r18-x86libpixman-1-0libpixman-1-0-32bitlibpixman-1-0-x86libpulse-mainloop-glib0-x86libtasn1-3libtasn1-3-32bitlibtasn1-3-x86libtevent0-x86libwsman1openwsman-clientopenwsman-serversuseRegisterlxcmozilla-nspr-x86nagios-nrpenagios-nrpe-docnagios-plugins-nrpenfs-docnfs-kernel-serverpoptpopt-32bitpopt-x86rpm-x86python-lxmlsendmailxorg-x11-libX11xorg-x11-libX11-32bitxorg-x11-libX11-x86xorg-x11-libXextxorg-x11-libXext-32bitxorg-x11-libXext-x86xorg-x11-libXfixesxorg-x11-libXfixes-32bitxorg-x11-libXfixes-x86xorg-x11-libXpxorg-x11-libXp-32bitxorg-x11-libXp-x86xorg-x11-libXrenderxorg-x11-libXrender-32bitxorg-x11-libXrender-x86xorg-x11-libXtxorg-x11-libXt-32bitxorg-x11-libXt-x86xorg-x11-libXvxorg-x11-libXv-32bitxorg-x11-libXv-x86GraphicsMagicklibGraphicsMagick2perl-GraphicsMagicklibMagick++1libMagickWand1libMagickWand1-32bitMesa-develMesa-devel-32bitOpenEXR-develhal-devellibpackagekit-glib10-devellibpackagekit-qt10libpackagekit-qt10-develPolicyKit-develXerces-clibXerces-c-devellibXerces-c28a2ps-develant-antlrant-apache-bcelant-apache-bsfant-apache-log4jant-apache-oroant-apache-regexpant-apache-resolverant-commons-loggingant-javadocant-javamailant-jdependant-junitant-manualant-nodepsapache2-mod_fcgidbind-devel-32bitbinutils-devel-32bitboinc-clientboinc-client-develboost-devel-32bitboost-doclibboost_date_time1_36_0libboost_date_time1_36_0-32bitlibboost_filesystem1_36_0libboost_filesystem1_36_0-32bitlibboost_graph1_36_0libboost_graph1_36_0-32bitlibboost_iostreams1_36_0libboost_iostreams1_36_0-32bitlibboost_math1_36_0libboost_math1_36_0-32bitlibboost_mpi1_36_0libboost_program_options1_36_0-32bitlibboost_python1_36_0libboost_python1_36_0-32bitlibboost_regex1_36_0-32bitlibboost_serialization1_36_0libboost_serialization1_36_0-32bitlibboost_signals1_36_0-32bitlibboost_system1_36_0libboost_system1_36_0-32bitlibboost_test1_36_0libboost_test1_36_0-32bitlibboost_thread1_36_0-32bitlibboost_wave1_36_0libboost_wave1_36_0-32bitbytefx-data-mysqlmono-data-firebirdmono-data-oraclemono-data-sybasemono-develmono-extrasmono-jscriptmono-wcfmono-winfxcoremonodoc-coregcc48-fortran-32bitcscopecyrus-imapd-develderbylibcom_err-devel-32bitlibext2fs-devel-32bitlibext2fs2-32bitlibext2fs2-x86empathy-develevolutionevolution-develevolution-langfilesharesetkdebase3kdebase3-32bitkdebase3-develmisc-console-fontlibFLAC++6-x86freetype2-devel-32bitgdk-pixbuf-32bitghostscript-ijs-devellibgimpprint-develglib2-devel-32bitgmime-2_4-develgmime-develgmime-sharpgnucashgnucash-develgnucash-langgtk2-devel-32bitibutils-develibutils-devel-32bitlibicu-devel-32bitimlibimlib-32bitimlib-configimlib-develimlib-x86inkscapeinkscape-extensions-diainkscape-extensions-extrainkscape-extensions-figinkscape-extensions-gimpinkscape-langkdebase4-workspace-develkdelibs3-artskdelibs3-arts-32bitkdelibs3-arts-x86kdelibs3-develkdelibs3-dockrb5-devel-32bitlibqt4-sql-mysql-x86libqt4-sql-postgresql-x86libqt4-sql-sqlite-x86libqt4-sql-unixODBC-x86libadns-devellibapr-util1-devel-32bitlibapr1-devel-32bitlibblkid-devel-32bitlibuuid-devel-32bitlibcap-devellibdhcp6client-1_0-2libdhcp6client-devellibdrm-devellibdrm-devel-32bitlibexiv2-4-32bitlibexiv2-4-x86libexiv2-devellibgadulibgcrypt-devel-32bitlibgnutls-extra-devellibgpgme11-32bitlibgpgme11-x86libgtop-2_0-7-32bitlibgtop-2_0-7-x86libgtop-devellibjpeg-devellibjpeg-devel-32bitliblcms-devel-32bitpython-lcmssamba-develsamba-testlibmikmodmpfr-devel-32bitlibmysqlclient_r15-32bitlibmysqlclient_r15-x86libnetpbm-devel-32bitpcp-devellibpixman-1-0-devellibpng-devellibpng-devel-32bitlibpoppler-qt2libpoppler-qt3-develreadline-devel-32bitlibreoffice-base-extensionslibreoffice-draw-extensionslibreoffice-impress-extensionslibreoffice-kdelibreoffice-kde4libreoffice-l10n-prebuiltlibreoffice-monolibreoffice-l10n-ellibreoffice-l10n-en-GBlibreoffice-l10n-gu-INlibreoffice-l10n-hi-INlibreoffice-l10n-ptlibreoffice-l10n-zh-CNlibreoffice-l10n-zh-TWlibreoffice-help-cslibreoffice-help-dalibreoffice-help-delibreoffice-help-en-GBlibreoffice-help-en-USlibreoffice-help-eslibreoffice-help-frlibreoffice-help-gu-INlibreoffice-help-hi-INlibreoffice-help-hulibreoffice-help-itlibreoffice-help-jalibreoffice-help-kolibreoffice-help-nllibreoffice-help-pllibreoffice-help-ptlibreoffice-help-pt-BRlibreoffice-help-rulibreoffice-help-svlibreoffice-help-zh-CNlibreoffice-help-zh-TWlibreoffice-testtoollibsamplerate-develnet-snmp-devel-32bitlibsoup-devel-32bitlibssh2libssh2-1-x86libsss_sudo-devellibthailibthai-devellibtiff-devel-32bitlibtunepimplibtunepimp-devellibtunepimp5libvirt-devel-32bitlibwebkit-1_0-1libwebkit-1_0-2libwebkit-devellibwebkit-langlibwmf-32bitlibwmf-gnome-32bitlibwmf-gnome-x86libwmf-x86libwpd-0_8-8libwsman-developenwsman-pythonlibxcrypt-devellibxine-devellibxine1libxine1-32bitlibxine1-gnome-vfslibxine1-pulselibxmllibxml-32bitlibxml-devellibxml2-devel-32bitlibxslt-devel-32bitlxc-devellzo-devel-32bitmozilla-xulrunner192-develmozilla-xulrunner192-gnome-32bitmozilla-xulrunner192-translations-32bitnagios-develnetatalknetatalk-develnovell-ipsec-toolsnovell-ipsec-tools-develobex-data-serverofed-developenCryptoki-developenldap2-devel-32bitopensc-develpam-devel-32bitpango-devel-32bitperl-DBD-Pgperl-base-32bitphp53-develphp53-imapphp53-posixphp53-readlinephp53-socketsphp53-sqlitephp53-tidypopt-develpopt-devel-32bitrpm-devel-32bitpostgresql-develpwlibpwlib-develpython-cryptopython-imaging-sanepython-logilab-commonpython-lxml-docqt3-develqt3-devel-32bitqt3-devel-docqt3-devel-toolsqt3-devel-tools-32bitruby-doc-riruby-examplesruby-test-suiterubygem-actionmailer-3_2rubygem-actionpack-3_2rubygem-activemodel-3_2rubygem-activeresource-3_2rubygem-rails-3_2rubygem-railties-3_2rubygem-activerecord-3_2rubygem-activesupport-3_2rubygem-bundlerrubygem-i18n-0_6rubygem-json_purerubygem-rack-sslrubygem-rdocrubygem-sprockets-2_2rxvt-unicodesendmail-develstrutsstruts-javadocstruts-manualt1lib-develtaglib-develtexlivetexlive-arabtexlive-bintexlive-bin-cjktexlive-bin-develtexlive-bin-dviljtexlive-bin-jadetextexlive-bin-latextexlive-bin-metaposttexlive-bin-musictextexlive-bin-omegatexlive-bin-tex4httexlive-bin-toolstexlive-bin-xetextexlive-bin-xmltextexlive-cjktexlive-contexttexlive-develtexlive-doctexlive-dviljtexlive-jadetextexlive-latextexlive-latex-doctexlive-metaposttexlive-musictextexlive-omegatexlive-ppower4texlive-tex4httexlive-toolstexlive-xetextexlive-xmltextrousers-develunixODBC_23-develvalgrindvalgrind-develvte-develxalan-j2-javadocxorg-x11-devel-32bitxorg-x11-libX11-develxorg-x11-libX11-devel-32bitxorg-x11-libXext-develxorg-x11-libXext-devel-32bitxorg-x11-libXfixes-develxorg-x11-libXfixes-devel-32bitxorg-x11-libXp-develxorg-x11-libXp-devel-32bitxorg-x11-libXrender-develxorg-x11-libXrender-devel-32bitxorg-x11-libXt-develxorg-x11-libXt-devel-32bitxorg-x11-libXv-develxorg-x11-libXv-devel-32bitxorg-x11-libxcb-develxorg-x11-libxcb-devel-32bitphp5-ncursesphp5-readlinephp5-tidybeaglebeagle-develbeagle-langinninn-develinst-source-utilsjava-1_4_2-ibm-develjava-1_6_0-ibm-develjava-1_7_0-ibm-develpostgresql91-devellibxslt-pythonperl-base-x86python-httplib2rubygem-rack-1_3rubygem-rackrubygem-actionmailer-2_3rubygem-actionpack-2_3rubygem-activerecord-2_3rubygem-activeresource-2_3rubygem-activesupport-2_3rubygem-railsrubygem-rails-2_3rubygem-actionpack-2_1rubygem-mail-2_3rubygem-rack-cache-1_1giflib-devel-32bitkde4-l10n-de-datakde4-l10n-de-docliblcms2-develpostgresql91-libsgnu-efilibtidylibtidy-devellibbotan-1_6_5firefox-fontconfigfirefox-fontconfig-develbsdtarfontconfig-devel-32bitcpp43gcc43gcc43-adagcc43-fortrangcc43-fortran-32bitgcc43-obj-c++gcc43-objcgcc43-objc-32bitlibada43libobjc43libobjc43-32bitlibcap-nglibcap-ng-develpython-capnglibdb-4_5libdb-4_5-devellibdb_java-4_5libical0-32bitgoogle-carlito-fontslibmythes-1_2-0mythesmythes-develpython-importliblibmxml1mxmllibopenssl-devel-32bitperl-SOAP-Literubygem-mail-2_4sane-backends-x86portaudioportaudio-develxorg-x11-libICExorg-x11-libICE-develxorg-x11-libICE-devel-32bitxorg-x11-libXdmcpxorg-x11-libXdmcp-32bitxorg-x11-libXdmcp-develxorg-x11-libXdmcp-devel-32bitxorg-x11-libXpmxorg-x11-libXpm-develxorg-x11-libXpm-devel-32bityast2-storageyast2-storage-develcurl-openssl1libcurl4-openssl1libcurl4-openssl1-32bitlibcurl4-openssl1-x86libopenssl1-devellibopenssl1_0_0-x86openssl1openssl1-doclibldap-openssl1-2_4-2libldap-openssl1-2_4-2-32bitlibldap-openssl1-2_4-2-x86openldap2-client-openssl1openssh-openssl1openssh-openssl1-helpersopenvpn-openssl1openvpn-openssl1-down-root-pluginsblim-sfcb-openssl1wget-openssl1acroreadacroread-cmapsacroread-fonts-jaacroread-fonts-koacroread-fonts-zh_CNacroread-fonts-zh_TWacroread_jaibm-data-db2compat-openssl097gcompat-openssl097g-32bitMozillaFirefox-branding-SLEDbeagle-evolutionbeagle-firefoxbeagle-guimhtml-firefoxflash-player-kde4icedtea-webjava-1_6_0-openjdkjava-1_6_0-openjdk-demojava-1_6_0-openjdk-develkernel-pae-extrakernel-trace-extrakernel-xen-extraxen-kmp-tracepermissionslibproxy0-config-gnome-32bitlibproxy0-networkmanager-32bitlibxml2-pythonopenssl-certsquotavm-installxrdpcabextractcompat-wireless-kmp-defaultcompat-wireless-kmp-paecompat-wireless-kmp-xengiflib-32bitlibgstbasecamerabinsrc-0_10-0libgstbasecamerabinsrc-0_10-0-32bitlibgstbasevideo-0_10-0libgstbasevideo-0_10-0-32bitlibgstphotography-0_10-0libgstphotography-0_10-0-32bitlibgstsignalprocessor-0_10-0libgstsignalprocessor-0_10-0-32bitlibgstvdp-0_10-0libgstvdp-0_10-0-32bitkde4-l10n-arkde4-l10n-cskde4-l10n-dakde4-l10n-da-datakde4-l10n-da-dockde4-l10n-dekde4-l10n-en_GBkde4-l10n-eskde4-l10n-es-datakde4-l10n-es-dockde4-l10n-frkde4-l10n-fr-datakde4-l10n-fr-dockde4-l10n-hukde4-l10n-itkde4-l10n-it-datakde4-l10n-it-dockde4-l10n-jakde4-l10n-kokde4-l10n-nbkde4-l10n-nlkde4-l10n-nl-datakde4-l10n-nl-dockde4-l10n-plkde4-l10n-pl-datakde4-l10n-pl-dockde4-l10n-ptkde4-l10n-pt_BRkde4-l10n-pt_BR-datakde4-l10n-pt_BR-dockde4-l10n-rukde4-l10n-ru-datakde4-l10n-ru-dockde4-l10n-svkde4-l10n-sv-datakde4-l10n-sv-dockde4-l10n-zh_CNkde4-l10n-zh_TWkdebase4-runtime-xinekernel-bigsmp-develkernel-bigsmplcms2liblcms2-2novell-qtguinovell-qtgui-clinovell-ui-baseorcaorca-langpwlib-plugins-avcpwlib-plugins-dcpwlib-plugins-v4l2wpa_supplicant-guisle-hae-releasecluster-network-kmp-bigsmpcluster-network-kmp-paecluster-network-kmp-ppc64cluster-network-kmp-tracecluster-network-kmp-xengfs2-kmp-bigsmpgfs2-kmp-paegfs2-kmp-ppc64gfs2-kmp-tracegfs2-kmp-xenocfs2-kmp-bigsmpocfs2-kmp-paeocfs2-kmp-ppc64ocfs2-kmp-traceocfs2-kmp-xendrbd-kmp-bigsmpcluster-networkcluster-network-kmp-bigmemdrbddrbd-bash-completiondrbd-heartbeatdrbd-kmpdrbd-kmp-bigmemdrbd-kmp-defaultdrbd-kmp-paedrbd-kmp-ppc64drbd-kmp-tracedrbd-kmp-xendrbd-pacemakerdrbd-udevdrbd-utilsdrbd-xengfs2gfs2-kmp-bigmemocfs2ocfs2-kmp-bigmemfirefox-gcc5firefox-libffi-gcc5firefox-libffi4firefox-libstdc++6POS_Image-Minimal3POS_Image-Netboot-hooksPOS_Image-ToolsPOS_Image3POS_MigrationPOS_Server-Admin3POS_Server-AdminGUIPOS_Server-AdminTools3POS_Server-BranchTools3POS_Server-Modules3POS_Server3admindadmind-clientposbiosgcc43-c++gcc43-infogcc43-localelibstdc++43-develkernel-ec2-basemicrocode_ctliscsitarget-kmp-rtbrocade-bna-kmp-rtcluster-network-kmp-rt_tracedrbd-kmp-rtdrbd-kmp-rt_tracekernel-rt_tracekernel-rt_trace-basekernel-rt_trace-develocfs2-kmp-rt_traceofed-kmp-rtiscsitarget-kmp-rt_tracelttng-modules-kmp-rtlttng-modules-kmp-rt_traceofed-kmp-rt_tracegfs2-kmp-rt_tracejava-1_4_2-ibm-sapjava-1_4_2-ibm-sap-develsap_suse_cluster_connectorrhn-virtualization-commonrhn-virtualization-hostrhncfgrhncfg-actionsrhncfg-clientrhncfg-managementkoanrhnmdspacewalk-backend-libsspacewalk-certs-toolsrhnlibspacecmdspacewalk-backendspacewalk-checkspacewalk-client-setupspacewalk-client-toolsgconf2gconf2-32bitgconf2-x86libidllibidl-32bitlibidl-x86orbit2orbit2-32bitorbit2-x86procpsacllibacllibacl-32bitlibacl-x86libgcc43libgcc43-32bitlibgcc43-x86libstdc++43libstdc++43-32bitlibstdc++43-x86keyutils-libskeyutils-libs-32bitkeyutils-libs-x86libidn-32bitlibidn-x86cyrus-sasl-crammd5-x86cyrus-sasl-gssapi-x86cyrus-sasl-otp-x86cyrus-sasl-plain-x86cyrus-sasl-x86gtkhtml2gtkhtml2-langcdparanoiacdparanoia-32bitcdparanoia-x86desktop-file-utilsfamfam-32bitfam-x86gnome-vfs2gnome-vfs2-32bitgnome-vfs2-x86gstreamer-0_10libogg0libogg0-32bitlibogg0-x86liboilliboil-32bitliboil-x86libgpg-error0libgpg-error0-32bitlibgpg-error0-x86iscsitargetiscsitarget-kmp-defaultiscsitarget-kmp-paeiscsitarget-kmp-ppc64iscsitarget-kmp-vmiiscsitarget-kmp-xenjava-1_5_0-beajava-1_5_0-bea-consolejava-1_5_0-bea-fontsjava-1_5_0-bea-jdbcjava-1_6_0-ibm-alsa-x86java-1_6_0-ibm-x86kde4-akonadikde4-akregatorkde4-kaddressbookkde4-kalarmkde4-kjotskde4-kmailkde4-knodekde4-knoteskde4-kontactkde4-korganizerkde4-ktimetrackerkde4-ktnefkdepim4kdepim4-wizardskdepimlibs4libakonadi4libkdepim4libkdepimlibs4kde4-gwenviewkde4-kcolorchooserkde4-krulerkde4-ksnapshotkde4-okularlibkipi5kde4-kdmkde4-kwinkde4-kgetkde4-knewstickerkde4-kopetekde4-krdckde4-krfbutempterutempter-32bitutempter-x86ext4dev-kmp-defaultext4dev-kmp-paeext4dev-kmp-ppc64ext4dev-kmp-vmiext4dev-kmp-xenkernel-kdumpkernel-vmikernel-vmi-baseoracleasm-kmp-defaultkvm-kmp-defaultkvm-kmp-paelibHX13libHX13-32bitlibHX13-x86libesmtpzlib-32bitzlib-x86libpoppler4libtheora0libtheora0-32bitlibtheora0-x86libvolume_id1open-iscsiperl-IO-Socket-SSLwebsphere-as_celibcmpiutillibvirt-cimvirt-vieweryast2-ldap-serverConsoleKitConsoleKit-32bitConsoleKit-x11ConsoleKit-x86apache2-mod_pythonarpwatchmozilla-kde4-integrationfirefox-libgcc_s1gwenviewkcolorchooserkrulerksnapshotlibkexiv2-7libkipi6okularbtrfs-kmp-defaultbtrfs-kmp-paebtrfs-kmp-xenext4dev-kmp-tracehyper-v-kmp-defaulthyper-v-kmp-paehyper-v-kmp-tracelibopenssl0_9_8-hmac-x86libpciaccess0libpciaccess0-32bitlibpciaccess0-x86libraptor1man-pagesfirefox-gcc47cxgb3-firmwareperfperl-Config-Generalpostfixpostfix-docpostfix-mysqlpostgresql-initquota-nfslibpq5-x86MozillaFirefox-branding-SLES-for-VMwaregcc43-32bitlibstdc++43-devel-32bitgiflib-x86jakarta-commons-collectionsjakarta-commons-collections-javadocjakarta-commons-collections-tomcat5kde4-l10n-bgkde4-l10n-cakde4-l10n-csbkde4-l10n-elkde4-l10n-etkde4-l10n-eukde4-l10n-fikde4-l10n-gakde4-l10n-glkde4-l10n-hikde4-l10n-iskde4-l10n-kkkde4-l10n-kmkde4-l10n-kukde4-l10n-ltkde4-l10n-lvkde4-l10n-mkkde4-l10n-mlkde4-l10n-ndskde4-l10n-nnkde4-l10n-pakde4-l10n-rokde4-l10n-slkde4-l10n-thkde4-l10n-trkde4-l10n-ukkde4-l10n-wakernel-bigsmp-baseiscsitarget-kmp-bigsmpofed-kmp-bigsmporacleasm-kmp-bigsmpkrb5-pluginsNetworkManager-kde4NetworkManager-kde4-langNetworkManager-kde4-libsNetworkManager-openvpn-kde4NetworkManager-pptp-kde4plasmoid-networkmanagementapportapport-crashdb-sleapport-gtkaudiofile-32bitaudiofile-x86suseRegisterInfocracklib-32bitcracklib-x86fontconfig-x86gnome-sessiongnome-session-langintel-SINITkernel-bigmemkernel-bigmem-basekernel-bigmem-devellhalibcap-ng-utilslibcap-ng0libcap-ng0-32bitdb-docdb-utilsdb-utils-doclibdb-4_5-32bitlibdb-4_5-x86libical0liblouis0perl-Sys-Virtlibncurses5-x86libncurses6-x86libsqlite3-0-x86xorg-x11-libICE-32bitxorg-x11-libICE-x86xorg-x11-libXdmcp-x86xorg-x11-libXpm-32bitxorg-x11-libXpm-x86yast2-storage-libsuse-cloud-releasecrowbar-barclamp-trovecrowbar-barclamp-neutronopenstack-neutron-docopenstack-neutron-ibm-agentopenstack-neutron-mlnx-agentopenstack-neutron-nec-agentopenstack-neutron-nvsd-agentopenstack-neutron-plugin-ciscoopenstack-neutron-restproxy-agentopenstack-neutron-ryu-agentopenstack-neutron-servernovncopenstack-ceilometer-agent-centralopenstack-ceilometer-agent-ipmiopenstack-ceilometer-agent-notificationopenstack-ceilometer-alarm-evaluatoropenstack-ceilometer-alarm-notifieropenstack-ceilometer-apiopenstack-ceilometer-collectoropenstack-ceilometer-docopenstack-cinder-apiopenstack-cinder-backupopenstack-cinder-docopenstack-cinder-scheduleropenstack-glanceopenstack-glance-docopenstack-heatopenstack-heat-apiopenstack-heat-api-cfnopenstack-heat-api-cloudwatchopenstack-heat-docopenstack-heat-engineopenstack-keystoneopenstack-keystone-docopenstack-saharaopenstack-sahara-apiopenstack-sahara-docopenstack-sahara-enginepython-glancepython-heatpython-keystonepython-oslo.i18npython-oslo.utilspython-oslotestpython-saharapython-sixcrowbar-barclamp-nova_dashboardopenstack-dashboardpython-django_openstack_authpython-horizonopenstack-nova-apiopenstack-nova-cellsopenstack-nova-certopenstack-nova-conductoropenstack-nova-consoleopenstack-nova-consoleauthopenstack-nova-docopenstack-nova-novncproxyopenstack-nova-objectstoreopenstack-nova-scheduleropenstack-nova-serialproxyopenstack-nova-vncproxyopenstack-swiftopenstack-swift-accountopenstack-swift-containeropenstack-swift-docopenstack-swift-objectopenstack-swift-proxypython-swiftopenstack-troveopenstack-trove-apiopenstack-trove-conductoropenstack-trove-docopenstack-trove-guestagentopenstack-trove-taskmanagerpython-trovepython-Pillowpython-openstackclientruby2.1-rubygem-sprockets-2_11ruby2.1-rubygem-actionpack-4_1rubygem-actionpack-4_1ruby2.1-rubygem-actionview-4_1rubygem-actionview-4_1ruby2.1-rubygem-activemodel-4_1rubygem-activemodel-4_1ruby2.1-rubygem-activerecord-4_1rubygem-activerecord-4_1ruby2.1-rubygem-activesupport-4_1rubygem-activesupport-4_1ruby2.1-rubygem-bson-1_11ruby2.1-rubygem-easy_diffruby2.1-rubygem-redcarpetrubygem-bson-1_11rubygem-easy_diffrubygem-redcarpetrubygem-sprockets-2_11ruby2.1-rubygem-racksuse-openstack-cloud-releasecouchdbcrowbar-openstackopenstack-heat-plugin-heat_dockeropenstack-heat-templatesopenstack-ironicopenstack-ironic-apiopenstack-ironic-conductorpython-ironicrabbitmq-serverrabbitmq-server-pluginsruby2.1-rubygem-actionpack-4_2ruby2.1-rubygem-actionview-4_2ruby2.1-rubygem-activemodel-4_2ruby2.1-rubygem-activerecord-4_2ruby2.1-rubygem-activesupport-4_2ruby2.1-rubygem-chef-expanderruby2.1-rubygem-chef-serverruby2.1-rubygem-chef-server-apiruby2.1-rubygem-chef-solrrubygem-chef-expanderrubygem-chef-server-apirubygem-chef-solrruby2.1-rubygem-extlibruby2.1-rubygem-multi_xmlruby2.1-rubygem-rails-html-sanitizerruby2.1-rubygem-railties-4_2openstack-designateopenstack-designate-agentopenstack-designate-apiopenstack-designate-centralopenstack-designate-docopenstack-designate-sinkopenstack-ironic-docopenstack-neutron-vpnaasopenstack-neutron-vpnaas-docopenstack-nova-dockeropenstack-tempestopenstack-tempest-testpython-designatepython-neutron-vpnaaspython-tempestopenstack-ceilometer-pollingopenstack-manilaopenstack-manila-apiopenstack-manila-docopenstack-manila-scheduleropenstack-manila-shareopenstack-neutron-fwaasopenstack-neutron-fwaas-docopenstack-neutron-lbaasopenstack-neutron-lbaas-docopenstack-resource-agentspython-manilapython-networking-ciscopython-neutron-fwaaspython-neutron-lbaasopenstack-horizon-plugin-manila-uipython-horizon-plugin-manila-uipython-suds-jurkorubygem-actionview-4_2ruby2.1-rubygem-actionmailer-4_2ruby2.1-rubygem-activejob-4_2ruby2.1-rubygem-rails-4_2rubygem-actionmailer-4_2rubygem-actionpack-4_2rubygem-activejob-4_2rubygem-activemodel-4_2rubygem-activerecord-4_2rubygem-activesupport-4_2rubygem-rails-4_2rubygem-rails-html-sanitizerrubygem-railties-4_2python-defusedxmlpython-pysaml2python-oslo.middlewarepython-XStatic-jquery-uiopenstack-glance-apiopenstack-glance-glareopenstack-glance-registryopenstack-aodhopenstack-aodh-apiopenstack-aodh-docopenstack-aodh-evaluatoropenstack-aodh-expireropenstack-aodh-listeneropenstack-aodh-notifierpython-aodhmonasca-installerstormstorm-nimbusstorm-supervisoropenstack-nova-placement-apiopenstack-magnumopenstack-magnum-apiopenstack-magnum-conductoropenstack-magnum-docpython-magnumopenstack-heat-testopenstack-manila-datalibQt5Bootstrap-devel-static-32bitlibQt5Concurrent-devel-32bitlibQt5Concurrent5-32bitlibQt5Core-devel-32bitlibQt5Core5-32bitlibQt5DBus-devel-32bitlibQt5DBus5-32bitlibQt5Gui-devel-32bitlibQt5Gui5-32bitlibQt5Network-devel-32bitlibQt5Network5-32bitlibQt5OpenGL-devel-32bitlibQt5OpenGL5-32bitlibQt5OpenGLExtensions-devel-static-32bitlibQt5PlatformSupport-devel-static-32bitlibQt5PrintSupport-devel-32bitlibQt5PrintSupport5-32bitlibQt5Sql-devel-32bitlibQt5Sql5-32bitlibQt5Sql5-mysql-32bitlibQt5Sql5-postgresql-32bitlibQt5Sql5-sqlite-32bitlibQt5Sql5-unixODBC-32bitlibQt5Test-devel-32bitlibQt5Test5-32bitlibQt5Widgets-devel-32bitlibQt5Widgets5-32bitlibQt5Xml-devel-32bitlibQt5Xml5-32bitlibqt5-qtbase-exampleslibqt5-qtbase-examples-32bitlibqt5-qtbase-platformtheme-gtk2openSUSE-releaseMozillaFirefox-branding-upstreamMozillaFirefox-buildsymbolsMozillaFirefox-translations-commonMozillaFirefox-translations-otherGraphicsMagick-devellibGraphicsMagick-Q16-3libGraphicsMagick3-configlibGraphicsMagickWand-Q16-2ImageMagick-docImageMagick-extraandroid-toolsaria2aria2-langavahi-autoipdbogofilter-commonbogofilter-dbclaws-mailclaws-mail-langlibgcc_s1-gcc48-32bitlibgcj_bc1-gcc48libstdc++6-gcc48-localecrash-kmp-xencyradmdhcp-docexifgcabgcab-langlibgcab-1_0-0gimp-help-browsergimp-plugin-aaglibc-extragnome-gamesgnome-games-recommendedwdiff-langhtmldocicedtea-web-javadocjheadkdebase4-workspace-libspython-kdebase4kdnssdkpppkernel-pv-develkio-extras5kwebkitpartkwebkitpart-langklogdkonversationkonversation-langlibFS6libbotan-1_10-1libexiv2-14systemd-loggerliblightdm-gobject-1-0lightdmlightdm-langlibminiupnpc10libmono-2_0-1libmono-2_0-devellibmonoboehm-2_0-1libmonoboehm-2_0-devellibmonosgen-2_0-1mono-mvcpango-toolspango-tools-32bitlibpgf6libproxy1-config-kde4pulseaudio-bash-completionlibraw10libreoffice-icon-theme-breezelibreoffice-icon-theme-hicontrastlibreoffice-icon-theme-oxygenlibreoffice-icon-theme-sifrlibrsync2python-SpiceClientGtklibthunarx-2-0thunarthunar-langlibvirt-daemon-driver-umllibvirt-daemon-driver-vboxlinksmonitoring-toolsnanonano-langnbdnbd-docnspluginwrapperobs-service-set_versionopenconnectopenconnect-develplasma5-desktopplasma5-desktop-langprivoxypwgenpython3-dbmpython3-tksystem-config-printer-appletpython3-pippython3-requestsqemu-extraqemu-linux-usersddmsddm-branding-openSUSEtnftptransmission-commontransmission-gtktransmission-gtk-langunzip-docviewvcvirtualboxvirtualbox-guest-kmp-defaultvirtualbox-guest-toolsvirtualbox-guest-x11virtualbox-host-kmp-defaultvirtualbox-qtwireshark-ui-gtknodejsnodejs-develnodejs-docnodejs-docsnodejs-npmlibcrypto36libcrypto36-32bitlibressllibressl-devellibressl-devel-32bitlibressl-devel-doclibssl37libssl37-32bitlibtls9libtls9-32bitwireshark-ui-qtsudo-testaudiofile-devel-32bitaudiofile-doclibmount-devel-32bitlibpotrace0potracepotrace-develbouncycastlebouncycastle-javadocpolkit-docseamonkeyseamonkey-dom-inspectorseamonkey-ircseamonkey-translations-commonseamonkey-translations-otherxulrunnerxulrunner-32bitxulrunner-develroundcubemailcross-aarch64-gcc48-icecream-backendcross-armv6hl-gcc48-icecream-backendcross-armv7hl-gcc48-icecream-backendcross-hppa-gcc48-icecream-backendcross-i386-gcc48-icecream-backendcross-ia64-gcc48-icecream-backendcross-ppc-gcc48-icecream-backendcross-ppc64-gcc48-icecream-backendcross-ppc64le-gcc48-icecream-backendcross-s390-gcc48-icecream-backendcross-s390x-gcc48-icecream-backendgcc48-ada-32bitgcc48-testresultsgdbgdb-testresultsgdbserverlibada48-32bitlibatomic1-gcc48libatomic1-gcc48-32bitlibffi4-gcc48libffi4-gcc48-32bitlibffi48-devel-32bitlibgcc_s1-gcc48libgcj48-devel-32bitlibgfortran3-gcc48libgfortran3-gcc48-32bitlibgomp1-gcc48libgomp1-gcc48-32bitlibitm1-gcc48libitm1-gcc48-32bitlibquadmath0-gcc48libquadmath0-gcc48-32bitlibstdc++48-doclibstdc++6-gcc48libstdc++6-gcc48-32bitlibtsan0-gcc48java-1_7_0-openjdk-accessibilityjava-1_7_0-openjdk-bootstrapjava-1_7_0-openjdk-bootstrap-develjava-1_7_0-openjdk-bootstrap-headlessjava-1_7_0-openjdk-javadocjava-1_7_0-openjdk-srcputtyxscreensaver-data-extralibminiupnpc-devellibminiupnpc10-32bitminiupnpcpython-miniupnpcdocker-bash-completiondocker-testdocker-zsh-completionstrongswan-mysqlstrongswan-nmstrongswan-sqlitelibsndfile-progslibpng16-compat-devel-32bitlibpng16-devel-32bitlibpng16-toolslibpng12-compat-devel-32bitlibpng12-devel-32bitcyrus-imapd-snmpcyrus-imapd-snmp-mibscyrus-imapd-utilslinuxvnckernel-debugkernel-debug-basekernel-debug-develkernel-docs-htmlkernel-docs-pdfkernel-obs-qakernel-obs-qa-xenkernel-pvkernel-pv-basekernel-source-vanillakernel-vanillakernel-vanilla-devellibmysql56client18libmysql56client18-32bitlibmysql56client_r18libmysql56client_r18-32bitmysql-community-servermysql-community-server-benchmysql-community-server-clientmysql-community-server-errormessagesmysql-community-server-testmysql-community-server-toolslibXfont-devel-32bitlibXfont1-32bitquasselquassel-basequassel-clientquassel-corequassel-monoldb-toolslibdcerpc-atsvc0-32bitlibdcerpc-samr0-32bitlibregistry0-32bitlibsamba-policy0-32bitpyldb-32bitpython-tdb-32bitpython-tevent-32bitsamba-pidlsamba-pythonsubversion-rubybind-lwresdcalibrefcitx-qt5fcitx-qt5-32bitfcitx-qt5-develframeworkintegrationframeworkintegration-develframeworkintegration-devel-32bitframeworkintegration-pluginframeworkintegration-plugin-32bitkwaylandkwayland-32bitkwayland-develkwayland-devel-32bitkwin5kwin5-develkwin5-langlibKF5Style5libKF5Style5-32bitlibKF5Style5-langlibQt53DCollision-devellibQt53DCollision5libQt53DCollision5-32bitlibQt53DCore-devellibQt53DCore5libQt53DCore5-32bitlibQt53DInput-devellibQt53DInput5libQt53DInput5-32bitlibQt53DLogic-devellibQt53DLogic5libQt53DLogic5-32bitlibQt53DQuick-devellibQt53DQuick5libQt53DQuick5-32bitlibQt53DQuickRenderer-devellibQt53DQuickRenderer5libQt53DQuickRenderer5-32bitlibQt53DRenderer-devellibQt53DRenderer5libQt53DRenderer5-32bitlibQt5Bluetooth5libQt5Bluetooth5-32bitlibQt5Bluetooth5-importslibQt5CLucene5libQt5CLucene5-32bitlibQt5Compositor5libQt5Compositor5-32bitlibQt5Declarative5libQt5Declarative5-32bitlibQt5Designer5libQt5Designer5-32bitlibQt5DesignerComponents5libQt5DesignerComponents5-32bitlibQt5Help5libQt5Help5-32bitlibQt5Location5libQt5Location5-32bitlibQt5Multimedia5libQt5Multimedia5-32bitlibQt5Nfc5libQt5Nfc5-32bitlibQt5Nfc5-importslibQt5Positioning5libQt5Positioning5-32bitlibQt5Script5libQt5Script5-32bitlibQt5Sensors5libQt5Sensors5-32bitlibQt5Sensors5-importslibQt5SerialPort5libQt5SerialPort5-32bitlibQt5Svg5libQt5Svg5-32bitlibQt5WaylandClient5libQt5WaylandClient5-32bitlibQt5WebChannel5libQt5WebChannel5-32bitlibQt5WebChannel5-importslibQt5WebKit5-32bitlibQt5WebKit5-devel-32bitlibQt5WebKitWidgets-devel-32bitlibQt5WebKitWidgets5-32bitlibQt5WebSockets5libQt5WebSockets5-32bitlibQt5WebSockets5-importslibQt5X11Extras5libQt5X11Extras5-32bitlibQt5XmlPatterns5libQt5XmlPatterns5-32bitlibQtQuick5-32bitlibqt5-creatorlibqt5-linguistlibqt5-linguist-devellibqt5-qt3dlibqt5-qt3d-devellibqt5-qt3d-exampleslibqt5-qt3d-importslibqt5-qt3d-private-headers-devellibqt5-qtconnectivitylibqt5-qtconnectivity-devellibqt5-qtconnectivity-devel-32bitlibqt5-qtconnectivity-exampleslibqt5-qtconnectivity-private-headers-devellibqt5-qtconnectivity-toolslibqt5-qtctlibqt5-qtdeclarative-devel-32bitlibqt5-qtdeclarative-exampleslibqt5-qtdoclibqt5-qtgraphicaleffectslibqt5-qtimageformatslibqt5-qtimageformats-32bitlibqt5-qtimageformats-devellibqt5-qtlocationlibqt5-qtlocation-devellibqt5-qtlocation-devel-32bitlibqt5-qtlocation-exampleslibqt5-qtlocation-private-headers-devellibqt5-qtmultimedialibqt5-qtmultimedia-devellibqt5-qtmultimedia-devel-32bitlibqt5-qtmultimedia-exampleslibqt5-qtmultimedia-private-headers-devellibqt5-qtquick1libqt5-qtquick1-devellibqt5-qtquick1-devel-32bitlibqt5-qtquick1-exampleslibqt5-qtquick1-private-headers-devellibqt5-qtquickcontrolslibqt5-qtquickcontrols-exampleslibqt5-qtscriptlibqt5-qtscript-devellibqt5-qtscript-devel-32bitlibqt5-qtscript-exampleslibqt5-qtscript-private-headers-devellibqt5-qtsensorslibqt5-qtsensors-devellibqt5-qtsensors-devel-32bitlibqt5-qtsensors-exampleslibqt5-qtsensors-private-headers-devellibqt5-qtserialportlibqt5-qtserialport-devellibqt5-qtserialport-devel-32bitlibqt5-qtserialport-private-headers-devellibqt5-qtsvglibqt5-qtsvg-devellibqt5-qtsvg-devel-32bitlibqt5-qtsvg-exampleslibqt5-qtsvg-private-headers-devellibqt5-qttoolslibqt5-qttools-32bitlibqt5-qttools-devellibqt5-qttools-devel-32bitlibqt5-qttools-exampleslibqt5-qttools-private-headers-devellibqt5-qttranslationslibqt5-qtwaylandlibqt5-qtwayland-32bitlibqt5-qtwayland-devellibqt5-qtwayland-devel-32bitlibqt5-qtwayland-exampleslibqt5-qtwayland-private-headers-devellibqt5-qtwebchannellibqt5-qtwebchannel-devellibqt5-qtwebchannel-devel-32bitlibqt5-qtwebchannel-exampleslibqt5-qtwebchannel-private-headers-devellibqt5-qtwebenginelibqt5-qtwebengine-32bitlibqt5-qtwebengine-devellibqt5-qtwebengine-devel-32bitlibqt5-qtwebengine-exampleslibqt5-qtwebengine-private-headers-devellibqt5-qtwebkitlibqt5-qtwebkit-exampleslibqt5-qtwebsocketslibqt5-qtwebsockets-devellibqt5-qtwebsockets-devel-32bitlibqt5-qtwebsockets-exampleslibqt5-qtwebsockets-private-headers-devellibqt5-qtx11extraslibqt5-qtx11extras-devellibqt5-qtx11extras-devel-32bitlibqt5-qtxmlpatternslibqt5-qtxmlpatterns-devellibqt5-qtxmlpatterns-devel-32bitlibqt5-qtxmlpatterns-exampleslibqt5-qtxmlpatterns-private-headers-devellxqt-powermanagementlxqt-powermanagement-langlxqt-qtplugingummigummi-langclaws-mail-develgrub2-branding-upstreamgrub2-i386-efitypo3-cms-4_7pdnspdns-backend-ldappdns-backend-luapdns-backend-mydnspdns-backend-mysqlpdns-backend-postgresqlpdns-backend-sqlite3ImageMagick-devel-32bitlibMagick++-6_Q16-3-32bitlibMagick++-devel-32bitlibMagickWand-6_Q16-1-32bittypo3-cms-4_5openldap2-back-sqlopenldap2-doccracklib-devel-32bitlibpwqualitylibpwquality-devellibpwquality-langlibpwquality-toolslibpwquality1pam_pwqualitypython-pwqualitytomcat-embedtomcat-jsvcjava-1_8_0-openjdk-accessibilityjava-1_8_0-openjdk-javadocjava-1_8_0-openjdk-srclibstorage-pythonlibstorage-testsuitelibsrtplibsrtp-devellibsrtp1-32bitmariadb-benchmariadb-testgdk-pixbuf-devel-32bitocaml-compiler-libs-develocaml-docsocaml-emacsocaml-sourceocaml-x11libtorrent-rasterbarlibtorrent-rasterbar-devellibtorrent-rasterbar-doclibtorrent-rasterbar8python-libtorrent-rasterbardrbd-kmp-pvhdjmodhdjmod-kmp-defaulthdjmod-kmp-paehdjmod-kmp-pvhdjmod-kmp-xenipsetipset-develipset-kmp-defaultipset-kmp-paeipset-kmp-pvipset-kmp-xenlibipset3lttng-modules-kmp-pvpcfclockpcfclock-kmp-defaultpcfclock-kmp-paepcfclock-kmp-pvvhba-kmpvhba-kmp-defaultvhba-kmp-paevhba-kmp-pvvhba-kmp-xenoperaopenssh-cavsfile-rollerfile-roller-langnautilus-file-rollerctdb-testsgtk2-branding-SLEDgtk2-branding-openSUSEgtk2-branding-upstreamgtk2-engine-clearlooksgtk2-engine-clearlooks-32bitgtk2-engine-cruxgtk2-engine-crux-32bitgtk2-engine-glidegtk2-engine-glide-32bitgtk2-engine-hcenginegtk2-engine-industrialgtk2-engine-industrial-32bitgtk2-engine-mistgtk2-engine-mist-32bitgtk2-engine-redmond95gtk2-engine-redmond95-32bitgtk2-engine-thinicegtk2-engine-thinice-32bitgtk2-enginesgtk2-engines-develgtk2-immodule-amharicgtk2-immodule-amharic-32bitgtk2-immodule-inuktitutgtk2-immodule-inuktitut-32bitgtk2-immodule-multipressgtk2-immodule-multipress-32bitgtk2-immodule-thaigtk2-immodule-thai-32bitgtk2-immodule-vietnamesegtk2-immodule-vietnamese-32bitgtk2-immodule-ximgtk2-immodule-xim-32bitgtk2-immodules-tigrignagtk2-immodules-tigrigna-32bitgtk2-theme-clearlooksgtk2-theme-cruxgtk2-theme-industrialgtk2-theme-mistgtk2-theme-redmond95gtk2-theme-thinicelibcurl-devel-32bitlibgcrypt-cavslibopenjpeg1-32bitopenjpeg-devel-32bitphp5-firebirdphp5-mssqllibecpg6-32bitpostgresql94-plperlpostgresql94-plpythonpostgresql94-pltclpostgresql94-testnpmlibreoffice-gdb-pretty-printerslibreoffice-gladelibreoffice-gtk3libreoffice-l10n-aslibreoffice-l10n-bnlibreoffice-l10n-brlibreoffice-l10n-cylibreoffice-l10n-dzlibreoffice-l10n-etlibreoffice-l10n-eulibreoffice-l10n-falibreoffice-l10n-galibreoffice-l10n-gllibreoffice-l10n-helibreoffice-l10n-kklibreoffice-l10n-knlibreoffice-l10n-lvlibreoffice-l10n-mailibreoffice-l10n-mllibreoffice-l10n-mrlibreoffice-l10n-nrlibreoffice-l10n-nsolibreoffice-l10n-orlibreoffice-l10n-palibreoffice-l10n-silibreoffice-l10n-sllibreoffice-l10n-srlibreoffice-l10n-sslibreoffice-l10n-stlibreoffice-l10n-talibreoffice-l10n-telibreoffice-l10n-thlibreoffice-l10n-tnlibreoffice-l10n-trlibreoffice-l10n-tslibreoffice-l10n-velibreoffice-sdk-doclibreofficekit-develnss-myhostnamenss-myhostname-32bitsystemd-journal-gatewaysystemd-mini-sysvinitlibX11-devel-32bitlibXfixes-devel-32bitlibXi-devel-32bitlibXrandr-devel-32bitlibXrender-devel-32bitlibXtst-devel-32bitlibXv-devel-32bitlibXvMC-devel-32bitlibXvMC1-32bitdbus-1-devel-32bitlibGraphicsMagick++-Q16-11libGraphicsMagick++-develguile1libguile-srfi-srfi-1-v-3-3libguile-srfi-srfi-13-14-v-3-3libguile-srfi-srfi-4-v-3-3libguile-srfi-srfi-60-v-2-2libguile1-devellibguile17libguilereadline-v-17-17qemu-testsuitepython-ipa_hbacpython-sss_nss_idmaplibraw-toolsprivoxy-docmonitmonit-docdovecot22-ftsdovecot22-fts-lucenedovecot22-fts-solrdovecot22-fts-squatgnuchessbash-loadablespitivipitivi-langcontainerd-ctrcontainerd-testrunc-testtar-backup-scriptstar-testslibarchive13-32bitlibass5-32bitlibpcre16-0-32bitlibpcreposix0-32bitpcre-docapache-commons-dbcpapache-commons-dbcp-javadocapache-commons-pool2apache-commons-pool2-javadocw3m-inline-imageruby2.1-rubygem-rails-html-sanitizer-docruby2.1-rubygem-rails-html-sanitizer-testsuitegstreamer-0_10-plugins-bad-32bitgstreamer-0_10-plugins-bad-doclibgstcodecparsers-0_10-23-32bitpython-Twisted-docgstreamer-plugins-bad-32bitgstreamer-plugins-bad-doclibgstbadbase-1_0-0-32bitlibgstbadvideo-1_0-0-32bitlibgstbasecamerabinsrc-1_0-0-32bitlibgstcodecparsers-1_0-0-32bitlibgstgl-1_0-0-32bitlibgstinsertbin-1_0-0-32bitlibgstmpegts-1_0-0-32bitlibgstphotography-1_0-0-32bitlibgsturidownloader-1_0-0-32bitlibgstwayland-1_0-0libgstwayland-1_0-0-32bitruby2.1-rubygem-mail-2_5ruby2.1-rubygem-mail-doc-2_5rubygem-mail-2_4-docrubygem-mail-2_5shellinaboxlibGraphicsMagick++-Q16-12ruby2.1-rubygem-actionpack-doc-4_2ruby2.1-rubygem-actionview-doc-4_2ruby2.1-rubygem-activemodel-doc-4_2ruby2.1-rubygem-activerecord-doc-4_2ruby2.1-rubygem-activesupport-doc-4_2cacticacti-spinelibnettle-devel-32bitnettlelibvlc5libvlccore8vlcvlc-develvlc-gnomevlc-noXvlc-noX-langvlc-qtglibc-devel-static-32bitglibc-obsoleteglibc-testsuiteglibc-utilsglibc-utils-32bitobs-service-download_filesobs-service-extract_fileobs-service-recompressobs-service-verify_filepostgresql93-plperlpostgresql93-plpythonpostgresql93-pltclpostgresql93-testattica-qt5attica-qt5-develattica-qt5-devel-32bitbaloo5baloo5-develbaloo5-filebaloo5-importsbaloo5-kioslavesbaloo5-langbaloo5-toolsbluez-qtbluez-qt-develbluez-qt-importsbluez-qt-udevbreeze5-iconsextra-cmake-moduleskactivities5kactivities5-develkactivities5-devel-32bitkactivities5-importskapidoxkbookmarkskbookmarks-develkbookmarks-devel-32bitkcmutilskcmutils-develkcmutils-devel-32bitkcodecskcodecs-develkcodecs-devel-32bitkcompletionkcompletion-develkcompletion-devel-32bitkconf_update5kconfigkconfig-develkconfig-devel-32bitkconfigwidgetskconfigwidgets-develkconfigwidgets-devel-32bitkcrashkcrash-develkcrash-devel-32bitkdbusaddonskdbusaddons-develkdbusaddons-devel-32bitkdbusaddons-toolskdeclarativekdeclarative-componentskdeclarative-components-32bitkdeclarative-develkdeclarative-devel-32bitkdeclarative-toolskdedkded-develkded-langkdelibs4supportkdelibs4support-32bitkdelibs4support-develkdelibs4support-devel-32bitkdelibs4support-langkdesignerpluginkdesignerplugin-develkdesignerplugin-langkdesukdesu-develkdesu-devel-32bitkdewebkitkdewebkit-develkdewebkit-devel-32bitkdnssd-frameworkkdnssd-framework-develkdnssd-framework-devel-32bitkdoctoolskdoctools-develkdoctools-langkemoticonskemoticons-develkemoticons-devel-32bitkfilemetadata5kfilemetadata5-32bitkfilemetadata5-develkfilemetadata5-langkglobalaccelkglobalaccel-develkglobalaccel-devel-32bitkglobalaccel5kguiaddonskguiaddons-develkguiaddons-devel-32bitkhtmlkhtml-develkhtml-devel-32bitki18nki18n-develki18n-devel-32bitkiconthemeskiconthemes-develkiconthemes-devel-32bitkidletimekidletime-develkidletime-devel-32bitkimageformatskimageformats-32bitkinit-32bitkitemmodelskitemmodels-develkitemmodels-devel-32bitkitemviewskitemviews-develkitemviews-devel-32bitkjobwidgetskjobwidgets-develkjobwidgets-devel-32bitkjskjs-develkjs-devel-32bitkjsembedkjsembed-develkjsembed-devel-32bitkmediaplayerkmediaplayer-develkmediaplayer-devel-32bitknewstuffknewstuff-develknewstuff-devel-32bitknotificationsknotifications-develknotifications-devel-32bitknotifyconfigknotifyconfig-develknotifyconfig-devel-32bitkpackagekpackage-32bitkpackage-develkpackage-devel-32bitkpackage-langkpartskparts-develkparts-devel-32bitkpeople5kpeople5-32bitkpeople5-develkpeople5-devel-32bitkpeople5-langkplottingkplotting-develkplotting-devel-32bitkptykpty-develkpty-devel-32bitkrosskross-32bitkross-develkross-devel-32bitkross-langkrunnerkrunner-develkrunner-devel-32bitkservicekservice-32bitkservice-develkservice-devel-32bitkservice-langksslktexteditorktexteditor-32bitktexteditor-develktexteditor-devel-32bitktexteditor-langktextwidgetsktextwidgets-develktextwidgets-devel-32bitkunitconversionkunitconversion-develkunitconversion-devel-32bitkwalletkwallet-develkwallet-devel-32bitkwallet-toolskwallet-tools-langkwalletd5kwalletd5-langkwidgetsaddonskwidgetsaddons-develkwidgetsaddons-devel-32bitkwindowsystemkwindowsystem-develkwindowsystem-devel-32bitkxmlguikxmlgui-develkxmlgui-devel-32bitkxmlrpcclient5kxmlrpcclient5-develkxmlrpcclient5-devel-32bitlibKF5Activities5libKF5Activities5-32bitlibKF5Activities5-langlibKF5Attica5libKF5Attica5-32bitlibKF5Baloo5libKF5Baloo5-32bitlibKF5BalooEngine5libKF5BalooEngine5-32bitlibKF5BluezQt6libKF5Bookmarks5libKF5Bookmarks5-32bitlibKF5Bookmarks5-langlibKF5CalendarEvents5libKF5CalendarEvents5-32bitlibKF5Codecs5libKF5Codecs5-32bitlibKF5Codecs5-langlibKF5Completion5libKF5Completion5-32bitlibKF5Completion5-langlibKF5ConfigCore5libKF5ConfigCore5-32bitlibKF5ConfigCore5-langlibKF5ConfigGui5libKF5ConfigGui5-32bitlibKF5ConfigWidgets5libKF5ConfigWidgets5-32bitlibKF5ConfigWidgets5-langlibKF5Crash5libKF5Crash5-32bitlibKF5DBusAddons5libKF5DBusAddons5-32bitlibKF5DBusAddons5-langlibKF5DNSSD5libKF5DNSSD5-32bitlibKF5DNSSD5-langlibKF5Declarative5libKF5Declarative5-32bitlibKF5Declarative5-langlibKF5Emoticons5libKF5Emoticons5-32bitlibKF5GlobalAccel5libKF5GlobalAccel5-32bitlibKF5GlobalAccel5-langlibKF5GlobalAccelPrivate5libKF5GuiAddons5libKF5GuiAddons5-32bitlibKF5I18n5libKF5I18n5-32bitlibKF5I18n5-langlibKF5IconThemes5libKF5IconThemes5-32bitlibKF5IconThemes5-langlibKF5IdleTime5libKF5IdleTime5-32bitlibKF5ItemModels5libKF5ItemModels5-32bitlibKF5ItemViews5libKF5ItemViews5-32bitlibKF5ItemViews5-langlibKF5JS5libKF5JS5-32bitlibKF5JSApi5libKF5JSApi5-32bitlibKF5JobWidgets5libKF5JobWidgets5-32bitlibKF5JobWidgets5-langlibKF5JsEmbed5libKF5JsEmbed5-32bitlibKF5JsEmbed5-langlibKF5KCMUtils5libKF5KCMUtils5-32bitlibKF5KCMUtils5-langlibKF5KDELibs4Support5libKF5KDELibs4Support5-32bitlibKF5KHtml5libKF5KHtml5-32bitlibKF5KHtml5-langlibKF5MediaPlayer5libKF5MediaPlayer5-32bitlibKF5ModemManagerQtlibKF5ModemManagerQt-devellibKF5ModemManagerQt6libKF5NetworkManagerQtlibKF5NetworkManagerQt-devellibKF5NetworkManagerQt-devel-32bitlibKF5NetworkManagerQt6libKF5NetworkManagerQt6-32bitlibKF5NewStuff5libKF5NewStuff5-32bitlibKF5NewStuff5-langlibKF5Notifications5libKF5Notifications5-32bitlibKF5Notifications5-langlibKF5NotifyConfig5libKF5NotifyConfig5-32bitlibKF5NotifyConfig5-langlibKF5Parts5libKF5Parts5-32bitlibKF5Parts5-langlibKF5Plotting5libKF5Plotting5-32bitlibKF5Pty5libKF5Pty5-32bitlibKF5Pty5-langlibKF5QuickAddons5libKF5QuickAddons5-32bitlibKF5Runner5libKF5Runner5-32bitlibKF5Solid5libKF5Solid5-32bitlibKF5Solid5-langlibKF5SonnetCore5libKF5SonnetCore5-32bitlibKF5SonnetCore5-langlibKF5SonnetUi5libKF5SonnetUi5-32bitlibKF5Su5libKF5Su5-32bitlibKF5Su5-langlibKF5TextWidgets5libKF5TextWidgets5-32bitlibKF5TextWidgets5-langlibKF5ThreadWeaver5libKF5ThreadWeaver5-32bitlibKF5UnitConversion5libKF5UnitConversion5-32bitlibKF5UnitConversion5-langlibKF5Wallet5libKF5Wallet5-32bitlibKF5WebKit5libKF5WebKit5-32bitlibKF5WidgetsAddons5libKF5WidgetsAddons5-32bitlibKF5WidgetsAddons5-langlibKF5WindowSystem5libKF5WindowSystem5-32bitlibKF5WindowSystem5-langlibKF5XmlGui5libKF5XmlGui5-32bitlibKF5XmlGui5-langlibKF5XmlRpcClient5libKF5XmlRpcClient5-32bitlibKF5XmlRpcClient5-langlibkwalletbackend5-5libkwalletbackend5-5-32bitoxygen5-icon-themeoxygen5-icon-theme-largeoxygen5-icon-theme-scalableplasma-frameworkplasma-framework-32bitplasma-framework-componentsplasma-framework-components-32bitplasma-framework-develplasma-framework-devel-32bitplasma-framework-langplasma-framework-privateplasma-framework-private-32bitsolidsolid-develsolid-devel-32bitsolid-importssolid-toolssonnetsonnet-develsonnet-devel-32bitthreadweaverthreadweaver-develthreadweaver-devel-32bitgajimgajim-langlibpng15-15-32bitlibnghttp2-devellibnghttp2_asio-devellibnghttp2_asio1nghttp2nghttp2-docpython-nghttp2salt-fish-completionsalt-raetlibotr-toolslibotr2-devellibotr2-toolseximeximoneximstats-htmllibssh4-32bitpython-Pillow-tklibjavascriptcoregtk-4_0-18-32bitlibwebkit2gtk-4_0-37-32bittypelib-1_0-WebKit2WebExtension-4_0webkit-jsc-4bsh2-bsfbsh2-demobsh2-manualbsh2-srcgit-credential-gnome-keyringcgitlibebmllibebml-devellibebml4libebml4-32bitlibmatroskalibmatroska-devellibmatroska6libmatroska6-32bitdropbearlibjavascriptcoregtk-3_0-0-32bitlibwebkitgtk-3_0-0-32bitwebkit-jsc-1webkit-jsc-3clamav-databasemercurial-langoptipnggcc5-go-32bitgcc5-testresultslibgo7-32bitathemeatheme-devellibathemecore1proftpdproftpd-develproftpd-docproftpd-langproftpd-ldapproftpd-mysqlproftpd-pgsqlproftpd-radiusproftpd-sqlitegdk-pixbuf-loader-rsvg-32bitpython-virtualboxvirtualbox-develvirtualbox-guest-desktop-iconsvirtualbox-host-sourcevirtualbox-websrvcups-filters-devellibexpat-devel-32bitiproxylibimobiledevice-doclibimobiledevice6-32bitlibusbmuxdlibusbmuxd4-32bitpython-imobiledevicelibpoppler-qt5-1libpoppler-qt5-develpoppler-qt5libvirt-daemon-umllibvirt-daemon-vboxlibvirt-login-shelllibtasn1-devel-32bitlibavlibav-toolslibavcodec-libav-devellibavcodec-libav56libavdevice-libav-devellibavdevice-libav55libavfilter-libav-devellibavfilter-libav5libavformat-libav-devellibavformat-libav56libavresample-libav-devellibavresample-libav2libavutil-libav-devellibavutil-libav54libswscale-libav-devellibswscale-libav3libgimp-2_0-0-32bitlibgimpui-2_0-0-32bitspice-clientlibircclientlibircclient-devellibircclient-doclibircclient1cronichunspell-staticlibetonyek-toolslibixion-python3libixion-toolsliborcus-python3liborcus-toolslibvisio-toolslibwps-toolsmdds-1_0mdds-1_0-develmyspell-anmyspell-an_ESmyspell-br_FRmyspell-gd_GBmyspell-glmyspell-gl_ESmyspell-gugmyspell-gug_PYmyspell-ismyspell-is_ISmyspell-kmr_Latnmyspell-kmr_Latn_SYmyspell-kmr_Latn_TRmyspell-ne_NPmyspell-oc_FRmyspell-si_LKmyspell-sw_TZapache2-eventgnugkh323plush323plus-devellibh323-1_26_5mupdfmupdf-devel-staticbsdifflibpcre2-16-0libpcre2-16-0-32bitlibpcre2-32-0libpcre2-32-0-32bitlibpcre2-8-0libpcre2-8-0-32bitlibpcre2-posix1libpcre2-posix1-32bitpcre2pcre2-develpcre2-devel-staticpcre2-docpcre2-toolssqlite3-docharfbuzzharfbuzz-develharfbuzz-toolslibharfbuzz-icu0libharfbuzz-icu0-32bitlibharfbuzz0libharfbuzz0-32bitlibpython3_4m1_0-32bitpython3-32bitpython3-base-32bitpython3-docpython3-doc-pdfpython3-idlepython3-testsuitepython3-toolsicingaicinga-develicinga-docicinga-idoutilsicinga-idoutils-mysqlicinga-idoutils-oracleicinga-idoutils-pgsqlicinga-plugins-downtimesicinga-plugins-eventhandlersicinga-wwwicinga-www-configicoutilslibpcscspy0-32bitlibgit2-22libgit2-22-32bitlibgme0-32bitxtrabackupxtrabackup-testlibXvnc-develgstreamer-0_10-plugin-esdgstreamer-0_10-plugin-esd-32bitgstreamer-0_10-plugins-good-32bitgstreamer-0_10-plugins-good-extragstreamer-0_10-plugins-good-extra-32bitgstreamer-0_10-plugin-gnomevfsliblcms2-2-32bitliblcms2-devel-32bitliblcms2-docbzrtpbzrtp-devellibbzrtp0libbzrtp0-32bitlibgnutls-devel-32bitlibcrypto37libcrypto37-32bitlibssl38libssl38-32bitlibtls10libtls10-32bitlibplist++3-32bitlibplist3-32bitplistutilpython-plistpostfixadminffmpeg3libvmtools-devellibopus0-32bitfirebird-32bitfirebird-docfirebird-superserverlibfbclient2-32bitlibfbembed2_5-32bitprofanityprofanity-miniprofanity-standardlibquicktime-toolslibquicktime0-32bitsyncthingsyncthing-gtksyncthing-gtk-langlibXpm-devel-32bitgstreamer-plugins-base-32bitgstreamer-plugins-base-doclibgstallocators-1_0-0-32bitlibgstriff-1_0-0-32bitlibgstrtp-1_0-0-32bitlibgstrtsp-1_0-0-32bitlibgstsdp-1_0-0-32bitgstreamer-32bitgstreamer-docmuninmunin-nodecacti-docperl-Image-Infobitlbeebitlbee-develbitlbee-docpax-utilslibmxml1-32bitmxml-develqbittorrentqbittorrent-noxpartclonepartclone-langlibruby2_2-2_2libruby2_3-2_3ruby2.2ruby2.2-develruby2.2-devel-extraruby2.2-docruby2.2-doc-riruby2.2-stdlibruby2.2-tkruby2.3ruby2.3-develruby2.3-devel-extraruby2.3-docruby2.3-doc-riruby2.3-stdlibruby2.3-tkapparmor-abstractionsapparmor-parser-langapparmor-utils-langpython3-apparmorruby-apparmorslrnslrn-langzlib-devel-static-32bitgstreamer-plugins-good-32bitgstreamer-plugins-good-docgstreamer-plugins-good-extragstreamer-plugins-good-extra-32bitbackintimebackintime-langbackintime-qt4ruby2.1-devel-extraruby2.1-docruby2.1-doc-rifehdpkg-develdpkg-langlibzzip-0-13-32bitzziplib-devel-32bitlibpcap-devel-32bitlibpcap-devel-staticlibcrypto41libcrypto41-32bitlibssl43libssl43-32bitlibtls15libtls15-32bitswftoolsrzipencfsencfs-lang0:5.20.0-5.212.10:53.0.2785.89-96.1120:0.8.20-9.10:54.0.2840.59-109.10:1.5.4-1.1050:2014.2.3.dev13-1.10:2014.2.2.dev26-3.10:1.6.4-0.7.10:1.0.0-14.10:2.6.1-1.180:2.6.3-2.200:2.3.0-1.60:10.32.2-3.10:6.8.8.1-5.210:31.1.0esr-1.200:13.2+git20140911.61c1681-1.160:0.6.35-1.1260:1.0.27.2-11.100:1.6.3-1.1790:0.6.31-20.590:4.2-75.20:6.2-75.20:9.9.5P1-1.100:1.2.4-3.560:1.0.6-27.11290:6.4-3.50:0.98.4-1.460:1.1.7-2.420:0.1.25-3.1130:1.1.0-147.710:8.22-5.170:2.11-26.1820:1.27.1-2.220:4.8.3+r212056-6.30:4.2-55.30:1.4.11-55.30:1.7.5-2.70:1.0.58-2.60:0.2.5-3.750:7.37.0-2.50:1.12.12-181.630:2.1.26-7.10:1.8.8-1.50:1.8.8-1.120:0.100.2-3.580:4.2.6-7.30:0.97.2-13.2530:037-34.40:103-5.350:0.158-3.2000:24.3-14.440:3.10.3-1.1310:3.10.3-1.2130:2.1.0-13.2320:2.0.2-1.60:6.3.26-5.180:5.19-2.1490:2.10.9-5.150:11.2.202.406-1.30:1.0.2-7.90:2.5.3-2.110:2.9.3-3.650:1.1.36-54.1000:2.1.0-3.120:2.30.6-1.230:2.40.2-1.130:3.10.0.1-13.30:2.8.10-1.1640:2.38.2-5.120:2.19-17.720:3.10.1-4.10:3.10.5-1.110:3.10.4-22.130:3.2.15-1.80:2.0.24-1.50:1.5.1-1.120:1.22.2-5.4290:7.4.326-2.620:1.6-7.3920:1.0-6.450:3.14.6-3.140:1.4.10.1-2.250:1.5.0-2.130:s20121221-2.190:1.7.0.65-3.70:1.5.1-1.130:1.15.5-7.120:3.12.28-4.60:1.12.1-6.30:1.0.3-1.50:1.19-17.310:3.18-1.190:2.1.0-4.50:1.6.2-4.120:1.0.7-3.540:1.1.14-3.600:1.3.2-3.610:5.0.1-3.530:1.4.7-2.90:1.7.2-3.620:1.1.3-3.550:1.0.2-3.580:1.4.2-3.560:0.9.8-3.560:1.1.4-3.590:1.2.2-3.600:1.0.10-3.570:1.0.8-3.570:1.1.3-3.540:1.2.0-1.50:2.25-6.690:2.25-6.50:2.25-6.10:0.41.rc1-1.300:4.1.12-3.20:1.1.3-3.520:9.3.5-2.30:9.3.5-2.240:2.0.21-4.10:0.6.21-6.40:2.5.2.26539-13.420:3.16.4-5.20:2.5.3-2.180:1.11.4-1.120:7.2d-3.770:1.6.1-9.10:1.0.0-352.840:0.4-3.830:210-44.10:0.15.1b-182.580:1.11.5.1-5.200:2.2.7-3.630:2.0-12.130:0.11-2.220:2.4.2-14.600:5.2.2-4.20:2.08-1.130:3.2.0-4.590:0.6.2-15.80:0.8.8.4-13.690:0.4-3.640:2.1.5-27.860:10.0.11-6.40:0.30.0-3.650:0.9.8j-59.110:1.0.1i-2.120:1.36.3-4.140:1.8.10-3.70:1.2.50-8.210:1.6.8-2.240:0.112-2.1890:0.24.4-3.140:0.24.4-3.130:0.4.11-11.20:0.4.11-11.60:5.0-2.70:2.7.7-2.360:3.4.1-2.380:4.8.6-2.110:4.8.6-2.60:2.0.10-3.670:0.15.4-3.880:4.3.1.2-3.70:0.19-16.560:1.1.10-24.1280:0.4.8-18.630:1.0.25-18.750:5.7.2.1-3.80:2.44.2-1.460:0.25-3.40:0.6.3-1.40:1.9.1-1.2650:3.7-2.130:4.0.3-9.780:2.1.3-1.140:1.2.5-13.30:1.3.3-8.230:0.28.2-17.830:1.10-1.210:3.1.1-1.60:2.9.1-6.20:0.1.6-1.190:0.11.1-4.620:4.0.4-2.10:3.8.7-3.210:1.4.16-15.740:2.0.2.umip.0.4-19.770:4.10.7-1.130:1.5.21-44.380:4.2.6p5-24.30:0.13.0-1.1220:2.0.0-2.90:6.6p1-4.60:1.1.8-11.570:12.1-23.120:2.4.4-4.50:2.0-1.400:2.7.1-5.1910:1.4.14-1.450:5.18.2-3.70:2.82-3.140:3.71-1.1780:6.04-5.40:804.031-3.820:0.38-7.610:4.0.0-6.180:2.4.7-1.70:3.22-267.120:3.6.2-3.620:2.7.7-2.120:3.4.1-2.760:1.4.5-1.50:1.1.7-21.150:0.14-1.70:0.7.0-4.70:2.0.0-40.70:1.0.0-40.70:1.7.4-40.70:8-40.70:1.9.7-2.170:3.0.2-1.920:3.1.0-2.70:8.4.0-2.20:0.11_git201205151338-8.170:2.1-1.60:0.7-14.20:1.7.2.4-1.20:4.3-1.150:5.1.3-4.10:1.8.10p3-1.620:0.83.7-2.10:2.0-778.10:2.88+-94.130:5.1.1-1.170:0.18.1-3.2680:0.2.0-1.620:5.2-8.840:1.3.0-17.30:2.3.1-4.950:3.10.1-1.860:1.4.0-16.90:0.5.3-153.1450:1.2.1-3.640:1.14-4.830:1.10.9-1.110:2.7.0-264.1330:4.4.1_06-2.20:4.4.1_06_k3.12.28_4-2.20:2.99.914-4.10:2.3.15-7.70:5.43-5.330:7.6_1-14.170:1.1.0-3.580:7.6-45.140:7.6_1.15.2-12.170:3.1.108-1.160:3.1.11-1.90:2.10-1020.620:1.7.1-4.10:6.8.8.1-8.20:38.4.0esr-51.10:13.2+git20140911.61c1681-9.10:0.6.35-3.100:5.0.9-8.10:9.9.6P1-30.20:2.25.0-13.10:1.21.1-3.30:6.4-6.40:0.98.7-13.10:1.1.7-5.30:8.22-9.10:2.11-29.10:4.8.5-24.10:4.2-58.30:1.4.11-58.30:1.7.5-9.10:1.0.58-8.10:7.37.0-15.10:1.8.16-14.10:4.3.3-2.20:2.71-8.30:037-66.20:1.42.11-7.10:0.158-6.10:2.0.2-6.10:5.19-9.10:2.10.9-8.10:11.2.202.548-111.10:2.5.5-7.5.10:2.9.3-5.10:2.1.0-5.10:3.10.0.1-23.10:2.19-31.90:3.10.1-11.10:3.10.2-20.10:3.10.4-40.10:3.2.15-11.10:0.10.23-17.10:6-11.10:52.1-7.10:1.7.0.91-21.20:1.6.1-2.3.10:1.6.1-2.4.210:1.8.0.65-1.130:1.15.5-8.4.10:3.12.49-11.10:1.12.1-19.10:1.3.0-6.10:5.3.2-1.810:1.4.7-4.10:1.7.4-9.20:3.1.2-9.10:1.2.0-3.10:2.25-30.10:2.25-30.40:0.41.rc1-4.10:4.2.4-4.190:9.4.5-4.10:9.4.5-4.50:3.19.2.1-29.10:1.6.1-16.10:210-83.20:1.11.5.1-14.10:1.900.1-170.10:2.4.8-16.20:1.3.1-30.30:62.1.0-30.10:1.3.1-30.10:8.0.2-30.30:1.3.0-9.10:3.1.2-7.10:0.4-10.10:10.0.21-1.170:0.9.8j-81.10:1.0.1i-34.10:1.5.22-2.20:1.6.8-5.10:0.113-4.10:2.7.9-20.60:3.4.1-12.10:4.8.6-4.20:4.8.6-4.10:5.0.2.2-13.140:2.1.2-9.10:1.0.25-21.10:5.7.3-4.20:0.29-1.40:0.12.5-2.20:1.4.3-11.10:0.6.3-8.10:3.7-4.10:4.0.4-12.20:0.8-3.10:1.2.18.1-4.220:0.2.8.4-242.30:3.1.1-4.10:2.9.1-10.10:0.1.6-7.10:0.11.1-9.10:4.0.4-13.10:12.5-25.150:4.10.10-9.10:1.5.21-49.10:4.2.8p4-1.30:2.0.0-5.10:6.6p1-29.10:2.3.8-16.3.10:9.20.1-3.20:1.1.8-14.10:2.7.5-7.10:2.0019-5.30:0.38-10.10:2.3-5.10:2.7.9-20.20:2.3.0-6.5.20:2.3.1-5.70:1.0.0-5.70:1.8.1-5.70:8-5.70:0.2.1_rc4-16.20:4.11.2-10.10:8.4.0-8.30:1.4.8-8.20:0.9-2.140:5.1.3-18.10:0.83.8-7.10:1.27.1-4.10:4.5.1-7.10:5.2-10.30:1.4.3-7.20:6.00-32.10:1.4.0-26.10:1.14-7.10:1.12.7-15.10:2.2-8.10:20140630-5.10:4.5.1_12-2.30:4.5.1_12_k3.12.49_11-2.30:2.99.914-7.10:7.6_1.15.2-36.210:3.1.155-1.130:3.1.18-1.50:1.7.1-6.112.20:6.8.8.1-33.10:45.4.0esr-81.10:1.0.12-8.60:13.2+git20140911.61c1681-28.10:0.6.42-14.20:1.6.3-3.30:3.1.14-7.30:4.8.6+2.3.3-3.10:2.32.1-16.10:4.12.0-7.30:10.66.3-4.10:1.2.0-10.10:5.0.9-21.60:0.6.32-30.360:4.3-78.390:6.3-78.390:9.9.9P1-46.10:2.26.1-9.12.10:1.2.4-5.30:1.0.6-29.20:6.5-8.90:0.99.2-25.10:1.3.3-10.140:0.1.26-6.30:8.25-12.80:4.8.5-30.10:2.9.0-7.10:5.8-7.10:1.7.5-12.40:1.0.58-13.10:7.37.0-28.10:1.8.16-19.10:4.3.3-9.10:0.97.3-15.630:2.71-10.10:3.0.26-6.50:044-87.10:103-7.10:24.3-16.320:3.12.12-5.120:3.20.4-7.70:3.20.1-5.660:2.1.0-17.10:6.3.26-12.30:2.11.0-12.50:2.11.1-7.10:2.0.0~git.1463131968.4e66df7-11.690:2.6.3-7.8.30:2.1.0-12.10:2.34.0-16.20:2.40.15-4.50:3.10.0.1-52.50:9.15-6.50:2.8.18-4.70:2.48.2-10.20:2.22-49.160:3.20.0-27.20:3.20.4-7.20:3.20.1-40.50:3.20.4-70.40:2.0.24-3.20:2.02~beta2-104.160:0.10.23-20.510:2.24.31-7.110:7-13.10:1.4.14-4.110:1.5.0-7.100:1.2.0-7.310:1.7.0.111-33.10:1.8.0.101-14.30:1.15.5-8.7.10:0.8.15-28.50:4.4.21-69.10:1.12.5-39.10:0.2.0-5.10:1.3.0-11.10:5.6.1-11.70:5.6.1-9.40:1.5.1-10.30:1.5.0-6.20:1.6.0-12.60:3.1.2-22.10:5.3.1+r233831-9.10:2.28-40.280:2.28-40.170:2.28-40.10:4.2.4-26.20:4.4.2-29.40:9.4.9-14.10:3.21.1-46.20:2.6.3-7.8.20:1.6.1-16.33.10:5.0.5-12.10:2.0.0-353.6.20:1.3.1-6.10:0.9-6.240:2.7.1-9.10:1.28-4.10:1.13.4-18.100:2.4.11-23.200:2.12.5-1.120:1.3.0-23.10:2.4.41-18.25.10:1.1.26-10.40:0.4-14.40:10.0.27-12.10:1.6-2.20:0.52.16-1.830:1.0.2j-55.10:0.9.8j-102.10:4.0.0-9.10:1.40.1-9.50:1.2.50-13.10:1.5.22-4.10:1.6.8-11.10:0.113-5.6.10:0.43.0-15.10:0.24.4-12.10:0.4.13-16.30:0.4.13-16.60:2.7.9-24.20:4.8.6-7.10:5.1.5.2-29.40:2.1.2-12.30:1.0.25-25.10:2.54.1-4.50:0.31-7.20:0.12.7-6.30:3.8.10.2-3.10:1.5.2-2.10:1.4.3-19.10:0.6.3-11.10:228-117.120:3.7-11.10:0.1.25-4.20:4.0.6-26.30:1.0.10-2.30:1.1.1-6.730:2.0.0-26.20:0.28.2-19.70:1.10-3.10:3.1.1-12.30:2.9.4-27.10:0.11.1-12.10:4.0.4-6.10:12.5-28.10:4.12-15.20:1.6.0-54.10:4.2.8p8-14.10:2.0.0-11.10:7.2p2-55.10:2.3.8-16.6.40:9.20.1-6.10:5.18.2-11.10:4.0.0-11.60:3.8.5-5.10:2.7.9-24.10:1.5.7-7.50:16.0.0-2.3.20:2.8.1-6.11.10:2.6.1-27.150:1.0.0-27.150:1.9.1-27.150:8-27.150:3.4-6.140:0.2.3-21.40:4.11.2-15.10:3.1.0-12.10:8.4.0-14.10:0.9-20.30:1.7.2.4-3.10:4.3-6.20:5.1.3-22.10:1.8.10p3-6.160:3.0-85.10:0.84.0-13.10:2.88+-96.10:1.27.1-8.10:4.5.1-10.10:0.18.3-5.70:2.3.4-6.50:1.18.4-14.2160:3.20.2-5.80:0.5.3-157.10:1.14-10.30:1.12.13-31.10:2.2-14.20:4.7.0_12-23.40:2.99.917.641_ge4ef6e9-12.30:4.3.0-8.80:7.6_1.18.3-57.340:5.22-7.10:3.1.206-37.1.20:3.1.23-6.380:3.1.57-16.712.30:6.8.8.1-70.10:52.2.0esr-108.30:1.0.12-12.40:13.2+git20140911.61c1681-36.10:1.0.27.2-15.10:2.8.2-49.210:0.3.6-10.10:1.2.0-15.30:5.0.9-27.20:4.3-82.10:6.3-82.10:9.9.9P1-62.10:0.99.2-32.10:1.3.3-12.130:2.11-35.10:1.7.5-19.10:1.0.58-17.110:0.2.5-5.10:7.37.0-36.10:1.8.22-28.190:1.8.22-28.140:2.76-17.10:044-113.100:4.9.33_k4.4.73_5-2.40:1.42.11-15.10:24.3-19.20:3.12.12-7.30:2.1.0-20.20:2.4.6-11.30:2.12.0-1.330:2.6.3-7.10.10:2.1.0-23.10:2.34.0-18.10:0.2.0-14.30:9.15-22.10:2.8.18-8.10:2.22-61.30:3.20.5-9.60:3.20.1-49.30:3.20.4-76.30:3.3.27-1.100:2.0.24-8.10:2.02-2.120:1.8.3-9.50:0.10.23-25.10:0.10.36-17.130:0.10.31-16.10:1.8.3-17.20:1.8.3-12.110:1.8.3-15.10:2.0.9-8.30:7.4.326-16.10:3.16.11-1.330:1.5.0-11.20:1.7.0.141-42.10:1.6.2-2.8.30:1.6.2-2.10.30:1.8.0.131-26.30:0.8.16-5.10:4.4.73-5.10:4.7.4-1.130:5.6.2-5.90:5.6.2-1.310:1.6.2-11.10:5.0.1-7.10:1.7.4-17.10:3.5.11-5.10:0.9.8-7.10:1.2.2-7.10:1.0.10-7.10:1.0.8-7.10:1.6.0-18.11.10:3.1.2-25.10:5.3.1+r233831-12.10:0.10.2-3.10:2.29.2-2.30:2.29.2-2.20:1.15.2-24.10:1.9.1-5.10:0.41.rc1-9.10:4.6.5+git.27.6afd48b1083-2.110:9.6.3-2.10:9.6.3-2.40:2.5.2.26539-15.10:3.29.5-57.10:7.2d-5.10:1.6.1-16.39.10:0.6.0-5.10:1.3.1-9.10:2.7.1-12.10:1.13.4-33.20:1.900.14-194.10:4.12.0-10.10:2.4.41-18.29.10:1.1.29-1.130:2.4.2-16.10:5.2.4-6.10:10.0.30-28.10:10.66.3-7.10:2.1.0-3.10:1.0.2j-59.10:0.9.8j-105.10:1.1-3.10:3.5.0-20.10:8.39-7.10:1.8.10-6.10:1.12-19.10:1.2.50-19.10:1.5.22-9.10:1.6.8-14.10:5.0-4.10:2.7.13-27.10:3.4.6-24.10:1.2.4-10.10:5.2.5.1-42.130:2.1.9-18.10:1.0.25-35.10:0.33-1.330:0.12.8-1.170:3.8.10.2-8.10:228-142.10:4.9-1.70:4.0.7-43.10:1.0.1-16.10:0.5.0-11.10:3.3.0-4.280:10.1.5-2.170:2.2.7-47.10:2.9.4-45.10:1.1.28-16.10:1.2.8-11.10:4.0.4-14.10:0.13.62-9.10:3.11.0-1.150:2.7-3.10:4.13.1-18.10:4.2.8p10-63.30:2.0.0-17.10:7.2p2-69.10:2.3.8-16.17.10:1.1.8-23.10:1.4.25-4.10:4.0.2-1.290:2.4.7-3.40:3.8.5-14.10:2.8.1-6.16.10:2.9.0-5.100:1.0.0-5.100:1.10.2-5.100:8-5.100:0.2.3-23.10:1.4.7-20.10:8.24.0-1.200:1.0.24-3.10:1.4.8-16.10:0.9-23.140:5.1.3-25.10:1.8.20p2-1.30:3.0-94.10:2.88+-99.150:1.27.1-14.10:4.9.0-13.10:5.0.14-3.10:0.5.3.git20161120-160.10:1.14-20.10:4.9.0_08-2.20:2.99.917.770_gcb6ba2da-1.230:4.3.0-12.10:7.6_1.18.3-71.10:3.2.36-1.110:3.2.2-1.290:3.2.11-1.470:1.4.2-5.20:4.0.22+git.1455008135.15c5e92-8.930:1.6.5-5.90:1.1.15-19.150:1.4.35-1.340:3.10-17.10:1.7.3-3.80:4.0.25+git.1485179354.eb43835-2.190:1.6.11-10.20:1.1.16-4.80:1.4.35-3.10:12-00:1.6.2-31.20:3.10-15.10:1.5.4-2.50:1.6.0_sr16.1-5.90:3.4.5-3.50:5.5.14-4.200:7.0.7-15.10:4.4.13-2.10:4.5.0-5.10:6.9.5-7.10:13.2+git20140911.61c1681-1.80:0.6.35-1.960:1.0.27.2-11.40:1.9.4-1.60:1.9.2-1.270:1.0.15-4.2210:3.1-4.4980:2.4.10-6.10:1.2.40-1.60:1.0.8-9.80:2.0.8-8.30:1.13.4-4.560:9.9.5P1-1.70:1.0.6-27.8860:8.22-5.50:4.8.3+r212056-6.40:1.2.0-3.120:2.2.13-2.70:103-5.80:0.158-3.820:6.3.26-5.90:5.19-2.320:3.0.3-3.30:2.5.3-2.80:1.1.36-54.750:2.1.0-3.80:1.8.5.2-2.50:2.38.2-5.90:3.10.4-22.20:1.26.9-1.230:3.7.4-1.390:3.14.6-3.50:6-7.30:1.5.0-2.90:1.1.1-120.2380:1.7.0.6-33.30:1.15.5-7.70:6.8.8.1-5.80:1.5.3-1.770:1.5.1-2.70:2.5.3-2.90:3.10.5-1.60:2.0-12.60:2.08-1.60:1.0.1i-2.70:1.36.3-4.20:0.24.4-3.80:0.24.4-3.90:4.8.6-2.80:4.8.6-2.90:3.7-2.60:2.7.1-4.840:1.3.3-8.60:7.4.0-13.1310:2.1.17-1.180:4.10.7-1.60:2.1.2-8.90:2.1.2_k3.12.28_4-8.90:2.1.2_k3.12.28_4-8.140:2.4-724.650:12.1-23.60:2.3.18-35.710:2.6.7-2.10:3.22-267.30:2.7.7-2.70:1.1.7-21.80:0.99.22.1-3.1280:4.3-1.90:3.3.13-1.80:1.4-23.10:5.00-1.190:2.5-1.550:2.88+-94.60:7.0.55-2.80:1.10.9-1.50:2.7.0-264.380:7.6_1-14.80:7.6-45.70:3.1.108-1.60:1.9.4-1.310:1.9.2-1.1490:2.4.16-5.10:1.2.40-5.20:1.0.8-13.30:2.0.8-11.430:1.5.2-2.30:3.0.3-10.10:1.8.5.6-11.100:1.26.10-4.270:0.8.0-11.20:1.7.1_sr3.10-14.10:1.8.0_sr1.10-2.360:1.3.10-4.10:2.7-1.20:4.8.6-4.60:2.4.41-18.3.10:2.1.2-4.5.80:2.1.2_k3.12.49_11-4.5.80:1.2.26-6.10:2.6.9-2.10:3.0.8-1.40:3.3.13-4.20:5.00-3.10:2.5-4.440:8.0.23-1.800:3.0.2-24.10:2.4.23-14.70:1.0.14-18.30:2.5.37-8.10:1.13.4-6.20:2.3-3.1100:0.7.2-1.20:1.8.5.6-18.10:1.32.4-14.180:0.8.0-15.160:1.7.1_sr3.50-28.20:1.8.0_sr3.0-10.10:1.7.1-1.840:4.8.6-7.30:1.1.32-9.10:0.9.9-16.10:7.4.3-15.650:2.5.1-24.150:1.3.2-17.10:2.7.1-5.60:0.99.22.1-12.10:3.0.18-26.10:3.5.21-23.40:3.0-7.150:8.0.36-11.40:3.0.2-31.10:1.0.15-6.100:2.4.23-28.10:7.1.8-3.90:7.1.8_k4.4.73_5-3.90:2.2.30.2-14.20:3.0.14-1.80:2.12.3-26.10:1.32.4-19.240:0.8.0-18.10:1.1.1-255.20:1.7.1_sr4.5-37.10:1.8.0_sr4.5-29.10:0.9.30-5.10:1.1.34-12.10:1.4.33-3.10:2.7.0-2.290:4.021-11.10:2.5-9.10:1.3.3-5.30:2.7.3-1.170:3.12-25.10:0.99.22.1-15.10:3.0.25-48.10:3.5.21-25.10:1.4-29.10:3.0-10.150:8.0.43-23.10:2.0.0-2.10:3.0.2-39.10:1.0.15-4.1810:3.1-4.3640:1.4.16-15.670:1.1.0-147.670:0.2.5-3.720:1.12.12-181.540:2.2.13-2.30:1.5.1-1.110:1.22.2-5.2870:3.7.4-1.360:1.2.1-3.560:7.4.326-2.140:1.6-7.2090:1.0-6.380:s20121221-2.170:1.1.1-120.1130:1.0.3-1.20:3.18-1.180:2.1.0-4.30:1.6.2-4.100:1.0.7-3.530:1.1.14-3.590:1.3.2-3.600:5.0.1-3.520:1.0.2-3.570:0.9.8-3.550:1.1.4-3.570:1.2.2-3.590:1.0.10-3.560:1.0.8-3.560:1.1.4-3.580:1.1.3-3.530:1.5.3-1.460:1.5.1-2.30:1.1.3-3.510:0.6.21-6.30:7.2d-3.750:0.4-3.760:0.9-6.220:0.11-2.150:1.19-17.280:2.4.2-14.300:0.8.8.4-13.630:2.1.5-27.790:0.30.0-3.640:1.8.10-3.40:5.0-2.20:2.0.10-3.630:0.4.8-18.550:1.9.1-1.2180:2.1.3-1.130:2.7.1-4.550:3.8.7-3.140:2.0.2.umip.0.4-19.630:0.13.0-1.1070:2.4-724.560:2.4.4-4.40:2.0-1.390:1.4.14-1.420:2.82-3.120:3.71-1.1450:804.031-3.760:2.4.7-1.40:0.7.0-4.30:1.9.7-2.120:0.11_git201205151338-8.140:2.1-1.40:5.1.1-1.160:2.3.15-7.30:5.43-5.300:1.1.0-3.570:3.1.206-36.30:2.10-1020.560:2.4.0-167.10:2.12.6-3.420:2.5.3-4.130:3.0.3-3.100:1.8.5.2-2.320:1.0.1-5.10:3.8.3-261.1350:3.12.28-4.30:3.12.28-4.20:1.3.0-25.50:1.1.12-7.10:3.6.10-4.1240:4.8.6-2.290:1.3.7-1.370:1.8.10-1.250:0.148.1-1.70:1.7.3-1.20:3.2.5c-2.80:2.5.5-1.30:3.12.49-11.20:1.1.13-10.40:1.8.10-15.10:1.0.20100204cvs-25.30:2.8.2-3.10:0.152.0-11.10:5.5.14-39.10:2.0.0.b5-3.20:0.7-5.10:1.0.9-1075.10:1.11.4-1.70:3.6.10-4.970:0.15.4-3.890:1.3.7-1.80:1.8.10-24.10:2.2.7-3.260:2.8.2-9.10:5.1.35-3.10:4.03.0-6.9.10:5.5.14-73.10:2.4.0-168.10:1.8.12-1.290:1.10.9-3.10:0.24.1-6.10:0.24.4-14.3.10:2.8.2-14.10:0.158.0-14.10:5.5.14-108.10:7.0.7-49.10:3.03.0-3.10:4.3.5.2-10.10:4.3.3.2-6.10:1.7.5-5.10:3.12.38-44.10:3.12.39-47.10:3.12.32-33.10:3.12.43-52.6.10:1.12.1-16.10:3.12.44-52.10.10:2.7.3-4.10:3.12.36-38.10:3.12.44-52.18.10:3.12.48-52.27.10:1.12.1-9.10:1.3.0-4.20:1.1.3-4.30:1.1.3-4.90:0.2.10-4.80:1.1.3-3.20:0.0.2-4.10:1.1.2-4.30:0.12.1-3.10:0.9.4-4.50:1.3-4.10:0.23-4.10:3.12.51-52.31.10:1.12.1-22.20:1.3.8-2.3.10:0.9.26-3.3.10:3.12.60-52.49.10:3.12.60-52.54.20:5.1.3.2-22.90:3.12.51-52.34.10:3.12.51-52.39.10:1.12.1-25.10:3.12.55-52.42.10:9.15-6.10:1.5.3-17.10:1.12.1-28.10:1.5.4-20.30:1.6.1-23.10:210-70.48.10:3.12.55-52.45.10:3.12.51-60.20.10:1.3.8-4.10:0.9.26-4.10:3.12.59-60.41.20:3.12.59-60.45.20:3.12.51-60.25.10:3.12.62-60.62.10:1.12.1-36.20:4.02.3-6.6.140:6.1.6-10.10:210-114.10:9.15-11.10:3.12.62-60.64.8.20:9.15-14.10:9.15-17.10:3.12.67-60.64.18.10:3.12.67-60.64.21.10:3.12.67-60.64.24.10:3.12.53-60.30.10:3.12.57-60.35.10:210-104.10:3.12.69-60.64.29.10:3.12.69-60.64.32.10:2.8.7-27.10:3.12.69-60.64.35.10:15.2.1-8.10:1.16.10-12.6.10:9.15-20.10:3.12.74-60.64.40.10:4.4.21-84.10:4.4.21-90.10:4.4.59-92.24.20:228-149.20:5.3.3.2-40.5.90:4.4.74-92.29.10:228-150.7.10:0.43.0-16.5.10:4.4.74-92.32.10:4.4.74-92.35.10:2.6.1-10.3.10:228-132.10:4.4.74-92.38.10:1.12.5-40.13.10:4.4.90-92.45.10:1.12.5-40.16.10:2.8.7-28.3.10:4.4.90-92.50.10:4.4.103-92.53.10:4.4.49-92.11.10:4.4.49-92.14.10:4.4.59-92.17.30:4.4.38-93.10:4.4.59-92.20.20:4.4.103-92.56.10:228-150.29.10:9.15-23.7.10:4.4.114-92.64.10:5.4.5.1-40.24.10:228-150.32.10:1.7.5-20.3.10:4.4.103-92.59.10:4.4.120-92.70.10:1.12.5-40.23.10:228-150.9.20:4.4.82-6.3.10:5.3.5.2-43.5.40:4.4.82-6.6.10:4.4.92-6.18.10:4.4.92-6.30.10:4.4.103-6.33.10:4.4.103-6.38.10:4.4.114-94.11.30:5.4.5.1-43.19.10:0.9.34-3.3.20:4.4.120-94.17.10:4.03.0-8.3.10:4.4.126-94.22.10:1.1.3-24.6.10:6.0.3.2-43.30.20:4.4.103-94.6.10:1.3.0-22.30:3.2.15-4.10:11.2.202.425-19.10:12.5-22.10:4.2.6p5-31.10:2.3.2-11.10:1.8.12-6.50:1.8.12-6.10:4.5.1-4.10:0.6.3-4.10:11.2.202.411-4.10:1.7.0.71-6.20:8.4.0-5.10:11.2.202.418-11.10:31.3.0esr-15.20:31.0-9.10:3.17.2-12.40:2.7.7-9.30:2.7.7-9.10:0.9.8j-66.30:1.0.1i-9.30:11.2.202.424-15.10:5.19-5.20:4.4.3_06-22.15.10:4.4.3_06_k3.12.48_52.27-22.15.10:38.5.0esr-54.10:9.9.6P1-28.6.10:0.9.8j-87.10:7.6_1.15.2-21.10:3.2.1-3.50:2.02~beta2-56.9.40:11.2.202.559-117.10:31.5.0esr-24.10:2.5.3-5.10:9.3.6-5.10:9.3.6-5.20:6.00-28.10:11.2.202.451-77.10:1.7.0.75-11.30:2.19-20.30:1.0.1i-20.10:0.9.8j-73.20:4.4.1_10-9.10:4.4.1_10_k3.12.36_38-9.10:31.5.3esr-27.10:1.10.13-8.10:0.11.1-6.10:4.4.2_02-15.10:4.4.2_02_k3.12.38_44-15.10:31.6.0esr-30.10:11.2.202.457-80.10:3.2.15-7.20:10.0.16-15.10:1.7.0.79-15.10:1.0.58-5.10:3.10.0.1-16.10:7.6_1.15.2-17.20:11.2.202.429-23.10:4.2.6p5-44.10:11.2.202.460-83.10:0.12.4-6.10:2.0.2-46.10:1.0.0-46.10:1.7.4-46.10:8-46.10:4.4.2_04-18.10:4.4.2_04_k3.12.39_47-18.10:1.3.2-10.20:1.4.1-32.10:31.7.0esr-34.10:2.71-4.10:1.4.0-23.10:31.4.0esr-20.10:3.17.3-16.10:4.4.2_06-21.10:4.4.2_06_k3.12.39_47-21.10:11.2.202.466-86.10:1.10.14-12.10:2.4.39-16.10:7.6_1.15.2-28.40:11.2.202.468-89.10:1.0.1i-25.10:0.9.8j-78.10:7.37.0-5.10:1.6.1-13.10:9.9.6P1-18.10:11.2.202.481-93.10:11.2.202.491-96.10:9.3.8-8.10:31.8.0esr-37.30:3.19.2_CKBI_1.98-21.10:4.10.8-3.10:10.0.20-18.10:4.4.2_08-22.5.10:4.4.2_08_k3.12.43_52.6-22.5.10:9.9.6P1-23.10:1.7.0.85-18.20:9.9.5P1-8.10:2.7.9-14.10:3.10.4-5.110:11.2.202.508-99.10:31.8.0esr-40.10:4.4.2_10-22.8.10:4.4.2_10_k3.12.44_52.10-22.8.10:5.3.1-4.4.20:0.1.6-4.10:1.0.1i-27.3.10:11.2.202.438-27.10:11.2.202.440-31.10:2.24-7.10:38.2.1esr-45.10:31.0-14.10:3.19.2.0-26.20:9.9.6P1-26.10:0.98.5-6.10:1.900.1-166.10:2.0.2-48.4.10:1.0.0-48.4.10:1.7.4-48.4.10:8-48.4.10:1.0.1i-17.10:5.7.2.1-4.3.20:11.2.202.442-67.10:11.2.202.521-102.10:1.2.5-21.10:38.3.0esr-48.10:4.10.9-6.10:0.2.1_rc4-13.3.10:3.12.48-52.27.20:2.25-10.10:2.25-10.30:0.12.4-8.5.10:11.2.202.535-105.10:4.2.6p5-37.20:11.2.202.540-108.10:5.1.3-9.10:2.0.2-48.9.10:1.0.0-48.9.10:1.7.4-48.9.10:8-48.9.10:9.3.10-11.10:0.98.6-10.10:2.19-22.7.10:0.9.8j-70.20:4.4.3_02-22.12.10:4.4.3_02_k3.12.48_52.27-22.12.10:1.1.3-7.10:0.5.0-5.10:1.3.1-3.10:2.8.8-9.10:0.1.1-5.30:0.1.2-4.20:0.1.3-3.50:0.1.1-4.90:0.0.1-2.10:0.9.1-3.10:0.5.7-3.10:0.1.2-5.10:0.3.6-3.30:0.1.4-3.90:0.7.1-3.10:0.0.2-2.30:1-2.10:4.1-6.30:0.1.3-4.30:3.7.1-3.10:0.4.1-3.10:1.18-3.20:20150827-5.10:4.4.1_08-5.20:4.4.1_08_k3.12.28_4-5.20:31.0-17.10:1.10.12-4.10:1.2.50-10.10:1.6.8-8.10:1.3.0-18.10:037-51.17.30:2.0.2-42.10:1.0.0-42.10:1.7.4-42.10:8-42.10:1.4.8-5.3.30:4.1.12-16.10:2.30.6-7.20:0.4-6.10:1.0.1i-27.6.10:11.2.202.554-114.10:1.4.0-19.10:1.12.1-22.50:1.1.24-4.3.10:4.1.12-18.3.10:2.1.5-3.4.10:4.2.6-14.6.10:45.2.0esr-75.20:45.0-28.20:3.12.60-52.54.10:2.19-22.16.20:1.54.0-15.10:0.5.1-8.20:1.3.2-18.10:2.8.8-12.10:1_3335ac1-2.10:0.1.6-6.30:0.11.0-6.20:0.11.0-6.10:0.1.5-7.10:0.4.2-6.10:20160511-11.10:4.0.6-19.10:2.0.2-48.12.10:1.0.0-48.12.10:1.7.4-48.12.10:8-48.12.10:3.1.0-6.10:2.9.1-17.10:9.9.6P1-28.9.10:5.0.5-7.10:2.4.41-18.13.10:2.30.6-10.10:1.7.0.95-24.20:1.2.5-27.10.10:38.6.0esr-57.30:31.0-20.10:3.20.2-37.10:7.37.0-18.10:11.2.202.569-120.10:2.19-22.13.10:9.3.11-14.20:4.2.6-14.3.10:9.4.6-7.10:9.4.6-7.20:38.6.1esr-60.10:1.0.1i-27.13.10:0.9.8j-94.10:2.9.1-13.10:11.2.202.577-123.10:1.4.3-16.10:38.7.0esr-63.30:3.20.2-40.10:4.12-12.10:9.9.6P1-28.12.10:4.1.12-18.8.10:4.0.0-8.10:1.7.0.99-27.10:11.2.202.616-126.10:3.4.0.2-15.10:4.2.1-11.10:4.2.4-18.17.10:3.1.1-7.10:1.6.1-16.27.10:1.12.16-13.10:2.9.1-20.10:1.0.1i-27.16.10:1.7.0.101-30.10:4.2.8p6-46.5.20:3.1.12.4-8.20:38.8.0esr-66.20:6.8.8.1-19.10:0.9.8j-97.10:1.12.9-22.10:11.2.202.621-130.10:4.4.4_02-22.19.10:4.4.4_02_k3.12.55_52.42-22.19.10:1.12.11-25.10:6.6p1-42.10:6.6p1-33.10:10.0.22-20.3.10:3.0-82.10:2.9.1-24.10:2.0.2-48.19.10:1.0.0-48.19.10:1.7.4-48.19.10:8-48.19.10:0.12.4-8.9.10:4.2.8p8-46.8.10:6.8.8.1-25.10:3.1.2-12.10:11.2.202.626-133.10:10.0.25-20.6.10:2007e_suse-19.10:1.1.5-6.10:1.0.8-12.10:3.19.2.2-32.10:9.9.6P1-32.10:2.02~beta2-73.30:1.0.1i-36.10:3.12.51-60.20.20:1.1.24-4.10:4.2.4-6.10:2.1.5-4.10:4.5.2_02-4.10:4.5.2_02_k3.12.49_11-4.10:3.12.59-60.41.10:2.3.1-14.10:1.8.1-14.10:8-14.10:3.12.59-60.45.10:2.19-38.20:6.8.8.1-30.20:11.2.202.632-137.10:9.9.6P1-35.10:2.8.10-7.80:1.2.18.4-11.70:4.5.3_08-17.10:4.5.3_08_k3.12.59_60.45-17.10:45.3.0esr-78.10:1.12.1-36.40:3.1.0-9.30:2.25.35.1-3.10:2.11.0-6.10:10.0.26-9.20:6.6p1-52.10:11.2.202.635-140.10:1.0.1i-52.10:4.5.3_10-20.10:4.5.3_10_k3.12.62_60.62-20.10:4.0.6-31.10:1.0.2-9.10:1.6.2-6.20:5.0.1-5.20:1.7.4-12.20:0.9.8-5.20:1.2.2-5.20:1.0.10-5.20:1.0.8-5.20:11.2.202.637-143.10:2.24.24-3.10:0.8.15-29.10:1.8.22-22.20:1.11.5.1-28.10:2.3.1-21.10:1.0.0-21.10:1.8.1-21.10:8-21.10:2.9.1-26.3.10:3.4.5-17.10:11.2.202.643-146.10:6.8.8.1-40.10:9.9.9P1-49.10:7.37.0-31.10:1.8.0.72-3.20:2.25-37.10:1.900.14-181.10:11.2.202.644-149.10:9.15-17.20:3.10.2-2.3.10:4.2-82.10:6.2-82.10:1.8.0.111-17.10:1.27.1-11.10:1.8.10p3-2.6.10:10.0.28-17.20:7.4.326-7.10:6.8.8.1-47.10:1.7.0.121-36.20:2007e_suse-22.10:8.39-5.10:2.3.1-24.60:1.0.0-24.60:1.8.1-24.60:8-24.60:45.5.0esr-88.10:3.21.3-50.10:45.5.1esr-93.10:4.5.5_02-22.3.10:4.5.5_02_k3.12.67_60.64.18-22.3.10:24.0.0.186-152.10:10.0.22-3.10:4.2.8p9-55.10:4.5.5_04-22.6.10:4.5.5_04_k3.12.67_60.64.24-22.6.10:2.1.0-20.10:45.6.0esr-96.10:6.8.8.1-54.10:1.14-17.10:2.71-13.10:4.2.4-28.3.10:1.2.4-2.3.10:1.2.4-3.4.10:4.0.7-35.10:2.3.1-7.70:1.0.0-7.70:1.8.1-7.70:8-7.70:2.19-35.10:4.3.3-4.10:1.0.1i-44.10:9.9.6P1-38.10:4.2.4-11.10:4.5.2_06-7.10:4.5.2_06_k3.12.53_60.30-7.10:1.2.18.2-8.10:1.8.0.77-6.10:4.2.4-16.10:3.1.41.3-9.10:4.2.8p6-8.20:3.1.22-6.20:1.0.1i-47.10:1.8.0.91-11.10:4.2.8p7-11.10:2.8.1-6.9.10:0.12.5-4.10:10.0.25-6.10:0.10.31-13.3.30:0.10.36-11.3.10:0.10.23-19.3.40:0.10.23-19.6.10:1.8.0.121-20.10:3.2.15-16.10:2.11-32.10:0.12.5-7.10:10.0.29-22.10:45.7.0esr-99.10:4.0.7-40.10:1.0.1i-54.5.10:1.7.0.131-39.10:24.0.0.221-158.10:1.900.14-184.10:6.8.8.1-59.10:2.25-40.10:2.25-40.20:4.5.5_06-22.11.20:4.5.5_06_k3.12.69_60.64.32-22.11.20:1.2.8-6.3.10:9.9.9P1-56.10:6.6p1-54.7.10:037-91.10:1.8.22-24.8.10:0.2.0-10.3.30:10.1.0-5.3.10:25.0.0.127-162.10:45.8.0esr-102.10:4.2.4-28.8.20:24.0.0.194-155.10:9.9.9P1-53.10:1.2.4-2.3.30:25.0.0.148-165.10:9.9.9P1-59.10:0.10.36-11.6.90:1.2.4-2.9.10:1.2.4-2.6.80:1.0.25-28.10:4.2.8p10-60.10:2.1.9-15.10:1.4.3-24.10:1.8.1-9.10:4.5.5_10-22.14.10:4.5.5_10_k3.12.69_60.64.35-22.14.10:2.8.2-54.10:25.0.0.171-168.10:2.3.1-32.110:1.0.0-32.110:1.8.1-32.110:8-32.110:45.9.0esr-105.10:1.8.0.121-23.40:0.2.3-13.3.10:10.0.30-25.10:0.2.1_rc4-17.3.10:2.9.1-26.12.10:1.8-10.9.10:4.2.4-28.14.10:2.2.6-44.30:1.8.10p3-2.11.10:1.2.4-2.3.20:1.6.2-8.10:1.7.4-14.10:3.4.5-19.10:2.6.2-31.20:1.0.0-31.20:1.9.1-31.20:8-31.20:1.8.10p3-8.10:2.28-42.10:2.28-42.40:2.28-42.30:4.7.1_02-25.10:4.7.1_04-28.10:4.4.2-31.10:1.8.3-14.10:1.8.3-9.10:1.8.10p3-10.10.20:1.8.3-9.60:52-31.10:2.9.4-42.10:9.4.12-20.10:4.7.2_06-42.10:2.6.2-41.16.10:1.0.0-41.16.10:1.9.1-41.16.10:8-41.16.10:228-149.30:1.8.10p3-10.13.10:1.2.4-13.10:1.6.1-16.42.10:1.9.1-8.10:5.9-44.10:0.12.1-12.10:0.3.11-9.10:0.0.3-2.10:20170511-15.10:3.2.15-18.3.10:1.0.8-10.10:0.12.7-10.3.10:7.6_1.18.3-74.20:1.1.1-10.10:3.20.1-6.14.10:044.1-109.8.30:1.900.14-195.3.10:1.2.4-14.3.10:1.0.1-16.3.10:0.24.4-14.6.10:0.10.36-14.10:10.0.31-29.3.10:2.2.8-48.6.10:16.15.2-27.21.10:1.13.30-18.13.30:5.9-50.10:0.10.23-22.50:3.8.5-15.3.30:2.40.18-5.3.10:2.54.1-5.3.10:5.1.3-26.5.10:2.1.0-4.3.20:2.9.4-46.3.20:7.37.0-37.3.10:1.8.0.144-27.5.30:1.12-20.3.20:6.8.8.1-71.5.30:3.20.4-77.7.50:2.0.0~git.1463131968.4e66df7-12.3.20:7.2p2-66.10:7.2p2-66.30:0.15.4-9.20:2.1.0-21.3.10:52.1-8.3.10:4.7.3_03-43.9.10:9.4.13-21.5.10:9.6.4-3.6.10:2.34.0-19.5.10:3.20.1-6.16.10:1.12.12-182.3.10:1.8.22-24.2.10:4.7.3_04-43.12.10:4.8.5-31.3.10:24.3-25.3.10:0.11.1-13.3.10:2.2.9-48.9.20:4.0.8-44.3.10:2.6.4-6.3.10:52.3.0esr-109.3.10:2.78-18.3.10:2.1.0-4.6.10:4.4.2-38.11.20:52.4.0esr-109.6.20:3.29.5-58.3.10:2.0.0-27.20.10:2.8.1-268.6.20:2.2-15.3.10:7.37.0-37.8.10:2.3.8-16.20.10:4.9.2-14.5.10:2.2.10-48.12.10:4.7.3_06-43.15.10:1.14-21.3.10:3.6.312-2.13.10:2.18.0-2.9.10:0.10.2-2.4.10:2.6.2-41.22.20:1.0.0-41.22.20:1.9.1-41.22.20:8-41.22.20:1.13.4-34.7.10:6.8.8.1-71.12.10:4.2.1-27.3.30:0.24.4-14.13.10:4.2.4-28.21.10:1.8.0.151-27.8.10:10.2.4+git.1481215985.12b091b-16.20:5.22-10.3.10:7.6_1.18.3-76.15.20:2.8.18-9.3.260:4.2.4-28.24.10:5.18.2-12.3.10:20170530-21.13.10:4.4.2-38.14.10:2.9.4-33.10:1.0.2j-60.16.10:2.29.1-9.20.20:4.7.4_02-43.21.10:52.5.0esr-109.9.10:0.12.7-8.10:1.1.14-4.3.10:7.2p2-74.11.10:7.2p2-74.11.30:1.0.2j-60.20.20:6.8.8.1-71.17.10:0.15.4-16.10:9.6.6-3.10.10:3.20.2-6.19.150:2.2.11-48.15.30:2.34.0-19.8.10:2.28-44.3.10:2.28-44.3.30:4.7.1_06-31.10:1.6.0-16.40:2.6.2-41.9.10:1.0.0-41.9.10:1.9.1-41.9.10:8-41.9.10:10.1.0-8.10:4.4.2-36.20:044-108.10:4.7.2_02-36.10:1.8.3-12.120:4.7.2_04-39.10:2.6.2-39.10:1.0.0-39.10:1.9.1-39.10:8-39.10:4.4.59-92.17.20:4.4.2-38.6.10:1.8.10p3-10.5.10:2.9.4-36.10:2.9.4-39.20:5.6.1-17.3.150:5.6.1-13.3.10:2.3.8-16.14.10:2.1.0-24.3.40:3.1.0-13.10.10:3.22-269.3.50:1.3.0-3.3.10:2.2.12-48.18.10:0.6.21-8.3.10:6.8.8.1-71.20.10:2.0.21-6.3.10:7.37.0-37.14.10:1.3.3-10.3.10:2.18.5-2.18.10:3.2.5e-2.3.20:0.99.3-33.5.10:2.1.0-24.6.10:5.9-58.10:9.9.9P1-63.7.10:1.5.1-11.3.120:103-8.3.10:6.8.8.1-71.33.10:1.0.25-36.7.20:1.5.3-31.7.40:62.2.0-31.7.40:8.1.2-31.7.40:0.16.0-8.5.150:52.6.0esr-109.13.10:2.6.2-41.31.10:1.0.0-41.31.10:1.9.1-41.31.10:8-41.31.10:10.0.33-29.13.10:2.0.0-27.29.10:2.9.4-46.12.10:2.6.3-7.15.10:2.22-62.6.20:9.20.1-7.3.10:4.7.4_06-43.24.10:9.6.7-3.13.10:4.8.30-29.60:4.3.3-10.11.10:0.13.67-10.5.10:3.8.5-15.9.10:6.8.8.1-71.42.10:2.1.0-6.3.10:6.8.8.1-71.23.10:4.60.99-5.3.10:0.5.3-3.3.20:0.22.0+git.20160103-15.6.10:1.2.0-12.3.10:2.22-62.10.10:4.2.1-27.6.10:1.7.0.171-43.12.10:1.8.0.161-27.13.10:9.4.16-21.16.10:20170530-21.19.10:0.90-6.3.10:10.0.34-29.16.10:20180312-13.17.10:0.15.1b-184.3.10:9.6.8-3.16.10:7.37.0-37.17.10:1.3.3-10.6.10:0.99.4-33.9.10:4.3.3-10.14.10:2.2.13-48.21.10:2.22-62.3.40:2.6.2-41.37.10:1.0.0-41.37.10:1.9.1-41.37.10:8-41.37.10:4.4.2-38.17.10:1.12.5-40.23.20:52.7.3esr-109.25.10:6.8.8.1-71.47.10:1.3.1-10.3.10:2.0.0-27.34.10:4.0.9-44.7.10:9.4.17-21.19.10:1.7.0.161-43.7.60:4.9.0beta-3.3.10:4.7.5_02-43.27.10:1.0.2j-60.24.10:9.4.15-21.13.10:10.0.32-29.10.10:2.0.0-18.2.10:20170530-21.16.10:3.1.0-13.7.10:5.9-55.10:7.37.0-37.11.30:2.0019-6.3.50:6.8.8.1-71.26.10:228-150.9.30:4.6.7+git.38.90b2cdb4f22-3.7.10:16.15.3-2.3.10:3.2.4-2.3.10:0.12.1-13.2.10:0.3.11-7.5.10:0.12.1-10.5.10:0.0.3-4.10:0.0.1-4.10:20170511-16.2.10:4.9.0_11-3.9.10:16.15.6-2.8.10:1.13.32-21.3.20:2.9.0-6.3.10:1.0.0-6.3.10:1.10.2-6.3.10:8-6.3.10:4.9.0_12-3.15.10:0.12.8-3.90:3.3.0-5.3.10:4.6.7+git.51.327af8d0a11-3.12.10:4.9.0_14-3.18.10:3.3.0-5.8.10:2.9.1-6.6.30:1.0.0-6.6.30:1.10.2-6.6.30:8-6.6.30:3.6.312.333-3.10.10:4.9.1_02-3.21.10:4.6.9+git.59.c2cff9cea4c-3.17.10:3.3.0-5.13.10:4.9-3.5.10:1.1.1-12.10:1.900.14-195.5.10:4.4.114-94.11.20:4.9.1_08-3.26.10:4.9.33-4.11.10:4.9.33_k4.4.114_94.11-4.11.10:1.2.0-17.3.10:4.6.13+git.72.2a684235f41-3.21.30:2.1.10-3.3.20:2.9.1-6.12.10:1.0.0-6.12.10:1.10.2-6.12.10:8-6.12.10:0.33-3.3.20:1.28-5.3.10:3.3.0-5.19.20:1.4.1-5.8.10:0.13.67-10.8.10:3.4.6-25.7.10:3.20.2-6.22.90:4.2.8p11-64.3.20:2.2.14-48.24.10:4.4.126-94.22.20:0.12.21~rc-1001.3.10:5.18.2-12.11.10:5.0.5-6.7.20:1.54.0-26.3.10:3.20.1-10.6.30:0.1.0-6.6.10:0.13.0-13.6.10:0.3.13-7.9.10:0.13.4-10.9.10:0.0.1-1.3.10:0.0.5-7.10:0.4.7-10.7.10:20180403-16.9.10:2.9.1-6.9.20:1.0.0-6.9.20:1.10.2-6.9.20:8-6.9.20:1.0.0-7.10:1.0.0-9.10:1.5.4-2.4.10:4.2.4-18.30.10:4.2.4-18.44.20:4.2.4-18.35.10:1.0.1+git.1456406635.49e230d-12.10:1.1.13-20.10:1.1.15-21.10:1.0.0+git.1448981395.15fb8b9-4.3.10:4.0.1+git.1495055229.643177f1-2.4.20:1-2.20:2-3.10:1-2.30:3-2.10:2-7.10:2-10.10:2-6.10:1-4.20:1-2.60:4-2.30:2-2.10:2-4.10:1-4.10:5-14.20:2-2.20:4-2.10:5-2.10:6-17.20:6-2.10:2-9.10:7-20.20:7-2.10:3-5.10:1-6.30:8-23.20:8-2.10:2-5.10:3-8.20:4-11.20:1-3.10:7-21.10:7-3.10:6-3.10:4-3.10:3-3.10:8-18.7.10:9-2.10:9-18.10.10:10-4.10:9-4.10:7-4.10:5-4.10:6-4.10:10-18.13.10:4-4.10:3-4.10:1-2.40:10-2.10:11-2.10:1-3.3.10:1-6.10:4-11.10:1-3.3.20:2-2.3.20:1-4.30:1-4.3.10:1-4.5.10:1-4.3.50:2016.11.4-46.7.10:2016.11.4-46.10.10:2016.11.4-45.20:4.8.1-32.3.10:5.0.18-6.10:1.1.7-7.10:1.8.3-49.10:1.4.5-8.100:1.1.2-201607270:1.0.5-201607270:0.2.4+gitr565_0366d7e-9.10:1.12.3-81.20:1.31.0-11.20:0.52.0-9.10:0.1.1+gitr2816_02f8fa7-9.10:1.0.4-201603081706330:1.1.1-201603041041230:1.1.1-201603070826320:2.0.3-2.40:1.10.3-66.10:2.2.0-20.3.10:1.1.4-201710020:1.0.7-201710020:1.0.2-201710060:0.2.5+gitr569_2a5e70c-15.30:1.12.6-87.20:0.1.1+gitr2819_50a19c6-15.20:5.0.18-12.5.10:0.2.9+gitr706_06b9cb351610-16.8.10:17.09.1_ce-98.8.10:0.7.0.1+gitr2066_7b2b1feb1de4-10.10:1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.10:2.6.2-13.6.10:17.02.9-6.10.10:16.05.8.1-6.10:2.33-7.5.170:17.02.10-6.16.10:1.6.0_sr16.2-8.10:1.5.4-5.10:1.5.4-9.10:2.3.37-16.10:1.6.0_sr16.4-15.10:1.6.0_sr16.7-22.20:1.6.0_sr16.3-12.10:1.6.0_sr16.15-27.10:2.3.37-18.13.40:2.4.41-18.13.40:1.6.0_sr16.30-40.10:1.6.0_sr16.35-43.20:1.6.0_sr16.20-30.10:1.6.0_sr16.25-34.10:1.6.0_sr16.26-37.10:1.5.0-0.6.10:1.6.0_sr16.50-50.3.10:1.6.0_sr16.41-46.10:1.6.0_sr16.45-49.10:3.12.60-52.57.10:3.12.60-52.60.10:3.12.60-52.63.10:3.1.4-11.10:3.12.74-60.64.48.10:3.12.61-52.80.10:3.12.74-60.64.51.10:3.12.61-52.83.10:0.9.11-3.10:3.12.61-52.86.10:3.12.74-60.64.54.10:1.15.2-2.6.10:3.12.74-60.64.60.10:3.12.61-52.92.10:3.12.74-60.64.63.10:3.12.61-52.101.10:3.12.74-60.64.66.10:3.12.61-52.106.10:1.4.2-3.3.10:3.12.61-52.66.10:3.12.61-52.69.20:3.12.61-52.72.10:3.12.61-52.77.10:3.12.74-60.64.45.10:3.12.74-60.64.69.10:3.12.61-52.119.10:3.12.74-60.64.82.10:3.12.61-52.125.10:3.12.74-60.64.85.10:3.12.61-52.111.10:5.5.14-7.10:5.5.14-15.10:5.5.14-22.10:5.5.14-30.10:5.5.14-33.20:5.5.14-36.10:5.5.14-11.30:5.5.14-68.10:4.6.0-8.10:5.5.14-78.10:7.0.7-20.10:5.5.14-83.10:4.6.1-11.10:7.0.7-25.10:5.5.14-42.20:5.5.14-86.20:5.5.14-53.10:5.5.14-56.10:5.5.14-59.20:5.5.14-64.50:1.0-2.10:4.8.4-15.5.10:6.11.1-11.5.10:7.0.7-50.9.20:5.5.14-109.5.10:7.0.7-50.18.10:5.5.14-109.8.20:7.0.7-50.23.10:5.5.14-109.13.10:5.5.14-89.20:7.0.7-35.10:5.5.14-96.10:5.5.14-99.10:4.7.3-14.10:7.0.7-38.10:7.0.7-28.20:5.5.14-109.17.10:4.8.7-15.8.10:6.12.2-11.8.10:7.0.7-50.26.10:5.5.14-109.20.10:7.0.7-50.32.10:5.5.14-109.24.10:4.9.1-15.11.10:2.2.13-4.10:8.0.36-17.10:3.0.3-17.4.10:2.4.23-29.3.20:3.0.3-17.9.10:1.1.1-17.3.30:2.12.3-27.5.10:2.4.23-29.6.10:1.0.4-3.3.100:2.12.3-27.9.10:2.5-6.10:8.0.43-29.5.10:2.5.5-6.3.10:2.5.5-3.3.10:1.5.3-2.3.10:3.0.3-14.10:2.4.23-21.10:2.2-3.10:2.2.29.1-11.10:2.4.23-16.30:1.5.6-3.3.20:2.4.23-29.13.10:2.5.1-25.12.70:0.8.0-19.3.10:1.1.1-17.7.10:2.2.31-19.5.10:3.5.21-26.6.10:1.5.6-3.6.10:7.1.5-15.3.450:7.1.5_k4.4.114_92.67-15.3.450:8.0.50-29.8.20:1.2.7-3.3.10:0.9.9-17.5.10:1.4.39-4.3.10:2.5-10.3.10:3.12.58-14.10:3.12.61-60.18.10:3.12.67-60.27.10:3.12.69-60.30.10:4.4.74-7.10.10:4.4.88-18.10:4.4.95-21.10:4.4.104-24.10:4.4.114-27.10:7.1.5_k4.4.21_6-15.3.450:4.4.120-3.8.10:2-2.30:4-2.20:5-2.20:6-2.20:10.0.26-20.10.20:2.4.10-14.17.10:2.25.16.1-3.10:1.0.1i-27.21.10:1.0.14-10.14.30:10.0.27-20.13.10:9.9.9P1-28.20.10:9.3.14-19.20:210-70.58.10:4.4.4_04-22.22.20:4.4.4_04_k3.12.60_52.54-22.22.20:6-5.10:9.9.9P1-28.23.10:2.0.2-48.22.10:1.0.0-48.22.10:1.7.4-48.22.10:8-48.22.10:10.0.28-20.16.20:2.0.2-48.25.10:1.0.0-48.25.10:1.7.4-48.25.10:8-48.25.10:1.7.1_sr3.60-31.20:4.4.4_05-22.25.10:4.4.4_05_k3.12.60_52.57-22.25.10:4.2.8p9-46.18.10:4.4.4_05-22.28.20:4.4.4_05_k3.12.60_52.63-22.28.20:0.98.9-4.10:1.8.10p3-2.16.10:7.0.78-7.13.40:9.9.9P1-28.37.10:1.8.10p3-2.19.10:4.4.4_21-22.42.10:4.4.4_21_k3.12.61_52.77-22.42.10:0.12.4-8.15.10:7.6_1.15.2-30.22.10:3.10.3-2.3.10:5-3.10:10.0.31-20.29.10:2.44.2-2.3.10:9.3.18-25.5.10:1.7.1_sr4.10-38.5.10:4.4.4_22-22.51.20:4.4.4_22_k3.12.61_52.89-22.51.20:10.0.32-20.36.10:0.12.4-8.12.10:10.0.29-20.23.10:2.25-24.10.10:2.25-24.10.30:4.4.4_14-22.33.10:4.4.4_14_k3.12.61_52.66-22.33.10:9.9.9P1-28.29.10:2.0.2-48.31.10:1.0.0-48.31.10:1.7.4-48.31.10:8-48.31.10:1.7.1_sr4.1-34.10:3.12.61-52.69.10:9.9.9P1-28.26.10:9.9.9P1-28.34.10:4.2.8p10-46.23.10:4.4.4_16-22.36.10:4.4.4_16_k3.12.61_52.69-22.36.10:4.4.4_18-22.39.10:4.4.4_18_k3.12.61_52.69-22.39.10:10.0.30-20.26.10:4.2.4-18.41.10:9.3.17-24.20:2.9.1-26.15.10:2.19-22.21.10:4.5.5_12-22.18.10:4.5.5_12_k3.12.74_60.64.45-22.18.10:0.12.5-10.10:7.6_1.15.2-53.3.10:9-3.10:8-3.10:1.8.0_sr4.10-30.5.10:4.5.5_14-22.25.10:4.5.5_14_k3.12.74_60.64.54-22.25.10:9-2.20:2.4.16-20.10.10:4.5.5_16-22.28.10:4.5.5_16_k3.12.74_60.64.57-22.28.10:2.4.16-20.13.10:4.2.4-28.19.30:12-4.10:11-4.10:8-4.10:4.5.5_18-22.31.10:4.5.5_18_k3.12.74_60.64.60-22.31.10:2.3.1-33.3.30:1.0.0-33.3.30:1.8.1-33.3.30:8-33.3.30:1.0.1i-54.8.10:12-2.10:4.5.5_20-22.36.30:4.5.5_20_k3.12.74_60.64.63-22.36.30:8.0.43-10.24.10:1.8.0_sr5.5-30.13.10:1.7.1_sr4.15-38.8.10:2.19-40.6.10:1-2.3.10:20160516git-10.8.10:0.99.22.1-16.4.10:1-2.9.10:2.3.1-33.6.10:1.0.0-33.6.10:1.8.1-33.6.10:8-33.6.10:4.5.5_24-22.43.10:4.5.5_24_k3.12.74_60.64.82-22.43.10:1.8.0_sr5.10-30.16.10:1.7.1_sr4.20-38.16.10:2.19-40.9.50:2.4.16-20.16.10:1.0.1i-54.11.10:1.2.6-5.3.110:10-2.20:8-2.20:7-2.20:1.7.1_sr2.0-4.10:5.19-5.30:0.151.0-8.10:3.12.38-44.50:3.12.39-47.30:3.12.39-47.20:1.8.10-12.10:3.12.32-33.30:2.4.10-12.10:3.12.43-52.6.20:1.7.1_sr3.0-11.10:3.12.44-52.10.30:1.8.5.6-5.10:1.8.10-4.10:3.12.36-38.30:3.12.36-38.20:3.12.44-52.18.30:2.4.10-14.10.10:1.7.1_sr2.10-8.10:1.8.5.6-15.10:1.7.1_sr3.20-18.10:3.12.51-52.31.50:3.12.60-52.49.30:3.12.60-52.54.30:3.12.51-52.34.30:3.12.51-52.39.30:1.7.1_sr3.30-21.10:9.3.11-14.10:1.8.10-18.20:3.12.55-52.42.20:0.99.22.1-5.10:0.99.22.1-9.10:2.8.2-6.10:1.8.10-21.10:1.7.1_sr3.40-25.10:3.12.55-52.45.40:1.8.0_sr2.0-4.10:3.12.59-60.41.80:3.12.59-60.45.40:3.12.59-60.45.30:2.4.16-7.10:0.6+git20160531.fbfe336-5.30:3.12.51-60.25.20:3.12.62-60.62.30:3.12.62-60.64.8.50:3.12.62-60.64.8.30:1.8.0_sr3.10-15.10:3.12.67-60.64.18.30:3.12.67-60.64.21.30:1.8.0_sr3.21-20.10:3.12.67-60.64.24.30:1.8.0_sr2.10-7.10:3.12.53-60.30.20:3.12.57-60.35.30:1.8.0_sr4.0-23.10:3.12.69-60.64.29.30:3.12.69-60.64.32.30:2.4.16-19.10:1.8.0_sr4.1-26.20:3.12.69-60.64.35.30:3.12.74-60.64.40.40:0.24.1-3.10:4.4.21-84.30:4.4.21-90.30:4.4.59-92.24.50:4.4.74-92.29.30:4.4.74-92.32.30:2.10.09-4.5.10:4.4.74-92.35.30:1.8.19-25.3.10:2.8.2-15.3.10:4.4.74-92.38.30:5.1.42-5.4.10:1.10.9-4.3.10:4.4.90-92.45.30:4.4.90-92.50.30:20171128-9.3.20:0.7-9.3.10:0.162.0-15.3.10:4.4.49-92.11.30:4.4.49-92.14.30:4.4.59-92.17.80:4.4.38-93.30:4.4.59-92.20.30:4.4.114-92.64.20:1.7.1_sr4.20-38.12.10:2.8.2-15.6.10:1.2.0-2.3.10:3.0.15-2.3.10:4.4.82-6.3.50:4.4.82-6.3.30:4.4.82-6.6.30:4.4.92-6.18.30:4.4.92-6.30.20:4.4.114-94.11.40:1.2.12-3.3.10:2.8.2-15.10.10:4.4.103-94.6.20:4.4.103-94.6.30:1.3.2-9.10:0.2.3-5.10:3.0.2-18.10:1.4.1-16.10:7.0.55-8.20:2.7.9-14.30:1.2.22-7.10:5.1.3-9.20:5.4-2.4.10:1.2.40-2.6.10:2.8.0-3.4.10:3.2.2-6.10:4.2.4-18.27.90:7.0.68-7.6.10:2.3.18-37.10:3-2.20:2.78-6.6.10:037-51.31.10:2.4.10-14.28.10:4.4.4_24-22.54.10:4.4.4_24_k3.12.61_52.92-22.54.10:1-8.10:2.0.2-48.34.30:1.0.0-48.34.30:1.7.4-48.34.30:8-48.34.30:7.0.82-7.16.10:4.4.4_26-22.59.30:4.4.4_26_k3.12.61_52.101-22.59.30:1-5.10:2.0.2-48.37.10:1.0.0-48.37.10:1.7.4-48.37.10:8-48.37.10:1-1.7.10:20140807git-5.3.10:4.4.4_28-22.62.10:4.4.4_28_k3.12.61_52.119-22.62.10:10.0.34-20.43.10:2.19-22.24.50:1-1.3.10:2.4.10-14.31.10:1.0.1i-27.31.10:1.0.1i-27.28.10:3.3.14-20.20:2.7.9-24.40:8.0.32-8.70:2.3.18-40.10:1.4-27.10:8.0.32-10.13.20:2.7.0-3.10:2.7.0_k3.12.53_60.30-3.10:8.0.32-3.10:2.3-3.3.10:3.3.14-22.6.10:8.0.43-10.19.10:3.12.74-60.64.72.10:20160518_1.9.4-7.5.10:2.5.1-25.12.80:2.7.0-3.3.10:2.7.0-3.10.10:1.4.39-4.6.10:1.0.0-16.10:0.15.0-3.10:1.0.0-19.10:1.2.0-4.10:2.20.0-6.10:2.3.1-3.10:2014.2.4.dev18-3.20:2014.2.4~a0~dev78-7.20:2014.2.4~a0~dev61-6.20:2014.2-5.10:2014.2.4~a0~dev103-10.30:2014.2.4~a0~dev80-14.10:1.54-2.10:2.71-6.3.10:3.1.3-6.10:45.3.0-9.10:53.0.2785.113-100.10:53.0.2785.143-106.10:45.4.0-12.10:5.5.5-12.10:1.4.3-6.10:5.20.0-6.10:5.21.0-18.10:2.8.8-6.10:2.8.8-22.10:54.0.2840.90-112.10:45.5.1-17.10:55.0.2883.75-2.10:45.6.0-20.10:51.0.2704.103-85.30:1.4.5-5.10:2.5.0-2.10:1.2.5-8.10:1.5.3-4.10:2.17-4.10:1.6.0-18.10:1.6.2-4.10:45.2-6.10:52.0.2743.82-89.10:5.21.0-15.10:3.0.7-6.10:52.0.2743.116-92.10:1.6.1-6.10:61.0.3163.79-29.10:1.0.4-5.10:61.0.3163.100-32.10:2.1.0-6.10:1.5.2-6.10:2.0.5-2.10:3.3.4-11.10:3.99.5-2.20:0.3.13-2.20:2.1.0-9.10:2.1.0-19.10:52.4.0-45.10:1.3.19-8.10:1.3.19-18.10:0.24.3-6.10:1.0.5-32.10:1.5-5.10:2.0.5-7.10:2.0.3-14.10:4.0.2-9.10:2.4.1.0-6.10:3.4.10-5.10:52.5.0-48.10:0.3.1.9-8.10:63.0.3239.84-40.10:18.3.4.7-9.10:63.0.3239.108-43.10:1.9.9-6.10:52.5.2-51.10:4.7.7-14.10:45.7.0-23.10:15.12.3-6.10:0.24.6-10.10:1.0.1-18.10:56.0.2924.87-5.10:4.14.25-5.30:5.26.0-5.10:5.26.0-6.20:4.14.25-5.20:45.8.0-27.10:1.0.2-21.10:57.0.2987.98-8.10:1.3.19-5.10:1.3.19-15.10:57.0.2987.133-11.10:1.4.2-5.10:3.1.6-5.10:2.8.10-9.10:3.2.4-6.3.10:58.0.3029.81-14.10:58.0.3029.96-17.10:52.1.0-30.10:5.26.0-6.10:5.26.0-2.3.10:4.14.25-8.20:4.14.25-7.4.10:59.0.3071.86-20.10:1.0.3-25.10:0.8.21-12.10:2.8.11-12.10:3.1.8-8.10:52.2-36.10:59.0.3071.104-23.10:1.7.0-12.10:16.08.2-5.20:16.08.2-5.10:2.8.12-15.10:1.0.4-28.10:60.0.3112.78-26.10:15.12.3-8.10:16.08.2-3.10:52.3.0-42.10:52.6-54.10:64.0.3282.119-46.20:20180101-5.10:64.0.3282.140-49.10:20180201-8.10:20180201-12.10:5.8.7-8.10:64.0.3282.167-52.10:1.1.1-43.10:3.4.2-14.10:3.4.2-10.10:1.0.6-36.10:14.4.2-5.10:1.3.19-11.10:1.3.19-21.10:0.15.1b-5.10:4.7.8-17.10:3.100-6.10:3.100-7.10:1.0.5-8.10:1.9.4-15.10:1.9.4-5.10:0.3.2.10-14.10:1.8.7-5.10:1.11.10-5.10:1.11.11-8.10:1.13.9-12.10:52.7-57.10:4.1.2-5.10:1.3.19-14.10:1.3.19-24.10:4.8.0.1-20.10:1.8.17-5.10:4.0.6-12.10:2.1.0-8.10:4.14.18-6.20:5.20.0-6.20:5.20.0-7.10:4.14.18-9.10:64.0.3282.140-138.10:0.9.1-154.2411.10:3.5.9-0.1.10:0.7.0.r4359-15.22.490:0.7.0.r1053-11.16.610:1.6.1-83.17.10:0.3.14-2.12.1050:0.5.12-23.40.50:0.5.12-23.40.60:2.17.35-0.2.170:0.9-14.34.90:0.9-14.34.110:2.6.2-1.140:2.2.10-2.24.50:2.0.4-40.190:5.2.6-50.24.10:0.6.23-11.19.220:9.5.0P2-20.7.10:1.36.0-11.170:1.0.5-34.2460:3.4.3-1.17.20:1.34b-11.17.20:0.96-0.12.10:1.1.0-22.240:4.1-194.24.40:1.3.9-8.30.10:7.19.0-11.24.250:2.3.11-60.21.10:1.2.10-3.11.290:1.2.10-3.11.330:3.1.3.ESV-0.3.380:1.41.9-2.1.510:22.3-4.32.40:1.6.4-152.17.550:2.28.2-0.2.680:2.28.2-0.10.90:2.0.1-88.26.10:6.3.8.90-13.16.10:4.24-43.170:4.4.0-38.24.110:2.1.1-7.7.19.770:2.3.7-25.10.10:2.3.7-25.90:2.7.2-61.18.10:2.5.26-1.250:1.1.36-26.310:2.0.36.RC1-52.180:8.62-32.27.310:4.2.7-32.27.310:2.22.5-0.2.230:2.2.23-1.41.10:2.4.8-1.2.550:2.28.3-0.4.300:2.4.1-24.19.10:2.0.9-25.25.10:0.10.25-1.1.1330:0.10.17-1.1.1260:2.18.9-0.4.10:7.2-8.80:1.3.12-69.19.10:3.9.8-3.4.300:0.7.3-1.1.930:1.4.2_sr13.3-1.1.10:1.6.0_sr7.0-1.6.210:4.3.5-0.8.350:4.3.5-0.8.400:3.5.10-20.310:3.5.10-23.27.10:4.3.5-0.2.460:2.6.32.12-0.7.10:1.6.3-133.27.10:1.6.3-133.210:1.6.3-133.120:0.12.3-0.11.10:1.17-77.14.190:6.4.3.6-7.20.10:4.6.2-1.6.90:4.6.2-1.6.110:4.6.2-1.6.100:1.4-73.210:1.3.4-12.20.20:1.3.3-11.16.10:2.5.5-5.190:2.4.17-0.3.120:0.6.17-2.120:0.17.1-31.200:2.28.0-1.2.200:4.0-7.24.110:2.2.6-2.131.10:2.1.5-5.180:5.0.67-13.20.10:0.28.3-2.12.10:10.26.44-101.9.10:0.11.6-5.25.10:0.9.8h-30.27.110:1.2.31-5.12.10:0.12.3-1.2.440:0.9.21-1.5.260:2.6.0-8.9.200:0.8.4-194.23.380:0.18-1.150:0.2.1-1.2.160:0.1.4-1.150:1.0.20-2.1.460:5.4.2.1-8.2.10:2.28.2-0.1.1510:3.8.2-141.8.10:0.7.6-1.9.80:1.2.0-79.120:2.7.6-0.1.370:1.1.24-19.150:1.2.10-1.360:2.1.12-0.1.10:2.5.2-17.160:2.0.1-1.19.10:1.9.0.19-0.1.10:1.9.1.9-1.12.10:1.5.17-42.33.10:3.0.6-1.21.10:1.4.13-1.350:4.2.4p8-1.3.280:5.1p1-41.31.360:2.6.16-1.34.30:2.0.9-143.310:1.0.4-0.5.120:2.3.1-47.10.150:184-147.200:0.47-13.13.650:5.10.0-64.47.80:3.56-1.18.10:804.028-50.240:3.2.5-26.22.180:8.3.9-0.1.10:0.24.8-1.3.50:2.6.0-8.9.280:3.3.8b-88.210:0.99.15-0.1.550:3.0.4-2.33.820:1.8.7.p72-5.24.20:2.7.STABLE5-2.4.10:1.5final-28.190:1.6.9p17-21.3.10:2.0.9-27.27.190:8.1.5-7.9.560:1.0-0.15.160:1.20-23.23.10:3.80.2-2.80:5.52-142.23.430:0.5.2-132.1.370:1.11.4-1.15.10:1.0.5-1.34.10:1.0.2-36.180:4.0.0_21091_04-0.2.60:4.0.0_21091_04_2.6.32.12_0.7-0.2.60:7.4-9.24.150:7.4-27.19.190:3.02-138.26.10:238-1.160:2.10-911.2211.20:10.0-0.3.20:0.7.1_git20090811-3.20.50:0.7.1-5.22.280:0.3.14-2.23.1260:0.5.12-23.58.220:0.5.12-23.58.210:0.9-14.39.10:0.9-14.39.20:11-6.65.10:1.0.6-91.16.10:2.7.0-18.7.10:2.2.12-1.28.10:1.2.26-1.30.1100:5.2.14-0.7.24.10:5.3.8-0.19.60:9.6ESVR5P1-0.8.10:1.0.5-34.253.10:5.1-0.4.90:0.97.3-0.2.10:4.1-194.199.10:1.3.9-8.44.10:7.19.7-1.18.10:2.3.11-60.65.64.10:1.2.10-3.23.10:0.76-34.22.10:4.2.3.P2-0.7.20:3.2.3-44.28.10:1.0.22-3.21.20:1.41.9-2.7.10:61-1.29.10:0.2-1001.30.10:22.3-4.40.10:1.6.4-152.22.10:2.28.2-0.7.20:2.28.2-0.26.33.140:6.3.8.90-13.20.19.10:4.24-43.19.10:4.4.0-38.26.10:3.0.2-269.35.10:2.1.1-7.10.10:2.3.7-25.28.10:2.7.2-61.23.10:8.62-32.28.10:4.2.7-32.28.10:2.11.3-17.31.10:2.2.23-1.50.10:2.28.3-0.28.10:2.4.1-24.39.33.10:2.0.9-25.33.27.10:0.10.35-5.15.80:0.10.30-5.8.110:2.18.9-0.21.40:7.2-8.15.20:3.11.10-0.6.7.10:1.4.2_sr13.10-0.4.10:1.6.0_sr9.3-0.4.10:1.14.1-16.31.10:4.3.5-0.10.20:4.3.5-0.6.10:4.3.5-0.4.10:3.0.13-0.27.10:1.6.3-133.48.48.10:0.15.1-0.17.30:1.34b-12.18.30:3.6.3-0.18.30:6.4.3.6-7.22.10:4.6.3-5.12.10:1.3.4-12.22.21.20:1.3.4-12.22.21.10:1.3.3-11.18.17.10:2.11-2.17.10:0.34-2.5.10:2.4.27-0.6.60:3.13.1-0.2.10:2.6.7-0.5.760:1.0.0-307.10.10:4.0-7.26.10:5.0.94-0.2.4.10:0.29.6-6.7.10:0.52.10-1.35.70:0.11.6-5.27.10:0.9.8j-0.26.10:1.2.31-5.25.10:0.12.3-1.3.10:0.9.23-0.7.1280:2.6.0-8.12.20:4.6.3-5.10.10:0.2.1-1.5.10:2.26.0-2.3.10:1.0.20-2.4.10:5.4.2.1-8.12.6.10:2.32.2-4.7.10:3.8.2-141.142.10:0.9.6-0.13.420:1.2.0-79.13.10:3.0.3-0.6.10:11-1.22.10:3.2.15-0.13.10:2.7.6-0.13.10:0.9-1.24.10:3.7.7-10.24.10:7.3.6-65.72.10:2.02.84-3.25.50:2.1.14-9.2.10:2.0.2.umip.0.4-8.7.10:2.6.7-0.7.190:1.9.2.24-0.3.10:1.9.2.24-0.3.20:3.0.6-1.25.24.10:4.2.4p8-1.16.10:1.5.2-0.22.230:1.5.2_3.0.13_0.27-0.22.230:1.2.0-172.22.10:5.1p1-41.51.10:2.6.16-1.36.10:2.4-662.18.10:1.1.5-0.10.170:1.26.2-1.3.10:1.3.8-3.15.10:1.4.102-1.37.30:5.10.0-64.55.10:5.816-2.23.10:3.3.1-10.8.30:8.3.14-0.2.10:2.6.12-0.10.10:1.0.22-3.15.10:1.5.11-0.9.960:0.99.15-0.6.20:1.1-1.24.4.10:3.0.4-2.38.10:5.8.7-0.5.50:1.8.7.p357-0.7.10:2.7.STABLE5-2.10.10:3.1.12-8.10.10:1.4-13.6.10:1.5final-28.21.10:1.7.6p2-0.2.4.10:0.71.47-0.7.10:2.0.9-27.32.10:8.1.5-7.32.10:1.0.8-9.16.10:1.5-0.7.540:5.1.1-100.19.10:1.26-1.2.4.10:0.48-101.20.10:0.9.10-0.15.10:6.0.18-20.35.36.10:6.00-11.7.10:0.22.5-0.2.10:0.5.2-132.2.10:1.4.10-0.2.10:4.1.2_14-0.5.50:4.1.2_14_3.0.13_0.27-0.5.50:7.4-9.47.10:7.4-27.60.50:7.4-8.26.32.10:2.17.119-0.5.250:2.17.44-0.5.311.30:9.0.3-0.17.10:17.0.4esr-0.10.420:0.7.1_git20090811-3.28.20:0.3.14-2.28.460:0.5.12-23.68.10:0.9-14.41.10:11-6.90.10:1.0.6-91.25.200:1.7.1-20.9.530:1.7.1-16.9.650:2.2.12-1.38.20:5.3.17-0.13.70:2.7.1-0.2.12.10:4.3.5-0.3.30:0.6.23-11.30.40:9.6ESVR7P4-0.10.10:1.36.0-12.3.10:5.1-0.11.10:0.97.7-0.3.10:2.3.37-2.24.360:2.4.26-0.24.360:4.1-194.207.10:1.3.9-8.46.46.10:7.19.7-1.26.80:1.12.12-144.23.5.10:1.2.10-3.27.10:4.2.4.P2-0.16.150:3.2.3-44.30.10:1.41.9-2.9.10:61-1.33.10:2.28.2-0.29.240:2.0.1-88.34.10:4.24-43.23.10:2.1.1-7.16.70:2.3.7-25.32.10:2.8.7-0.9.120:8.62-32.34.10:4.2.7-32.34.10:2.22.5-0.8.8.10:2.11.3-17.54.10:2.28.3-0.32.10:2.4.1-24.39.45.10:2.0.9-25.33.31.10:2.18.9-0.23.10:1.20.4-0.14.90:1.3.12-69.23.10:5-0.7.100:1.5.7-0.7.310:3.0.1-253.36.10:1.6.0_sr13.1-0.9.10:1.7.0_sr4.1-0.5.10:6b-879.12.10:6.2.0-879.12.10:4.3.5-0.12.12.10:4.3.5-0.10.10:3.0.76-0.11.10:1.6.3-133.49.54.10:1.4.1-0.11.10:1.34b-12.39.10:3.6.3-0.39.10:6.4.3.6-7.26.10:4.6.3-5.25.50:4.6.3-5.25.40:1.3.3-11.18.19.10:0.37.1-5.16.10:2.4.41-0.8.460:9.1.9-0.3.10:0.6.17-2.14.10:3.14.3-0.11.110:2.28.0-1.9.240:4.0-7.26.150:5.0.96-0.6.10:5.5.31-0.7.100:0.52.10-1.35.1130:0.9.8j-0.50.10:3.2.0-10.3.10:1.2.31-5.31.10:0.12.3-1.8.10:0.3.1-2.6.10:0.3.1-2.6.30:2.6.8-0.15.10:5.4.2.1-8.12.16.10:2.32.2-4.13.10:1.9.4-0.12.240:3.8.2-141.152.10:0.3.10-0.9.500:2.6.2-0.2.4.10:1.0.5.1-0.7.100:1.2.0-79.20.10:2.7.6-0.23.10:1.1.24-19.21.10:3.7.7-10.26.10:2.02.98-0.25.30:2.1.14-9.6.10:1.9.2.27-0.2.10:3.0.6-1.25.28.10:1.4.16-0.11.350:1.2.3-18.31.10:4.2.4p8-1.22.10:1.5.4.1-0.11.50:1.5.4.1_3.0.76_0.11-0.11.50:2.4.2-0.9.120:6.2p2-0.9.10:2.0.9-143.38.220:2.3.1-47.12.10:0.47-13.16.10:5.10.0-64.67.520:0.2808.01-0.67.520:0.72-0.67.520:8.3.23-0.4.10:2.6.18-0.4.20:1.0.22-3.19.10:0.5.0-3.20.10:0.99.15-0.12.10:3.0.4-2.47.280:5.10.1-0.7.490:1.8.7.p357-0.9.9.10:1.3.11-0.19.10:1.7.0.0-1.16.10:2.7.STABLE5-2.12.12.10:3.1.12-8.12.10:1.5final-28.23.23.10:4.54-0.9.240:1.7.6p2-0.17.50:0.71.61-0.11.120:2.0.9-27.34.36.10:8.1.5-7.45.240:1.0.8-9.23.440:1.5-0.9.10:5.1.1-100.21.10:1.5-19.23.40:0.48-101.31.270:0.9.10-0.17.10:6.0.18-20.35.40.10:2.3.1-0.9.400:1.2.1-0.7.190:1.8.6-0.2.10:3.3.12-517.12.340:4.2.2_04-0.7.50:4.2.2_04_3.0.76_0.11-0.7.50:7.4-9.62.460:7.4-27.81.70:7.4-1.29.10:7.3.99-17.11.10:7.3.99-3.20.10:2.17.129-0.7.20:2.17.45-0.5.111.40:9.0.3-0.28.29.20:31.7.0esr-0.8.10:0.3.14-2.30.110:0.5.12-23.76.10:0.9-14.43.10:4.13-1326.37.10:11-6.105.10:1.7.1-20.11.10:1.7.1-16.11.10:2.2.12-1.51.52.10:1.2.40-0.2.10:1.0.8-0.4.13.10:2.0.4-40.24.10:5.3.17-0.41.10:2.7.1-0.2.18.10:0.9.0-3.15.10:1.10.1-4.131.9.10:0.6.23-11.32.10:3.2-147.27.350:5.2-147.27.350:9.9.6P1-0.5.50:9.9.6P1-0.5.10:2.24-3.620:1.36.0-12.6.490:1.49.0-0.13.30:5.1-0.14.460:0.98.7-0.3.10:2.3.37-2.30.10:2.4.26-0.30.10:8.12-6.25.32.33.10:2.9-75.78.10:4.1-194.211.213.10:1.3.9-8.46.56.10:7.19.7-1.42.10:1.5.2-1.360:1.2.10-3.31.10:4.2.4.P2-0.22.10:2.71-0.14.90:1.41.9-2.14.30:0.152-4.9.170:22.3-4.42.10:2.28.2-0.32.10:0.95-1.24.10:4.24-43.27.10:2.1.1-7.18.10:2.3.7-25.35.36.10:2.8.7-0.11.10:2.0.36.RC1-52.20.10:2.22.5-0.8.14.10:2.11.3-17.84.10:2.28.3-0.39.170:2.4.1-24.39.55.10:2.0.9-25.33.39.10:1.1.6-25.32.10:0.10.30-5.12.150:1.20.12-0.18.700:3.11.10-0.6.11.10:6-3.50:1.5.7-0.15.220:0.7.3-1.4.10:1.1.1-1.37.10:1.7.1_sr3.0-1.10:1.14.1-16.33.10:4.3.5-0.12.18.10:4.3.5-0.11.18.10:4.3.5-0.3.10:4.3.5-0.14.10:2.4.4-255.28.10:3.0.101-63.10:1.6.3-133.49.66.10:1.4.2-30.50:1.17-77.16.10:1.34b-12.58.10:3.6.3-0.58.10:1.2.1-68.17.10:6.4.3.6-7.30.10:4.6.3-5.34.20:1.3.4-12.22.23.10:1.3.3-11.18.19.80:2.19.1-6.72.10:0.41.rc1-2.340:2.4.52-0.7.10:9.4.4-0.6.20:1.4.5-24.24.10:3.17.3-0.8.110:4.8.3+r212056-2.170:1.5.0-0.17.10:2.28.0-1.13.10:1.900.1-134.17.10:1.0.4-1.18.10:2.03-12.3.10:2.3.2-3.118.20:2.3.2-3.118.10:0.0.20060920alpha-74.5.10:5.5.43-0.7.30:5.0.96-0.6.200:0.9.8j-0.70.10:0.24.4-0.15.10:1.2.31-5.33.10:0.12.3-1.10.10:0.9.23-0.17.10:2.6.9-0.35.10:0.2.1-1.7.10:1.0.20-2.6.50:5.4.2.1-8.12.22.10:1.2.9-4.2.4.10:1.9.4-0.16.10:1.5-1.30.10:3.8.2-141.154.10:0.3.10-0.11.10:1.2.5-3.760:2.2.3-0.8.10:1.4-1.38.240:11-1.25.260:3.2.15-0.17.280:2.7.6-0.31.10:1.1.24-19.23.10:3.7.7-10.30.10:7.3.6-65.74.10:2.02.98-0.33.10:0.8.0-0.23.20:12.5-1.9.10:2.6.7-0.13.10:4.10.7-0.3.30:1.5.17-42.39.10:3.0.6-1.25.36.10:2.12-24.4.10.10:1.4.16-0.13.10:1.2.3-18.38.43.10:4.2.8p2-2.180:1.5.4.1-20.260:1.5.4.1_3.0.101_63-20.260:3.2-0.11.260:1.2.0-172.24.10:6.6p1-4.70:2.0.9-143.44.10:1.1.5-0.15.90:5.10.0-64.72.10:0.2808.01-0.72.10:0.72-0.72.10:1.7-37.63.64.10:4.4.2.3-37.63.64.10:1.2.22-2.10:2.6.7-1.310:2.4.5.git-2.29.10:3.22-240.8.10:2.7.26-0.5.10:1.0.22-3.25.10:1.1.6-168.34.10:2.3.6-0.13.10:0.7-6.22.10:0.99.15-0.14.110:1.1-1.24.8.190:5.10.1-0.11.10:1.8.7.p357-0.9.17.10:1.3.11-0.23.20:8.14.3-50.24.10:0.7.318.81ee561d-0.9.20:2.7.STABLE5-2.12.16.10:3.1.12-8.16.20.10:1.5final-28.23.25.10:4.4.0-6.25.10:1.7.6p2-0.23.10:0.71.61-0.13.10:8.1.5-7.50.250:1.26-1.2.6.10:3.9.8-1.27.10:6.0.41-0.43.10:6.00-11.13.10:2.28.1-2.5.10:1.2.1-10.410:2.0.7-4.35.10:1.11.4-1.19.10:1.10.13-0.2.10:0.7.1-6.15.10:2.7.0-217.26.10:4.4.2_08-1.70:4.4.2_08_3.0.101_63-1.70:2.3.14-130.133.10:7.4-9.65.460:7.4-27.105.10:7.4-5.11.11.70:7.4-5.11.11.10:7.4-1.18.20:7.4-1.16.80:7.4-1.16.20:7.4-1.18.70:7.4-1.18.10:7.4-1.19.80:7.4-1.19.20:7.4-8.26.44.10:7.3.99-3.22.10:2.17.140-1.10:2.17.46-0.5.10:1.2.5-4.33.10:2.8.0-29.17.10:2.2-31.27.10:2.24-3.180:6.2.18-4.31.20:2011.10.10-0.7.100:15.6-95.220:1.0.114.6-0.11.10:10.3.1.4-1.160:2.28.2-0.13.490:2.28.2-0.30.10:2.0-20.310:2.6.6-0.25.20:0.22.0-294.26.10:2.6.2-3.34.45.10:1.7.12.4-0.9.10:2.2.7-1.350:1.9.14-401.200:1.4.2-2.18.530:0.46-62.43.10:1.8.2-1.24.10:0.15.1b-130.170:3.1.11a-116.2.10:3.6.10-0.3.10:4.0.3.3.26-0.10.20:4.0.3.3.26-0.10.10:3.4.5.5-0.3.10:0.4.5-2.7.10:0.2-5.20.10:0.1.9-9.19.10:0.5.3-126.250:1.0.1-0.1.1410:1.2.7-0.17.10:0.2.8.4-206.27.40:0.8.14-4.330:1.1.15-23.3.90:1.8.17-481.19.50:1.8.17-481.19.20:0.1.3-0.10.16.20:1.4.20-2.54.10:2.8.6-143.190:1.2.6-5.17.10:2.3.2-0.9.20:2.0.3-249.21.10:0.7.1-2.29.10:0.4.6-2.7.900:0.139.2-0.3.10:2.10.3-1.20.10:1.10.10-120.35.10:2.0.1-28.20.10:0.56.2-1.9.10:0.6c11-5.2.10:0.10.1-0.5.7.10:0.99.15-0.14.10:3.2.12-0.9.10:3.2.12-0.19.10:3.2.12-0.5.80:3.2.12-0.5.100:3.2.12-0.7.90:3.2.12-0.11.10:1.7.0-0.7.10:0.6.0-0.8.10:1.2.0-0.4.40:1.4.5-0.5.80:1.3.2-0.12.5.10:3.9.1-0.8.30:2.2.1-0.7.11.10:9.05-1.19.10:1.1.7-7.23.20:1.2.9-162.37.10:1.6.17-1.33.10:0.7.10-2.19.10:2007-219.34.60:3.8.1-0.5.10:7.11.2-0.9.10:2.2.12-1.40.10:5.2.14-0.7.30.50.10:5.3.8-0.43.10:2.7.1-0.2.14.10:9.9.4P2-0.6.10:2.6.7-0.9.10:3.6.3-0.33.39.10:1.3.9-8.46.48.10:7.19.7-1.20.31.10:1.2.10-3.25.10:4.2.4.P2-0.11.13.10:2.6.6-0.19.10:4.9.2-0.6.10:3.13.6-0.5.10:4.9.3-0.2.10:3.14-0.3.10:4.9.4-0.3.10:3.14.1-0.3.10:0.3.8-56.51.10:0.3.8-56.44.45.1290:4.9.5-0.3.20:3.14.2-0.4.3.20:4.9.6-0.3.10:3.14.3-0.4.3.10:2.1.1-7.16.10:1.7.12.4-0.5.10:2.11.3-17.45.49.10:2.4.1-24.39.47.10:1.5.4-0.7.7.10:0.46-62.38.10:2.4.2-170.21.3.10:2012.9.13-0.8.10:1.4.2_sr13.18-0.4.10:1.6.0_sr15.0-0.5.10:1.7.0_sr6.0-0.7.10:4.3.5-0.12.10:1.6.3-133.49.58.10:3.6.3-0.24.40:4.6.3-5.20.23.10:1.5.0-0.15.20:0.16.0-1.4.10:3.5.4.13-0.3.10:2.32.2-4.11.10:0.2-5.18.10:0.9.6-0.29.10:0.9.6-0.23.10:1.2.7-0.15.20:2.7.6-0.25.10:1.4.20-2.52.10:4.10.1-0.3.10:3.15.2-0.3.10:3.0.6-1.25.34.10:4.10.2-0.3.10:3.15.3-0.3.10:3.15.3.1-0.4.2.10:2.4-0.11.10:5.10.0-64.61.61.10:1.7-37.50.60:4.4.2.3-37.50.60:2.6.8-0.23.10:0.7.4-0.7.8.10:1.3.10-0.5.10:1.1.6-0.9.20:1.8.7.p357-0.9.13.10:2.3.17-0.9.10:2.3.17-0.8.10:2.1.2-1.14.10:2.3.17-0.13.20:2.3.14-0.10.10:2.3.14-0.12.10:3.2.12-0.7.10:2.3.0-0.10.10:1.1-0.8.20:2.3.17-0.11.10:1.6.17-1.25.10:1.8.12-0.2.10:4.1.4_02-0.5.10:0.9.6-0.21.30:4.1.2_20-0.5.20:4.1.3_02-0.5.10:4.1.3_04-0.5.10:4.1.5_02-0.5.10:4.1.6_02-0.5.10:4.1.6_04-0.5.10:7.4-27.70.76.10:7.4-8.26.40.10:7.4-1.16.10:7.4-1.19.10:7.4-1.22.5.10:24.6.0esr-0.8.10:4.10.6-0.3.10:3.16.1-0.8.10:9.0.3-0.19.10:17.0.9esr-0.7.10:31.8.0esr-0.13.20:38.5.0esr-28.20:24.5.0esr-0.8.10:4.10.4-0.3.10:3.16-0.8.10:31.6.0esr-0.8.10:31.8.0esr-0.10.10:4.10.8-0.5.10:3.19.2_CKBI_1.98-0.10.10:2.2.12-1.46.10:2.2.12-59.10:5.3.17-0.31.10:0.9.0-3.17.20:5.2-147.22.10:9.9.6P1-0.12.10:9.9.6P1-0.15.10:9.9.6P1-0.19.10:9.9.6P1-0.22.10:2.23.1-0.23.150:2.23.1-0.23.20:3.6.3-0.52.50:1.3.9-8.46.52.20:7.19.7-1.38.10:7.19.7-1.46.10:7.19.7-1.40.10:4.2.4.P2-0.24.10:1.41.9-2.10.11.10:2.19.1-6.62.70:2.6.6-0.23.10:17.0.7esr-0.8.10:17.0.10esr-0.7.40:24.3.0esr-0.8.10:3.15.4-0.7.10:24.4.0esr-0.8.10:24.7.0esr-0.8.20:3.16.2-0.8.10:24.8.0esr-0.8.10:4.10.7-0.3.10:3.16.4-0.8.10:31.3.0esr-0.8.10:31.4.0esr-0.8.70:31.5.3esr-0.8.10:4.10.9-11.10:38.3.0esr-22.10:38.4.0esr-25.60:4.10.10-16.10:3.19.2.1-19.30:24.2.0esr-0.7.10:3.15.3.1-0.7.10:31.2.0esr-0.16.10:3.17.2-0.8.10:38.2.1esr-19.30:3.19.2.0-0.16.10:2.3.7-25.34.10:4.1.6-13.10:1.7.12.4-0.11.20:2.11.3-17.72.140:2.11.3-17.87.30:2.11.3-17.95.20:2.4.1-24.39.51.10:2.4.1-24.39.57.10:2.4.1-24.39.60.10:2.18.9-0.35.10:2.18.9-0.39.10:1.20.4-0.18.10:1.5.7-0.9.10:4.0-7.28.10:1.6.0_sr16.2-0.3.10:1.6.0_sr16.7-10.10:1.6.0_sr16.15-46.10:1.7.0_sr8.0-0.5.10:1.7.0_sr9.10-9.10:1.7.0_sr9.20-42.10:4.3.5-0.12.20.10:3.0.101-0.47.71.30:1.6.3-133.49.62.10:1.6.3-133.49.97.10:1.6.3-133.49.103.10:1.6.3-133.49.64.10:1.6.3-133.49.68.10:1.0.5.9-0.19.30:2.5-0.7.10:4.6.3-5.29.20:2.19.1-6.62.10:9.1.12-0.3.10:3.16.5-0.7.10:1.5.0-0.19.10:1.0.4-1.20.10:0.0.20060920alpha-74.10.10:5.5.39-0.7.10:5.0.96-0.6.130:0.9.8j-0.66.10:1.2.31-5.35.10:1.2.31-5.38.10:0.9.23-0.15.10:4.6.3-5.32.10:4.0.3.3.26-0.6.20:4.0.3.3.26-0.6.10:2.26.0-2.5.10:1.0.20-2.10.20:1.5-1.28.10:1.0.5.9-0.9.10:0.9.1-156.10:0.2.8.4-206.29.29.10:2.7.6-0.34.10:2.7.6-0.37.10:0.8.0-0.21.60:0.8.0-0.25.10:2.6.7-0.16.10:38.6.0esr-31.30:3.20.2-25.20:4.10.8-0.8.10:3.19.2.2-22.10:3.15.2-0.8.10:5.5.45-0.11.10:5.5.46-0.14.10:5.5.47-0.17.10:5.4.2.1-8.12.24.10:3.15.3-0.8.10:2.4.26-0.35.10:2.4.26-0.62.20:0.9.8j-0.80.10:0.152.0-6.20:1.1.5-0.12.10:5.10.0-64.70.10:5.3.17-45.10:5.3.17-48.10:1.7-37.60.20:4.4.2.3-37.60.20:9.4.5-0.8.30:9.1.15-0.3.10:9.1.18-0.3.10:9.1.19-0.5.10:2.6.9-0.33.10:2.6-8.33.10:2.6.9-0.25.10:2.6-8.25.10:2.6.9-0.27.10:2.6-8.27.10:2.6.9-0.31.10:2.6-8.31.10:0.6c8-10.19.6.10:0.6c11-6.10:2.3.17-0.13.10:1.8.7.p357-0.9.15.10:2.3.17-0.15.20:3.2.12-0.14.30:3.2.12-0.18.10:2.3.0-0.12.10:1.1.6-0.11.20:1.4.5-0.7.30:3.6.3-76.10:3.6.3-0.56.10:3.6.3-64.10:3.0u-0.7.20:1.2.9-162.33.10:1.6.17-1.29.10:1.0-37.10:3.8.2-141.160.10:1.10.11-0.2.10:1.12.7-0.5.30:1.12.9-0.12.10:4.2.5_06-0.7.10:4.2.5_02-0.7.10:4.2.5_12-15.10:4.2.5_14-18.20:4.2.2_06-0.7.10:4.2.3_02-0.7.10:4.2.3_08-0.7.10:4.2.4_02-0.7.10:4.2.4_04-0.9.10:4.2.5_04-0.9.10:4.2.5_08-0.9.10:4.2.5_18-21.10:3.1.8-0.7.10:7.4-27.85.10:7.4-8.26.42.10:7.4-5.11.15.10:1.6.5-4.10:1.6.5-6.10:1.2.5-4.35.10:1.2.5-4.38.10:1.2.5-4.41.10:1.2.5-4.46.10:1.2.5-4.52.10:1.2.5-4.59.10:1.2.5-4.62.10:1.2.5-4.65.10:1.2.5-4.77.10:1.2.5-4.78.9.10:1.2.5-4.78.16.10:1.2.5-4.78.19.10:1.2.5-4.78.28.20:1.2.5-4.78.33.10:1.2.5-4.78.38.10:1.2.5-4.78.41.10:1.2.5-78.44.10:1.2.5-78.47.10:6.4.3.6-7.34.10:6.4.3.6-7.37.10:6.4.3.6-7.40.10:6.4.3.6-7.45.10:6.4.3.6-7.48.10:6.4.3.6-7.54.10:6.4.3.6-7.60.10:6.4.3.6-7.65.10:6.4.3.6-7.77.10:6.4.3.6-7.78.5.20:6.4.3.6-7.78.8.10:6.4.3.6-7.78.14.10:6.4.3.6-7.78.17.10:6.4.3.6-7.78.22.10:6.4.3.6-7.78.29.20:6.4.3.6-7.78.34.10:6.4.3.6-7.78.37.10:6.4.3.6-78.40.10:0.9.1-159.10:0.9.1-160.3.10:38.6.1esr-34.10:38.8.0esr-40.50:4.12-26.10:3.20.2-30.10:45.2.0esr-45.20:2.11.0-2.10:4.12-29.10:3.21.1-35.10:45.3.0esr-50.10:45.4.0esr-53.10:45.6.0esr-62.10:45.7.0esr-65.20:45.8.0esr-68.10:45.9.0esr-71.20:4.13.1-32.10:3.29.5-46.10:52.2.0esr-72.5.20:3.29.5-47.3.20:52.3.0esr-72.9.10:52.5.0esr-72.17.10:52.6.0esr-72.20.20:52.7.3esr-72.27.20:38.7.0esr-37.30:4.12-24.10:3.20.2-28.10:1.6.1-83.17.3.10:4.4.2_12-23.10:2.2.12-64.10:2.2.12-69.10:2.2.34-70.5.10:2.2.34-70.12.10:2.2.34-70.15.10:2.2-31.29.10:0.2.6-142.17.10:0.9.0-3.21.3.10:3.2-147.29.10:5.2-147.29.10:3.2-147.35.10:5.2-147.35.10:9.9.6P1-0.25.10:9.9.6P1-0.30.10:9.9.6P1-0.33.10:9.9.6P1-0.36.10:9.9.6P1-0.39.10:9.9.6P1-0.44.10:9.9.6P1-0.47.10:9.9.6P1-0.50.10:9.9.6P1-0.51.7.10:2.5.5-9.10:2.0-318.10:20171128-8.3.30:0.162.1-7.4.10:2.8.12-56.13.10:1.0.114.6-0.14.10:7.19.7-1.61.10:7.19.7-1.64.10:7.19.7-1.69.10:7.19.7-1.70.3.10:7.19.7-1.70.8.10:7.19.7-1.70.13.10:1.12.12-144.23.5.3.10:2.3.11-60.65.67.10:4.2.4.P2-0.27.10:4.2.4.P2-0.28.5.30:4.2.4.P2-0.28.8.10:22.3-42.3.10:2.28.2-0.7.3.10:2.0.1-88.38.10:2.0.1-88.41.10:2.0.1-88.42.3.20:52.4.0esr-72.13.20:3.29.5-47.6.10:2.6.0-10.19.10:2.1.1-7.24.10:2.1.1-7.25.3.10:2.3.7-25.41.40:2.3.7-25.45.5.10:2.3.7-25.45.8.10:4.3.4_20091019-37.3.10:4.8.5-4.20:4.8.5-5.3.10:5.3.1+r233831-10.10:2.0.36.RC1-52.22.10:2.0.36.RC1-52.25.10:2.0.36.RC1-52.29.10:2.0.36.RC1-52.32.10:2.0.36.RC1-52.33.5.10:8.62-32.41.10:4.2.7-32.41.10:8.62-32.38.10:4.2.7-32.38.10:8.62-32.44.10:4.2.7-32.44.10:8.62-32.46.10:4.2.7-32.46.10:4.1.6-21.10:2.6.2-3.34.47.10:1.7.12.4-0.14.10:1.7.12.4-0.17.10:1.7.12.4-0.18.3.10:1.7.12.4-0.18.6.10:2.11.3-17.102.10:2.11.3-17.109.10:2.11.3-17.110.3.10:2.11.3-17.110.6.20:2.11.3-17.110.9.20:2.4.1-24.39.67.10:2.4.1-24.39.70.10:0.10.35-5.17.10:2.18.9-0.44.10:2.18.9-0.45.3.10:1.8.5-24.10:4.0-7.30.20:4.0-38.10:4.0-43.10:4.0-46.10:1.4.2-2.20.10:1.900.14-134.25.10:1.900.14-134.32.10:1.900.14-134.33.3.10:1.7.1_sr3.10-3.10:1.7.1_sr3.20-6.10:1.7.1_sr3.30-9.10:1.7.1_sr3.40-13.10:1.7.1_sr3.60-19.20:1.7.1_sr4.1-22.10:1.7.1_sr4.5-25.10:1.7.1_sr4.10-26.5.10:1.7.1_sr4.15-26.8.10:1.7.1_sr4.20-26.13.10:1.7.1_sr3.50-16.10:3.0.101-80.20:3.0.101-88.30:3.0.101-94.20:3.0.101-97.30:3.0.101-104.70:3.0.101-108.7.20:3.0.101-108.13.20:3.0.101-65.30:3.0.101-71.20:3.0.101-108.18.30:3.0.101-108.21.20:3.0.101-108.24.30:3.0.101-108.35.10:3.0.101-68.20:3.0.101-77.20:3.0.101-84.20:3.0.101-107.30:3.0.101-108.10.20:3.0.101-108.38.10:1.6.3-133.49.106.10:1.6.3-133.49.109.10:1.6.3-133.49.113.7.10:1.3.4-12.22.23.3.20:0.6.3-1.9.60:1.7.4-7.9.10:4.5.20-97.50:4.5.20-97.70:1.4.5-24.24.3.10:0.6.17-2.14.3.10:1.5.0-0.22.10:1.5.0-0.25.10:0.43-1.10.6.10:0.15.1b-132.3.10:1.10-6.10:1.10-7.3.10:1.0.4-1.25.10:3.1.0-3.10:3.2.0-10.5.10:1.2.31-5.43.10:1.0.3-5.20:1.0.3-6.5.10:1.1.03.beta1-2.10:2.8.8-2.10:1.2.4-2.10:5.0.4.2-23.10:4.1-2.260:3.7.1-5.20:20150827-23.10:1.0.2-0.8.10:0.1.4-3.10:1.0.20-2.13.10:1.0.20-2.18.10:1.0.20-2.19.7.30:0.2-5.22.10:1.2.9-4.2.6.10:0.2.1-1.12.30:1.2.5-12.30:1.2.5-15.30:1.2.5-23.3.10:1.2.5-23.6.10:1.2.0-79.20.3.10:1.2.0-79.20.6.10:2.7.6-0.40.10:2.7.6-0.44.10:2.7.6-0.50.10:2.7.6-0.64.10:2.7.6-0.69.10:2.7.6-0.76.10:2.7.6-0.77.3.20:2.7.6-0.77.10.10:1.1.24-19.33.10:1.1.24-19.33.30:1.4.20-2.58.10:3.0.101-91.20:3.0.101-100.20:2.8.6-145.10:2.8.6-146.3.10:2.3.2-0.11.10:2.3.2-0.14.20:2.3.2-0.17.10:2.3.2-0.18.3.10:2.3.2-0.18.6.10:45.5.1esr-59.10:3.21.3-39.10:2.6.7-0.18.10:2.5-24.3.10:5.5.49-0.20.10:5.0.96-0.8.10.30:5.5.52-0.27.10:5.5.53-0.30.10:5.5.54-0.35.10:5.5.55-0.38.10:5.5.57-0.39.3.10:5.5.58-0.39.6.10:5.5.59-0.39.9.80:2.03.90-2.3.10:5.6-92.10:5.6-93.6.10:5.6-93.12.10:5.6-93.15.10:10.26.44-101.14.10:1.5-1.34.10:4.02.1-3.40:4.02.1-4.3.20:0.9.8j-0.89.10:0.9.8j-0.97.10:0.9.8j-0.102.20:0.9.8j-0.105.10:0.9.8j-0.106.9.10:1.1.5-0.17.20:5.10.0-64.80.10:5.10.0-64.81.3.10:5.10.0-64.81.10.10:4.008-6.10:4.008-9.10:0.710.08-3.10:5.3.17-59.10:5.3.17-62.10:5.3.17-71.10:5.3.17-74.10:5.3.17-79.20:5.3.17-84.10:5.3.17-87.10:5.3.17-94.10:5.3.17-101.10:5.3.17-108.10:5.3.17-111.20:5.3.17-112.5.10:5.3.17-112.10.10:5.3.17-112.20.10:2.6.6-0.29.10:0.12.3-1.12.10:9.4.6-0.14.30:9.4.9-0.19.10:9.4.12-0.22.30:9.4.13-0.23.5.10:9.4.15-0.23.10.10:9.4.16-0.23.13.20:9.4.17-0.23.16.10:2.4.5.git-2.31.70:2.6.9-39.10:2.6-8.39.10:2.6.9-40.3.10:2.6-8.40.3.10:0.99.15-0.16.10:0.99.15-0.21.10:0.99.15-0.24.20:0.99.15-0.29.10:0.99.15-0.30.3.10:1.8.7.p357-0.9.19.10:3.2.12-0.23.10:3.2.12-0.26.10:3.2.12-0.15.10:3.2.12-0.21.10:2.4.4-0.10.20:3.6.3-67.20:3.6.3-84.10:3.6.3-87.10:3.6.3-90.10:3.6.3-93.10:3.6.3-94.5.10:3.6.3-94.8.10:3.6.3-94.11.10:1.0.20-7.8.10:0.12.4-5.10:0.12.4-8.10:0.12.4-11.10:3.7.6.3-1.4.6.10:1.6.17-1.35.10:1.6.17-1.36.9.10:3.8.2-141.163.10:3.8.2-141.168.10:4.50.1-1.27.10:1.12.11-0.18.10:1.12.13-0.23.10:2.0.12-36.10:2.0.13-39.10:2.0.14-40.7.10:0.4.5-2.7.2.10:2.2.11-40.14.50:19-234.18.10:2.2.12-40.17.10:2.2.13-40.22.10:2.2.14-40.25.10:4.4.2_10-5.10:4.4.3_02-26.20:4.4.4_02-32.10:4.4.4_07-37.10:4.4.4_08-40.20:4.4.4_10-43.50:4.4.4_12-46.10:4.4.4_14-51.10:4.4.4_16-54.10:4.4.4_18-57.10:4.4.4_20-60.30:4.4.4_22-61.9.20:4.4.4_24-61.12.10:4.4.4_26-61.17.10:4.4.4_28-61.23.20:4.4.3_06-29.10:2.8.1-238.29.5.20:7.4-3.10:7.4-5.11.65.10:7.4-5.11.68.10:7.4-1.20.10:7.4-8.26.49.10:7.4-8.26.50.5.30:7.4-27.118.10:7.4-27.121.20:7.4-27.122.16.10:2.17.161-5.10:1.2.7-0.14.10:11.3-00:7.19.7-0.40.10:1.0.1g-0.22.10:2.4.26-0.30.20:2.4.26-0.62.30:6.6p1-10.10:6.6p1-15.10:6.6p1-18.10:1.0.1g-0.35.10:1.0.1g-0.40.10:1.0.1g-0.47.10:1.0.1g-0.52.10:1.0.1g-0.57.10:1.0.1g-0.58.3.10:1.0.1g-0.58.9.10:2.3.2-0.9.10:2.3.2-0.10.3.10:1.3.11-0.28.10:1.11.4-1.32.10:1.11.4-1.40.10:17.0.9esr-0.3.10:9.5.5-0.5.5.10:9.4.6-0.4.5.10:9.4.2-0.4.10:1.1.1-174.27.10:3.4.3-1.50.10:5.1-0.7.10:0.97.8-0.2.10:0.9.7g-146.22.10:8.12-6.25.29.10:10.0.7-0.3.10:7-0.6.7.800:10.0.9-0.3.10:7-0.6.7.850:10.0.10-0.3.10:10.0.11-0.3.10:10.0.12-0.4.10:17.0.4esr-0.5.10:7-0.6.9.50:0.5-1.47.51.50:17.0.5esr-0.4.10:7-0.6.9.170:17.0.6esr-0.4.10:17.0.7esr-0.3.10:7-0.6.9.310:17.0.10esr-0.4.2.40:7-0.6.9.620:11.2.202.336-0.3.10:2.0.9-25.33.37.10:1.4.1-0.8.10:1.6.0.0_b27.1.12.7-0.2.10:3.0.101-0.7.17.10:4.1.6_04_3.0.101_0.7.17-0.5.160:0.15.1-0.27.10:2013.1.7-0.3.10:5.1p1-41.57.10:1.95-0.4.10:2.0.9-143.33.3.10:2.6.18-0.12.10:3.16-50.39.10:4.4.0-6.21.10:1.7.6p2-0.2.12.10:0.1.5-1.5.10:1.0.7-5.10.10:4.1.4_02_3.0.58_0.6.6-0.5.10:0.9.0-3.19.10:0.5.10-0.5.10:4.1.2_20_3.0.38_0.5-0.5.20:0.5.12-0.5.10:4.1.3_02_3.0.38_0.5-0.5.10:4.1.3_04_3.0.42_0.7-0.5.10:4.1.5_02_3.0.74_0.6.10-0.5.10:4.1.6_02_3.0.93_0.5-0.5.10:4.1.6_04_3.0.101_0.5-0.5.10:7.3.99-3.18.20:0.4.1-28.19.10:1.6.166-0.5.10:24-0.7.480:24-0.7.360:3.2-147.22.10:1.2-2.10.10:1.2-2.12.10:0.98.1-0.10.10:0.9.7g-146.22.31.10:0.9.7g-146.22.36.10:3.13_3.0.101_0.31-0.9.10:3.2.3-45.5.30:2.71-0.12.13.10:61-1.35.10:7-0.12.10:7-0.12.410:24-0.7.140:24-0.7.230:38-15.310:24-0.7.40:31.0-0.10.10:31.0-0.12.510:11.2.202.418-0.3.10:11.2.202.481-0.8.20:11.2.202.491-0.11.10:11.2.202.508-0.14.10:11.2.202.521-0.17.10:11.2.202.535-0.20.10:11.2.202.540-0.23.10:11.2.202.548-0.26.10:11.2.202.554-0.29.10:11.2.202.559-0.32.10:3.0.2-269.39.10:2.0.9-25.33.41.20:2.00-0.49.20:0.10.22-7.11.10:1.4.2-0.7.10:1.7.0.71-0.7.10:1.7.0.85-0.11.20:1.7.0.91-0.14.20:1.7.0.95-0.17.20:4.3.5-0.11.20.10:3.0.101-0.47.55.10:3.0.101-0.40.10:4.2.4_04_3.0.101_0.40-0.7.30:3.0.101-0.47.67.20:3.0.101-0.47.71.10:1.4.2-0.17.10:1.4.2-0.22.34.30:1.4.2-37.10:1.4.2-0.21.40:1.900.1-134.13.10:0.4.1-16.20.20:2.7.6-0.34.40:2.7.6-0.37.40:12.5-1.7.10:38-18.240:1.5.17-42.37.10:3.0.0-0.20.10:3.0.0-0.10.10:4.2.4p8-1.24.10:6.2p2-0.13.10:6.2p2-0.21.10:6.2p2-0.21.30:6.2p2-0.24.10:6.2p2-0.24.30:1.97-0.3.10:2.0.9-143.40.50:2.28.3-0.5.100:0.2808.01-0.70.10:0.72-0.70.10:2.6.18-0.16.10:0.7-6.20.10:0.1.6+git20080930-6.24.10:3.0.4-2.49.10:1.3.11-0.25.40:4.4.0-6.32.10:1.7.6p2-0.21.10:1.4-1.35.10:1.1.1-174.10:0.7.1-6.17.40:4.2.5_06_3.0.101_0.47.52-0.7.10:4.2.5_02_3.0.101_0.40-0.7.10:4.2.5_12_3.0.101_0.47.55-15.10:4.2.5_14_3.0.101_0.47.67-18.20:4.2.2_06_3.0.82_0.7-0.7.10:4.2.3_02_3.0.93_0.8-0.7.10:4.2.3_08_3.0.101_0.8-0.7.10:4.2.4_02_3.0.101_0.15-0.7.10:4.2.4_04_3.0.101_0.40-0.9.10:4.2.5_04_3.0.101_0.47.52-0.9.10:4.2.5_08_3.0.101_0.47.55-0.9.10:4.2.5_18_3.0.101_0.47.71-21.10:5.07-6.36.10:4.4.2_12_3.0.101_63-23.10:0.9.7g-146.22.41.10:6.3.8.90-13.20.21.10:11.2.202.569-0.35.10:11.2.202.577-0.38.10:2.00-0.54.20:1.5.3-0.9.10:1.7.0.99-0.20.20:3.0.101-65.10:3.0.101-71.10:3.0.101-68.10:1.4.2-32.10:1.4.2-35.10:4.2.8p4-5.10:6.6p1-13.10:6.6p1-13.30:6.6p1-16.10:6.6p1-16.40:1.7.0.0-1.18.20:4.4.2_10_3.0.101_63-5.10:4.4.3_02_3.0.101_65-26.20:4.4.4_02_3.0.101_68-32.10:4.4.3_06_3.0.101_65-29.10:1.0.0-0.9.10:0.6.1-0.17.10:1.4_3.0.101_0.47.55-2.28.1.210:1.4_3.0.101_0.40-2.27.980:2_3.0.101_0.47.55-0.17.1.210:2_3.0.101_0.40-0.16.1040:1.6_3.0.101_0.47.55-0.21.1.210:1.6_3.0.101_0.40-0.20.980:8.4.4_3.0.101_0.40-0.22.640:0.7.0+git.1430140184.8e872c5-7.10:1.4-2.32.2.140:1.4_3.0.101_108.7-2.32.2.140:8.4.4-0.27.2.10:8.4.4-0.27.2.130:8.4.4_3.0.101_108.7-0.27.2.130:2-0.24.2.140:2_3.0.101_108.7-0.24.2.140:1.6-0.28.3.40:1.6_3.0.101_108.7-0.28.3.40:1.4-2.32.4.60:1.4_3.0.101_108.35-2.32.4.60:8.4.4-0.27.4.20:8.4.4-0.27.4.60:8.4.4_3.0.101_108.35-0.27.4.60:2-0.24.4.60:2_3.0.101_108.35-0.24.4.60:1.6-0.28.5.60:1.6_3.0.101_108.35-0.28.5.60:1.1.12-18.10:45.0-23.100:52-24.3.440:5.3.1+r233831-7.10:52-24.5.10:3.4.0-18.10:3.5.5-18.10:1.9-18.10:1.0-18.10:1.0.14-0.4.25.10:0.99.2-0.19.10:0.99.3-0.20.3.20:0.99.4-0.20.7.20:2.78-0.16.5.10:1.6.0_sr16.30-75.10:1.6.0_sr16.35-78.20:1.6.0_sr16.45-84.10:1.6.0_sr16.50-85.5.10:1.7.0_sr9.50-55.10:1.7.0_sr9.60-58.20:1.7.0_sr10.1-61.10:1.7.0_sr10.5-64.10:1.7.0_sr10.15-65.8.10:1.7.0_sr10.20-65.13.10:3.0.101-0.47.86.10:3.0.101-0.47.93.10:3.0.101-0.47.99.10:3.0.101-0.47.102.10:3.0.101-0.47.105.10:3.0.101-0.47.106.8.10:3.0.101-0.47.106.11.10:3.0.101-0.47.106.19.10:3.0.101-0.47.90.10:3.0.101-0.47.106.5.10:1.4.2-53.11.10:1.4.2-53.14.10:0.1.6+git20080930-6.27.20:2.7.6-0.69.30:3.0.101-0.47.96.10:1.17-102.83.9.10:1.17-102.83.15.10:4.2.8p9-48.9.10:6.2p2-0.33.20:6.2p2-0.33.50:6.2p2-0.40.10:6.2p2-0.40.30:2.0.9-143.46.10:2.0.9-143.47.3.10:1.66-3.3.10:1.34b-84.10:1.34b-90.10:1.34b-93.10:1.34b-94.5.10:1.34b-94.8.10:6.0.53-0.56.10:3.80.2-4.10:0.7.1-6.18.3.10:4.2.5_21-27.10:4.2.5_21_3.0.101_0.47.86-27.10:4.2.5_21-30.10:4.2.5_21_3.0.101_0.47.90-30.10:4.2.5_21-35.10:4.2.5_21_3.0.101_0.47.96-35.10:4.2.5_21-38.10:4.2.5_21_3.0.101_0.47.99-38.10:4.2.5_21-41.10:4.2.5_21_3.0.101_0.47.99-41.10:4.2.5_21-44.10:4.2.5_21_3.0.101_0.47.102-44.10:4.2.5_21-45.5.10:4.2.5_21_3.0.101_0.47.105-45.5.10:4.2.5_21-45.8.10:4.2.5_21_3.0.101_0.47.105-45.8.10:4.2.5_21-45.11.10:4.2.5_21_3.0.101_0.47.106.5-45.11.10:4.2.5_21-45.16.10:4.2.5_21_3.0.101_0.47.106.8-45.16.10:4.2.5_21-45.19.10:4.2.5_21_3.0.101_0.47.106.14-45.19.10:1.4.19_2.6.33.5_rt23_0.4-0.7.60:2.1.0.0_2.6.33.20_rt31_0.5-0.2.520:1.4_2.6.33.20_rt31_0.5-2.5.620:8.3.11_2.6.33.20_rt31_0.5-0.3.620:1.4.19_2.6.33.20_rt31_0.5-0.9.11.380:2.6.33.20-0.5.10:1.6_2.6.33.20_rt31_0.5-0.4.2.620:1.5.2_2.6.33.20_rt31_0.5-0.9.13.490:1.5.2_2.6.33.18_rt31_0.3-0.9.13.10:1.4_3.0.101_rt130_0.7.9-2.18.790:8.4.2_3.0.101_rt130_0.7.9-0.6.6.700:1.4.20_3.0.101_rt130_0.7.9-0.25.25.180:3.0.101.rt130-0.7.9.10:2.0.4_3.0.101_rt130_0.7.9-0.9.9.60:1.6_3.0.101_rt130_0.7.9-0.11.780:1.5.2_3.0.101_rt130_0.7.9-0.28.28.500:1.4_3.0.101_rt130_0.28-2.27.990:8.4.4_3.0.101_rt130_0.28-0.22.650:1.4.20_3.0.101_rt130_0.28-0.38.840:3.0.101.rt130-0.28.10:2.1.1_3.0.101_rt130_0.28-0.11.750:1.6_3.0.101_rt130_0.28-0.20.990:1.5.4.1_3.0.101_rt130_0.28-0.13.900:3.0.101.rt130-0.33.40.10:3.0.101.rt130-0.33.44.20:3.0.101.rt130-0.33.44.10:3.0.101.rt130-68.10:1.4_3.0.101_rt130_68-2.32.2.140:8.4.4_3.0.101_rt130_68-0.27.2.130:2_3.0.101_rt130_68-0.24.2.140:1.6_3.0.101_rt130_68-0.28.3.40:3.0.101.rt130-51.10:1.4_3.0.101_rt130_69.14-2.32.4.60:8.4.4_3.0.101_rt130_69.14-0.27.4.60:2_3.0.101_rt130_69.14-0.24.4.60:1.6_3.0.101_rt130_69.14-0.28.5.60:3.0.101.rt130-54.10:3.0.101.rt130-69.5.10:3.0.101.rt130-45.10:3.0.101.rt130-48.10:3.0.101.rt130-69.11.10:3.0.101.rt130-69.14.10:3.0.101.rt130-69.21.10:3.0.101.rt130-65.10:3.0.101.rt130-57.10:3.0.101.rt130-69.8.10:1.4.2_sr13.13-0.3.10:1.0.0-0.8.10:0.9.7g-146.22.44.10:0.9.7g-146.22.47.10:0.98.9-0.7.10:0.9.7g-146.22.50.10:5.4.15-0.15.20:5.9.33-0.20.10:2.0.10-0.38.10:5.3.7-0.9.10:1.2.74-0.20.10:1.2.2-0.16.10:1.2.74-0.22.20:2.5.84.4-8.10:2.5.5.5-14.10:2.5.24.9-24.10:2.5.13.8-23.10:2.6.1-5.10:2016.11.4-43.7.10:2016.11.4-43.10.20:2016.11.4-42.20:0.5.2-0.38.160:1.4_3.0.101_0.7.17-2.18.810:2_3.0.101_0.7.17-0.7.1090:1.6_3.0.101_0.7.17-0.11.800:6.4.3.6-7.19.1110:3.0.10-1.1.10:3.5-1.1.50:2.24.0-7.50:3.12.3.1-1.2.10:0.8.11-2.140:4.8-1.3.10:1.9.0.10-1.1.10:1.9.1.11-0.1.10:1.9.2.12-0.6.10:2.14.16-2.160:0.7.0.r4359-15.9.20:0.7.0.r1053-11.11.10:3.2.7-151.30:2.2.47-30.5.10:2.2.10-2.23.22.10:5.2.6-50.18.30:0.6.23-11.14.10:2.0.1-1.26.10:3.2.7-11.21.10:1.34b-11.21.10:0.95.1-0.1.10:4.3.3_20081022-11.180:2.9-75.27.24.10:4.1-194.19.10:1.3.9-8.15.10:7.19.0-11.21.10:1.2-107.220:1.10-3.180:2.1.22-182.20.10:1.2.10-3.9.10:0.76-34.10.10:3.1.1-7.13.10:2.45-12.23.10:1.0.5-1.27.10:2.24.1.1-11.8.10:3.24.1.1-3.23.20:2.24.1.1-11.12.10:IIIalpha9.8-691.220:0.15-1.290:2.7.0-130.210:2.24.0-7.40:0.10.21-3.200:1.1.3-87.120:0.3.15-3.100:2.3.7-25.9.10:2.24.0-24.39.10:8.62-32.25.10:4.2.7-32.25.10:2.18.2-7.7.10:2.9-13.11.10:2.24.0-14.27.10:2.4.1-24.16.10:2.0.9-25.26.10:1.4.1-6.70:1.6-8.60:1.0.4-1.160:0.10.21-2.36.10:0.10.10-4.9.10:4.0-7.22.10:0.7.1-10.31.10:0.4.15-94.14.10:0.4.15_2.6.27.48_0.6-94.14.10:1.4.2_sr13-0.1.10:1.5.0.13.1.2-0.1.10:1.6.0-124.6.10:1.6.0-124.7.10:4.1.3-9.14.70:4.1.3-9.28.30:4.1.3-7.17.10:4.1.3-18.8.10:4.1.3-7.9.10:3.5.10-23.30.10:4.1.3-8.21.10:4.1.3-8.18.10:0.5.5-106.180:0_2.6.27.23_0.1-7.1.70:0.4.15_2.6.27.54_0.2-94.14.80:2.6.27.23-0.1.10:2.0.5_2.6.27.54_0.2-7.9.10:1.6.3-133.25.10:78.0.10.6-0.3.10:78.2.6.30.1_2.6.27.37_0.1-0.7.10:1.17-77.12.10:1.23-4.1.10:1.3.4-12.19.10:1.0.4-157.15.10:3.12.8-1.2.10:4.8.6-1.2.10:1.2.3-106.340:2.0-11.20.10:2.4.12-7.19.10:5.0.67-13.26.10:0.9.8h-30.13.10:1.2.31-5.11.10:1.2.31-5.18.10:0.10.1-1.37.10:0.10.1-1.30.50:2.6.0-8.8.6.10:2.6.0-8.9.6.20:4.4.3-12.11.10:1.0.17-172.14.10:1.0.beta2-6.1.10:3.8.2-141.7.10:128-13.2.10:0.4.6-14.63.10:2.7.1-10.11.10:2.02.39-18.26.30:2.0.2-2.15.10:4.8.2-1.1.10:1.9.0.9-0.1.10:1.9.1.15-0.5.10:4.2.4p6-1.17.10:2.0.870-26.6.10:1.2.0-172.10.7.10:0.9.8h-30.14.10:0.9.8h-30.18.10:2.6.16-1.32.10:1.22.1-3.17.30:1.4.102-1.31.10:5.10.0-64.43.10:1.16-3.2.10:1.7-37.18.10:4.4.2.3-37.18.10:8.3.7-0.1.10:0.24.5-5.7.10:0.8.4-194.19.10:0.99.10-17.17.10:8.14.3-50.20.10:1.8.7.p72-5.22.10:4.2.8-1.23.10:0.7.1-42.5.10:0.9.0-1.27.10:0.5.2-128.18.10:2.1.1.2-2.10:1.0.5-1.26.10:0.5-15.16.10:0.4.6-14.60.160:0.5.2-8.47.850:0.5.3-66.42.130:0.0.3-3.57.130:0.3.27-0.1.150:3.3.1_18546_24-0.3.70:3.3.1_18546_24_2.6.27.45_0.3-0.3.70:2.8.1-238.27.10:2.17.21-0.1.10:0.2.10-64.65.10:24.6.0esr-0.3.10:24-0.4.10.240:3.16.1-0.3.10:6.4.3.6-7.24.10:7.7-5.12.380:10.0.5-0.3.60:3.13.5-0.4.20:4.9.1-0.5.10:24.5.0esr-0.3.10:24-0.4.10.140:3.16-0.3.10:0.7.1_git20090811-3.9.9.50:0.7.1-5.15.7.50:0.6.9-4.5.40:0.7.1-5.15.11.10:11-6.38.10:2.2.12-1.30.10:5.2.14-0.7.30.42.10:3.3.1-147.24.10:2.1a15-131.23.2.10:3.2-147.12.10:5.2-147.12.10:9.6ESVR7P2-0.3.10:9.6ESVR11W1-0.6.10:9.6ESVR11W1-0.9.10:2.0.1-1.34.10:3.4.3-1.40.30:1.34b-11.28.40.30:0.97.5-0.2.10:2.3.37-0.11.10:2.4.20-0.11.10:6.12-32.26.10:7.19.7-1.20.27.90:1.2.10-3.19.10:1.2.10-3.17.10:0.76-34.7.10:3.1.3.ESV-0.17.10:7-0.6.7.70:0.6.3-5.6.50:10.0.4-0.3.30:3.13.4-0.2.10:10.0.6-0.4.10:7-0.6.7.700:10.0.12-0.4.30:7-0.6.7.1030:7-0.6.9.200:17.0.10esr-0.4.2.10:7-0.6.9.600:24.3.0esr-0.4.2.20:24-0.4.10.40:4.7.2_20130108-0.16.10:3.15.4-0.4.2.10:4.10.2-0.3.20:24.7.0esr-0.3.10:3.16.2-0.3.10:24.8.0esr-0.3.10:3.16.4-0.3.10:31.3.0esr-0.3.10:31.4.0esr-0.3.10:3.17.3-0.3.10:31.5.3esr-0.3.10:38.2.1esr-17.10:31.2.0esr-0.11.11.10:31.0-0.5.5.10:3.17.2-0.3.10:2.3.7-25.30.10:2.24.0-24.28.10:2.11.1-0.34.10:2.11.1-0.32.10:3.0.3-0.4.10:11-1.18.10:3.2.8-0.4.10:2.4.1-24.39.39.10:2.18.9-0.20.18.10:4.3.5-0.2.10:1.4.19-0.7.60:1.4.19_2.6.32.19_0.2-0.7.60:1.900.1-134.11.10:1.4.2_sr13.12-0.2.10:1.6.0_sr10.1-0.3.10:1.14.1-16.27.10:0_2.6.32.59_0.3-0.3.920:0_2.6.32.59_0.3-7.9.590:0_2.6.32.59_0.3-0.18.160:1.4.19_2.6.32.19_0.3-0.7.80:2.6.32.59-0.7.10:2.6.32.59-0.3.10:2.0.5_2.6.32.19_0.3-7.10.10:4.0.3_21548_16_2.6.32.59_0.15-0.5.260:2.6.32.24-0.2.20:0.12.5-1.20.10:0.12.5-1.30.20:1.4.1-6.10.10:0.1-20.2.10:2.4.20-0.5.10:5.0.96-0.4.10:0.9.8j-0.44.10:7.4-8.26.3.10:1.2.31-5.13.10:1.4.18-28.23.20:0.29.6-6.5.10:5.4.2.1-8.12.10.10:2.28.2-0.3.10:3.8.2-141.148.10:0.7.6-1.25.10:2.7.6-0.19.10:1.1.24-19.19.10:7.3.6-65.66.10:2.02.39-18.31.20:3.15-2.14.10:38.2.0esr-10.10:31.0-0.5.7.110:4.7.2_20130108-0.37.20:3.19.2.0-0.7.10:1.9.1.19-0.2.10:3.0.6-1.23.10:1.2.1-2.18.10:3.12.11-3.2.2.10:4.8.9-1.2.2.10:4.2.4p8-1.29.32.10:1.5.2-0.9.13.10:1.5.2_2.6.32.46_0.3-0.9.13.10:1.2.0-172.15.10:5.1p1-41.55.10:0.9.8h-27.3.10:2011.6.28-0.3.10:1.0.4-0.7.10:1.4.102-1.31.20:2.6.32.46-2.5.3.10:2.33-2.80:5.816-2.17.10:1.7-37.29.33.10:4.4.2.3-37.29.33.10:2.5.6-5.8.10:8.3.20-0.4.10:9.1-0.6.10.10:8.3.18-0.3.10:2.6.17-0.3.10:1.0.22-3.13.10:2.6.8-0.13.10:2.6-8.13.20:0.99.15-0.10.10:3.16-50.36.36.20:3.0.4-2.36.20:1.8.7.p72-5.28.10:4.4.0-6.13.10:1.7.6p2-0.2.8.10:1.20-0.10.10:0.71.31-0.7.10:0.9.10-0.8.10:2.16-6.11.10:2.28.1-2.3.10:2.0.7-4.21.10:1.4.13-0.2.10:4.0.3_21548_18-0.21.10:4.0.3_21548_18_2.6.32.59_0.19-0.21.10:4.0.3_21548_18-29.10:4.0.3_21548_18_2.6.32.59_0.19-29.10:0.7.6-1.21.10:0.4.30-0.3.20:4.0.1_21326_08-0.5.10:4.0.1_21326_08_2.6.32.36_0.5-0.5.10:0.4.31-0.3.50:4.0.2_21511_02-0.7.10:4.0.2_21511_02_2.6.32.43_0.4-0.7.10:0.7.6-1.29.20:1.1.3-1.5.10:4.0.3_21548_02-0.5.20:4.0.3_21548_02_2.6.32.54_0.3-0.5.20:4.0.3_21548_04-0.9.10:4.0.3_21548_04_2.6.32.59_0.5-0.9.10:0.4.34-0.3.10:4.0.3_21548_08-0.7.10:4.0.3_21548_08_2.6.32.59_0.7-0.7.10:4.0.3_21548_10-0.5.10:4.0.3_21548_10_2.6.32.59_0.7-0.5.10:4.0.3_21548_16-0.5.10:4.0.3_21548_16_2.6.32.59_0.9-0.5.10:4.0.3_21548_18-0.15.10:4.0.3_21548_18_2.6.32.59_0.19-0.15.10:4.0.3_21548_18-0.25.10:4.0.3_21548_18_2.6.32.59_0.19-0.25.10:7.4-9.39.10:7.4-27.40.52.10:7.4-8.26.42.40:7.4-1.18.160:7.4-1.22.5.150:7.4_0.11.0-0.4.6.10:7.4-27.40.50.10:3.02-138.29.20:3.02-138.36.10:2.17.35.3-0.3.10:1.3.21-0.3.10:10.0.2-0.4.10:1.6.0_sr10.0-0.3.10:0.9.8j-0.28.10:1.2.31-5.27.10:2.6.12-0.12.10:38.8.0esr-40.10:45.3.0esr-48.10:45.0-20.380:2.11.0-4.20:3.21.1-26.20:4.12-25.20:45.4.0esr-52.10:45.6.0esr-66.10:4.1.6_08-17.10:4.1.6_08_3.0.101_0.7.29-17.10:1.0.8-0.4.7.10:3.2-147.14.22.10:5.2-147.14.22.10:1.34b-12.33.39.10:4.2.4.P2-0.11.15.10:38.3.0esr-20.10:38.4.0esr-25.30:38-12.190:3.19.2.1-12.10:38.7.0esr-36.30:3.20.2-20.10:4.12-19.10:2.11.3-17.45.66.10:3-0.5.10:1.1.1-1.35.10:1.6.0_sr16.0-0.3.10:1.6.0_sr16.20-49.10:1.6.0_sr16.25-69.10:1.7.0_sr7.0-0.5.10:1.7.0_sr9.30-45.10:1.7.0_sr9.40-52.10:3.0.101-0.7.47.10:3.0.101-0.7.53.10:3.0.101-0.7.37.10:3.0.101-0.7.40.10:3.0.101-0.7.44.10:0.15.1-0.32.20:1.34b-12.24.40:3.16.5-0.4.2.10:2.7.6-0.44.40:45.5.1esr-63.10:3.21.3-30.10:38.6.1esr-33.10:38-15.580:3.20.2-17.50:2.12-24.4.8.10:4.2.8p6-41.10:2.17.14.1-1.12.10:4.2.8p7-44.10:4.2.8p8-47.30:5.1p1-41.69.10:5.1p1-41.69.40:2.6.16-1.40.10:5.2.14-0.7.30.72.10:5.2.14-0.7.30.89.10:5.3.17-47.10:5.3.17-55.10:5.3.17-58.10:1.34b-45.20:3.6.3-45.20:1.34b-48.20:3.6.3-48.20:1.34b-52.10:3.6.3-52.10:1.34b-56.10:3.6.3-56.10:4.36-0.12.10:6.0.18-20.35.42.10:4.1.6_08-0.11.10:4.1.6_08-0.5.10:4.1.6_08_3.0.101_0.7.23-0.5.10:4.1.6_08-20.10:4.1.6_08_3.0.101_0.7.37-20.10:4.1.6_08-26.10:4.1.6_08_3.0.101_0.7.37-26.10:4.1.6_08-29.10:4.1.6_08_3.0.101_0.7.40-29.10:4.1.6_08-32.10:4.1.6_08_3.0.101_0.7.44-32.10:4.1.6_06-0.5.10:4.1.6_06_3.0.101_0.7.17-0.5.10:4.1.6_08-0.9.10:4.1.6_08_3.0.101_0.7.29-0.9.10:4.1.6_08-0.13.10:4.1.6_08_3.0.101_0.7.29-0.13.10:4.1.6_08-23.10:4.1.6_08_3.0.101_0.7.37-23.10:1.34b-12.52.50:38-10.270:31.0-0.5.10:31.0-0.7.50:0.7.3-1.13.10:3.2.2-88.36.10:1.6.0_sr16.20-51.10:1.7.0_sr9.30-47.10:3.0.101-0.47.79.10:3.0.101-0.47.106.14.10:1.4.20_3.0.101_0.40-0.38.830:1.5.4.1_3.0.101_0.40-0.13.890:2.0.5_3.0.101_0.40-7.39.890:1.6.3-133.49.97.30:1.6.3-133.49.68.20:1.4.2-46.10:2.3.37-2.35.10:2.3.37-2.62.20:1.2.16-0.13.10:2.6.1-0.14.10:1.34b-76.10:3.6.3-76.20:1.34b-12.56.10:1.34b-64.10:2.7.STABLE5-2.12.24.20:1.3.3-12.2.10:2.0.7-4.29.10:4.2.5_20-24.90:4.2.5_20_3.0.101_0.47.79-24.90:0.9.svn1043876-1.3.150:3.6_SVNr208-2.18.3.10:0.114-12.8.3.10:0.114-0.8.3.10:2.5.69.8-11.20:2.1.12-14.20:8.12-6.25.33.3.10:2.71-0.16.30:2.78-0.17.5.10:3.0.26-3.10:2.28.0-3.11.12.20:0.10.30-5.14.10:1-0.81.3.20:0.7.3-1.38.3.10:1.1.1-234.31.10:3.0.101-80.10:3.0.101-88.10:3.0.101-94.10:3.0.101-97.10:3.0.101-104.20:3.0.101-108.7.10:3.0.101-108.13.10:3.0.101-108.18.10:3.0.101-108.21.10:3.0.101-108.24.10:20110923-0.59.3.10:3.0.101-77.10:3.0.101-84.10:3.0.101-107.10:3.0.101-108.10.10:1.4.2-44.10:1.4.2-47.10:1.4.2-50.10:1.4.2-59.10:1.4.2-60.3.10:1.4.2-60.6.10:1.4.2-60.9.10:1.14.0.894-3.10:1.7.0-1.3.3.10:1.7.0-1.3.6.10:1.3.3-12.4.10:1.2.5-4.20:2.7.6-0.40.30:2.7.6-0.50.40:2.7.6-0.64.40:2.7.6-0.76.40:2.7.6-0.77.3.50:3.0.101-91.10:3.0.101-100.10:2.3-27.24.6.20:4.2.8p9-57.20:4.2.8p10-63.10:4.2.8p11-64.4.10:10.1.0-7.10:6.6p1-21.10:6.6p1-21.30:6.6p1-28.10:6.6p1-28.20:6.6p1-35.10:6.6p1-35.40:0.2808.01-0.80.10:0.72-0.80.10:0.2808.01-0.81.3.10:0.72-0.81.3.10:0.2808.01-0.81.10.10:0.72-0.81.10.10:2.0.79-4.8.10:2.0.79-4.9.3.30:9.4-0.5.3.10:3.22-240.8.3.10:2.7.26-0.5.3.10:3.0.4-2.52.10:3.0.4-2.53.3.10:3.0.4-2.53.6.10:0.12.21~rc-936.3.10:1.34b-67.20:1.34b-87.10:1.34b-94.11.10:2.7.STABLE5-2.12.29.10:3.1.23-8.16.30.10:3.1.23-8.16.36.10:3.1.23-8.16.37.3.10:1.4-13.10.10:4.4.0-6.29.20:4.4.0-6.35.10:4.4.0-6.36.3.10:1.7.6p2-0.29.10:1.20-121.10:1.26-1.2.10.10:20120115_1.7.0-0.5.5.10:3.9.8-1.29.10:3.9.8-1.30.5.10:6.0.45-0.53.20:6.0.41-0.47.10:6.0.45-0.50.10:3.2.5-160.3.20:5.6.1-5.3.10:6.00-11.17.10:6.00-11.18.3.10:7.2-8.17.10:7.2-8.20.80:0.5.3.git20161120-4.10:4.4.4_07_3.0.101_77-37.10:4.4.4_08_3.0.101_80-40.20:4.4.4_10_3.0.101_88-43.50:4.4.4_12_3.0.101_91-46.10:4.4.4_14_3.0.101_94-51.10:4.4.4_16_3.0.101_97-54.10:4.4.4_18_3.0.101_97-57.10:4.4.4_20_3.0.101_104-60.30:4.4.4_22_3.0.101_108.7-61.9.20:4.4.4_24_3.0.101_108.10-61.12.10:4.4.4_26_3.0.101_108.13-61.17.10:4.4.4_28_3.0.101_108.35-61.23.20:4.3.6-67.9.3.10:1.6.3-133.49.56.10:3.9.8-3.7.10:0_2.6.27.39_0.3-7.1.220:2.6.27.39-0.3.10:0.9.8j-0.32.10:5.0.67-13.16.10:1.4.2_sr13.1-0.1.10:3.5.10-0.1.10:1.9.0.13-1.1.10:1.9.1.10-1.1.10:3.0.7-1.1.40:1.9.0.7-1.1.40:1.0.17-172.13.10:1.6.0_sr7.0-1.1.10:8.62-32.22.20:4.2.7-32.22.20:0.9.8h-30.12.10:3.0.9-0.1.10:0_2.6.27.21_0.1-7.1.20:2.6.27.21-0.1.20:2.6.27.21-0.1.10:9.5.0P2-20.3.10:4.2.8-1.22.10:0.10.1-1.31.10:3.0.8-1.1.10:1.9.0.8-1.1.10:1.4.2_sr13.2-0.1.10:3.0.12-0.1.20:1.9.0.12-1.1.10:2.2.10-2.21.10:0.95-0.2.10:5.2.6-50.19.10:0_2.6.27.25_0.1-7.1.120:2.6.27.25-0.1.10:0_2.6.27.48_0.1-7.1.330:2.6.27.48-0.1.10:3.0.11-0.1.10:1.9.0.11-1.1.10:3.5.4-1.1.20:1.9.0.15-0.1.20:1.9.1.4-2.1.30:3.5.8-0.1.10:1.9.0.18-0.1.10:1.9.1.8-1.1.10:3.2.7-11.7.10:1.34b-11.7.10:2.6.16-1.33.10:4.2.8-1.24.10:78.0.10.5-0.2.10:78.2.6.30.1_2.6.27.25_0.1-0.2.10:3.12.3.1-1.1.10:0_2.6.27.29_0.1-7.1.130:2.6.27.29-0.1.10:2.4.12-7.18.10:1.5.17-42.32.20:2.7.1-10.9.10:7.19.0-11.22.10:1.6.0_sr6-1.1.10:1.0.5-1.31.10:2.6.0-8.8.1.10:2.6.0-8.9.1.10:3.0.13-0.1.20:4.2.8-1.27.20:5.2.6-50.23.10:3.2.7-11.8.20:1.34b-11.8.20:1.3.9-8.20.10:0_2.6.27.37_0.1-7.1.180:2.6.27.37-0.1.10:3.5.3-1.1.10:1.9.0.14-1.1.10:1.9.1.3-1.1.10:0_2.6.27.42_0.1-7.1.240:2.6.27.42-0.1.10:8.3.8-0.1.10:0.9.8h-30.22.21.10:2.18.2-7.9.10:1.6.3-133.26.10:2.7.2-61.15.10:3.5.6-1.1.10:1.9.1.6-1.1.10:2.4.1-24.32.10:1.4.2_sr13.4-1.6.10:3.12.6-3.1.10:1.9.1.9-1.1.10:1.4.2_sr13.6-1.6.10:1.6.0_sr9.0-0.2.10:4.2.4p6-1.18.10:2.0.1-88.22.10:0_2.6.27.45_0.1-7.1.260:2.6.27.45-0.1.10:1.9.0.16-0.1.10:9.5.0P2-20.4.10:8.62-32.27.26.10:4.2.7-32.27.26.10:2.4.1-24.39.49.10:2.11.1-0.30.10:1.4.2_sr13.5-0.1.10:1.6.0_sr8.0-0.1.20:1.6.0_sr8.0-0.7.10:3.6.13-0.7.10:1.9.1.16-0.1.10:1.9.2.13-1.7.10:3.5.7-1.1.10:1.9.0.17-0.1.10:1.9.1.7-1.1.10:2.11.1-0.18.20:5.2.14-0.1.10:1.3.9-8.37.10:3.2.7-11.9.10:1.34b-11.9.10:3.5.11-0.1.10:8.3.11-0.1.10:0.9.10-0.6.10:5.10.0-64.44.10:5.10.0-64.48.10:0.7.0.r4359-15.20.10.120:0.7.0.r4359-15.25.10:0_2.6.32.13_0.4-0.3.30:0_2.6.32.59_0.7-0.3.1070:0_2.6.32.13_0.4-7.3.30:0_2.6.32.59_0.7-7.9.740:0_2.6.32.59_0.7-0.18.200:2.6.32.13-0.4.10:1.6.3-133.33.10:1.4.2_sr13.8-1.5.10:1.4.2_sr13.8-0.3.10:1.6.3-133.39.10:2.2.10-2.30.10:1.4.4-0.2.10:3.6.15-0.2.10:1.9.1.17-0.2.10:1.9.2.15-0.2.10:2.6.0-8.10.10:0.96.1-0.1.10:0_2.6.32.13_0.5-0.3.90:0_2.6.32.13_0.5-7.3.90:2.6.32.13-0.5.10:0.99.15-0.4.10:2.3.7-25.11.10:1.7-37.25.10:4.4.2.3-37.25.10:3.2.7-11.20.10:1.34b-11.20.10:2.1.0.0_2.6.33.7.2_rt30_0.3-0.2.90:1.4.19_2.6.33.7.2_rt30_0.3-0.7.260:2.6.33.7.2-0.3.10:1.4.2_2.6.33.7.2_rt30_0.3-0.14.10:0.7.6-1.12.20:7.4-27.24.10:0_2.6.32.19_0.2-0.3.150:0_2.6.32.19_0.2-7.3.150:2.6.32.19-0.2.10:4.3.4-3.4.10:3.6.10-1.6.10:1.9.2.10-1.1.10:5.10.0-64.53.10:0_2.6.27.54_0.2-7.1.430:2.6.27.54-0.2.10:0.9.8h-30.22.22.10:0.9.8h-30.28.10:0_2.6.32.29_0.3-0.3.340:0_2.6.32.29_0.3-7.9.20:2.6.32.29-0.3.10:0.99.10-17.18.10:0.99.15-0.2.10:0_2.6.32.23_0.3-0.3.200:0_2.6.32.23_0.3-7.3.200:2.6.32.23-0.3.10:0_2.6.32.19_0.3-0.3.160:0_2.6.32.19_0.3-7.3.160:2.6.32.19-0.3.10:0_2.6.27.48_0.12-7.1.400:2.6.27.48-0.12.10:0_2.6.32.24_0.2-0.3.220:0_2.6.32.24_0.2-7.3.220:2.6.32.24-0.2.10:2.3.7-25.17.10:3.4.3-1.19.10:1.34b-11.19.10:3.6.12-0.6.10:1.9.1.11-0.1.150:0.96.4-0.2.10:0_2.6.32.27_0.2-0.3.290:0_2.6.32.27_0.2-7.3.290:2.6.32.27-0.2.20:5.2.14-0.7.13.10:2.3.7-25.24.10:5.0.94-0.2.2.10:2.11.1-0.20.10:0.9.8h-30.22.28.10:0.9.8h-30.29.10:2.1.0.0_2.6.33.20_rt31_0.3-0.2.340:1.4_2.6.33.20_rt31_0.3-2.5.280:8.3.11_2.6.33.20_rt31_0.3-0.3.280:1.4.19_2.6.33.20_rt31_0.3-0.9.11.20:2.6.33.20-0.3.10:1.6_2.6.33.20_rt31_0.3-0.4.2.280:1.5.2_2.6.33.20_rt31_0.3-0.9.13.150:1.4_3.0.74_rt98_0.6.2-2.18.370:8.4.2_3.0.74_rt98_0.6.2-0.6.6.280:1.4.20_3.0.74_rt98_0.6.2-0.23.340:3.0.74.rt98-0.6.2.10:2.0.4_3.0.74_rt98_0.6.2-0.7.300:1.6_3.0.74_rt98_0.6.2-0.11.360:1.5.2_3.0.74_rt98_0.6.2-0.28.28.80:0_2.6.32.54_0.3-0.3.730:0_2.6.32.54_0.3-7.9.400:2.6.32.54-0.3.10:0_2.6.32.36_0.5-0.3.400:0_2.6.32.36_0.5-7.9.80:2.6.32.36-0.5.20:2.1.0.0_2.6.33.18_rt31_0.3-0.2.240:1.4_2.6.33.18_rt31_0.3-2.5.60:8.3.11_2.6.33.18_rt31_0.3-0.3.60:1.4.19_2.6.33.18_rt31_0.3-0.7.480:2.6.33.18-0.3.10:1.6_2.6.33.18_rt31_0.3-0.4.2.60:0_2.6.32.45_0.3-0.3.540:0_2.6.32.45_0.3-7.9.210:2.6.32.45-0.3.10:2.7.6-0.3.10:5.2.14-0.7.22.10:0.9.8h-30.30.10:3.9.8-3.5.10:1.6.0_sr9.1-1.5.10:1.4.2_sr13.9-0.4.10:1.4.2_sr13.9-0.3.10:2.7.6-0.7.10:2.11.1-0.50.10:0_2.6.32.59_0.13-0.3.1630:0_2.6.32.59_0.13-7.9.1300:0_2.6.32.59_0.13-0.18.390:2.6.32.59-0.19.10:2.6.32.59-0.15.20:4.0.3_21548_18_2.6.32.59_0.19-0.9.170:0.9.8h-30.32.10:3.6.17-0.2.10:1.9.2.17-0.3.10:3.6.18-0.2.10:1.9.2.18-1.2.10:3.6.20-0.2.10:1.9.2.20-1.2.10:3.8.2-141.16.10:2.3.7-25.26.10:1.6.3-133.46.10:2.5.6-5.6.10:3.4.3-1.21.10:1.6.0_sr9.2-0.4.10:1.4.2_sr13.10-0.3.10:3.2.3-44.22.10:3.1.3.ESV-0.9.10:0.97-5.2.10:0_2.6.32.43_0.4-0.3.500:0_2.6.32.43_0.4-7.9.170:2.6.32.43-0.4.10:5.2.14-0.7.30.34.10:3.0.26-0.7.60:1.4_3.0.26_0.7-2.10.130:2_3.0.26_0.7-0.7.130:1.6_3.0.26_0.7-0.7.130:0_2.6.32.59_0.9-0.3.1510:0_2.6.32.59_0.9-7.9.1180:0_2.6.32.59_0.9-0.18.370:2.6.32.59-0.9.10:5.2.14-0.7.30.46.10:5.3.8-0.39.10:1.0.22-3.5.10:0_2.6.32.49_0.3-0.3.660:0_2.6.32.49_0.3-7.9.330:2.6.32.49-0.3.10:1.4.4-0.4.10:0.12.5-1.8.10:2.3.11-60.61.10:2.7.6-0.9.10:0.9.8h-30.34.10:1.4.4-0.6.10:0.12.5-1.16.10:3.6.24-0.3.10:9.6ESVR4P3-0.2.10:3.4.3-1.32.10:1.34b-11.27.32.10:0.97.2-1.2.10:3.1.3.ESV-0.13.10:2.7.6-0.11.10:0_2.6.32.46_0.3-0.3.570:0_2.6.32.46_0.3-7.9.240:2.6.32.46-0.3.10:3.6.23-0.3.10:1.9.2.23-1.2.10:1.2.31-5.29.10:2.7.6-0.17.10:2.2.12-1.18.10:3.1.12-8.8.10:2.3.11-60.63.10:0.9.8h-30.42.10:1.7-37.29.29.10:4.4.2.3-37.29.29.10:1.4.2_sr13.11-0.5.10:1.4.2_sr13.11-0.3.10:1.4.2_sr13.12-0.3.10:1.9.2.26-0.3.10:2.6.12-0.6.10:1.1.24-19.17.10:5.3.8-0.23.10:9.6ESVR5P1-0.2.4.10:1.4.20-2.46.100:2.0.10-0.34.10:2.2.12-1.36.10:1.4.11-0.2.2.10:10.0.3-0.7.10:3.13.3-0.2.10:4.9.0-0.3.10:10.0.1-0.4.10:1.6.0.0_b24.1.11.4-0.3.10:1.7.0_sr2.0-0.5.10:1.6.0_sr11.0-0.3.10:3.6.3-0.22.10:1.34b-12.22.10:2.7.6-0.15.10:3.0.58-0.6.2.10:4.1.3_06_3.0.58_0.6.2-0.7.160:1.4_3.0.58_0.6.2-2.18.180:2_3.0.58_0.6.2-0.7.530:1.6_3.0.58_0.6.2-0.11.170:5.2.14-0.7.30.38.10:5.3.8-0.27.10:3.8.2-141.144.10:3.4.3-1.38.10:1.34b-11.28.38.10:9.5.3-0.2.10:9.4.6-0.4.2.40:1.6.0.0_b24.1.11.5-0.2.10:1.4.2_sr13.14-0.2.10:1.6.0_sr12.0-0.5.10:1.7.0_sr3.0-0.5.10:1.6.0_sr13.0-0.8.10:1.7.0_sr4.0-0.6.10:1.4.12-0.3.20:3.0.51-0.7.9.10:1.4_3.0.51_0.7.9-2.18.120:2_3.0.51_0.7.9-0.7.470:1.6_3.0.51_0.7.9-0.11.110:9.6ESVR7P1-0.5.10:9.6ESVR7P1-0.2.5.10:1.4.2_sr13.13-0.2.10:2.6.12-0.14.10:3.8.2-141.146.10:0.9.8j-0.36.10:3.0.34-0.7.90:1.4_3.0.34_0.7-2.10.300:2_3.0.34_0.7-0.7.300:1.6_3.0.34_0.7-0.7.300:3.0.31-0.9.10:1.4_3.0.31_0.9-2.10.230:2_3.0.31_0.9-0.7.230:1.6_3.0.31_0.9-0.7.230:3.0.74-0.6.6.20:4.1.4_02_3.0.74_0.6.6-0.5.220:1.4_3.0.74_0.6.6-2.18.360:2_3.0.74_0.6.6-0.7.690:1.6_3.0.74_0.6.6-0.11.350:5.3.8-0.33.20:0.9.8j-0.38.10:5.2.14-0.7.30.40.10:3.0.101-0.35.10:4.2.4_02_3.0.101_0.35-0.7.450:1.4_3.0.101_0.35-2.27.780:2_3.0.101_0.35-0.16.840:1.6_3.0.101_0.35-0.20.780:1.4_3.0.61_rt85_0.7-2.18.230:8.4.2_3.0.61_rt85_0.7-0.6.6.140:1.4.20_3.0.61_rt85_0.7-0.23.200:3.0.61.rt85-0.7.10:2.0.4_3.0.61_rt85_0.7-0.7.190:1.6_3.0.61_rt85_0.7-0.11.220:1.5.2_3.0.61_rt85_0.7-0.26.220:1.4_3.0.101_rt130_0.24-2.27.790:8.4.4_3.0.101_rt130_0.24-0.22.450:1.4.20_3.0.101_rt130_0.24-0.38.640:3.0.101.rt130-0.24.10:2.1.1_3.0.101_rt130_0.24-0.11.570:1.6_3.0.101_rt130_0.24-0.20.790:1.5.4.1_3.0.101_rt130_0.24-0.13.700:5.3.8-0.35.10:3.0.42-0.7.30:1.4_3.0.42_0.7-2.18.70:2_3.0.42_0.7-0.7.420:1.6_3.0.42_0.7-0.11.60:3.0.38-0.5.10:1.4_3.0.38_0.5-2.16.10:2_3.0.38_0.5-0.7.370:1.6_3.0.38_0.5-0.7.370:2.11.3-17.43.10:1.4-0.5.10:1.4-0.10.10:2.3.14-0.14.10:0.15.1-0.23.10:1.2.10-3.25.20:4.2.4.P1-0.5.10:9.6ESVR7P2-0.8.10:4.2.4.P2-0.5.10:1.4.15-0.2.10:9.6ESVR7P3-0.9.10:9.6ESVR7P3-0.2.10:3.0.101-0.46.10:4.2.5_02_3.0.101_0.46-0.7.90:1.4_3.0.101_0.42-2.27.1150:2_3.0.101_0.42-0.16.1210:1.6_3.0.101_0.42-0.20.1150:1.4_3.0.101_rt130_0.32-2.27.1210:8.4.4_3.0.101_rt130_0.32-0.22.870:1.4.20_3.0.101_rt130_0.32-0.38.1060:3.0.101.rt130-0.32.10:2.1.1_3.0.101_rt130_0.32-0.11.960:1.6_3.0.101_rt130_0.32-0.20.1210:1.5.4.1_3.0.101_rt130_0.32-0.13.1120:3.0.101-0.7.29.10:3.0.101-0.7.23.10:4.1.6_08_3.0.101_0.7.29-0.5.190:4.1.6_06_3.0.101_0.7.23-0.5.300:2.11.3-17.56.20:2.11.1-0.58.10:3.8.2-141.150.10:1.8.7.p357-0.9.15.60:4.6.3-5.18.10:2.7.6-0.21.10:9.6ESVR7P4-0.8.10:9.6ESVR7P4-0.2.3.10:11.2.202.243-0.3.10:11.2.202.251-0.3.10:4.1.3_06-0.7.10:4.1.3_06_3.0.51_0.7.9-0.7.10:1.8.4-0.3.10:5.5.42-0.8.10:11.2.202.258-0.3.10:2.0.9-25.33.33.10:2.0.9-25.33.33.50:2.0.9-25.33.37.60:3.6.3-0.46.10:3.4.3-1.52.30:1.34b-11.28.52.30:1.34b-12.46.10:2.6.32.59-0.13.10:2.11.3-17.80.30:2.11.1-0.62.10:2.11.3-17.45.53.10:3.0.80-0.5.10:4.1.5_02_3.0.80_0.5-0.5.50:3.0.82-0.7.90:4.2.2_04_3.0.82_0.7-0.9.30:1.4_3.0.80_0.5-2.18.450:2_3.0.80_0.5-0.7.760:1.6_3.0.80_0.5-0.11.440:1.4_3.0.82_0.7-2.25.30:2_3.0.82_0.7-0.16.30:1.6_3.0.82_0.7-0.18.30:1.4_3.0.80_rt108_0.5-2.18.470:8.4.2_3.0.80_rt108_0.5-0.6.6.380:1.4.20_3.0.80_rt108_0.5-0.23.440:3.0.80.rt108-0.5.10:2.0.4_3.0.80_rt108_0.5-0.7.350:1.6_3.0.80_rt108_0.5-0.11.460:1.5.2_3.0.80_rt108_0.5-0.28.28.180:0.9.7g-146.22.25.10:0.9.8j-0.72.10:0.9.7g-146.22.29.10:1.6.0.0_b27.1.12.3-0.2.10:0.9.6-0.25.10:3.6.3-0.30.10:3.4.3-1.42.110:1.34b-12.30.10:9.1.8-0.5.10:1.6.0.0_b27.1.12.5-0.2.10:1.6.0_sr13.2-0.3.10:1.7.0_sr4.2-0.6.10:1.6.0.0_b27.1.12.2-0.2.10:1.4.2_sr13.15-0.3.10:1.4.2_sr13.16-0.2.10:11.2.202.273-0.3.10:11.2.202.261-0.3.10:11.2.202.262-0.3.10:11.2.202.270-0.3.10:9.5.4-0.3.10:9.4.6-0.4.3.10:11.2.202.275-0.3.10:17.0.3esr-0.4.4.10:1.6.0.0_b27.1.12.4-0.2.10:3.0.58-0.6.6.10:4.1.3_06_3.0.58_0.6.6-0.7.220:1.4_3.0.58_0.6.6-2.18.220:2_3.0.58_0.6.6-0.7.560:1.6_3.0.58_0.6.6-0.11.210:3.0.93-0.5.10:4.1.5_02_3.0.93_0.5-0.5.390:3.0.93-0.8.20:4.2.2_06_3.0.93_0.8-0.7.170:1.4_3.0.93_0.5-2.18.610:2_3.0.93_0.5-0.7.910:1.6_3.0.93_0.5-0.11.600:1.4_3.0.93_0.8-2.27.80:2_3.0.93_0.8-0.16.140:1.6_3.0.93_0.8-0.20.80:1.4_3.0.93_rt117_0.5-2.18.620:8.4.2_3.0.93_rt117_0.5-0.6.6.530:1.4.20_3.0.93_rt117_0.5-0.25.25.10:3.0.93.rt117-0.5.10:2.0.4_3.0.93_rt117_0.5-0.7.440:1.6_3.0.93_rt117_0.5-0.11.610:1.5.2_3.0.93_rt117_0.5-0.28.28.330:1.4_3.0.93_rt117_0.9-2.27.160:8.4.3_3.0.93_rt117_0.9-0.19.70:1.4.20_3.0.93_rt117_0.9-0.38.10:3.0.93.rt117-0.9.10:2.1.1_3.0.93_rt117_0.9-0.11.60:1.6_3.0.93_rt117_0.9-0.20.160:1.5.4.1_3.0.93_rt117_0.9-0.13.70:11.2.202.280-0.3.10:1.4.2_sr13.17-0.2.10:1.6.0.0_b27.1.12.6-0.2.10:1.7.0.6-0.19.20:1.6.0_sr14.0-0.3.10:1.7.0_sr5.0-0.5.10:1.8.5-0.2.10:0.24.4-0.13.10:5.2.14-0.7.30.48.10:5.3.8-0.41.10:17.0.8esr-0.4.2.10:17.0.8esr-0.7.20:1.7.6p2-0.2.12.50:1.6.17-1.15.10:5.5.33-0.11.10:5.0.96-0.6.90:2.2.12-1.40.70:7.4-27.70.72.10:7.4-27.40.70.10:7.19.7-1.20.25.10:1.6.17-1.17.10:7.4-8.26.36.10:7.4-8.26.38.10:1.4.2-0.11.10:2.6.16-1.38.10:3.0.74-0.6.8.10:4.1.4_02_3.0.74_0.6.8-0.5.260:1.4_3.0.74_0.6.8-2.18.380:2_3.0.74_0.6.8-0.7.700:1.6_3.0.74_0.6.8-0.11.370:1.4_3.0.74_rt98_0.6.4-2.18.380:8.4.2_3.0.74_rt98_0.6.4-0.6.6.290:1.4.20_3.0.74_rt98_0.6.4-0.23.350:3.0.74.rt98-0.6.4.10:2.0.4_3.0.74_rt98_0.6.4-0.7.310:1.6_3.0.74_rt98_0.6.4-0.11.370:1.5.2_3.0.74_rt98_0.6.4-0.28.28.90:3.0.101-0.15.10:4.2.3_08_3.0.101_0.15-0.7.220:1.4_3.0.101_0.15-2.27.400:2_3.0.101_0.15-0.16.460:1.6_3.0.101_0.15-0.20.400:1.4_3.0.101_rt130_0.10-2.27.370:8.4.4_3.0.101_rt130_0.10-0.22.30:1.4.20_3.0.101_rt130_0.10-0.38.220:3.0.101.rt130-0.10.10:2.1.1_3.0.101_rt130_0.10-0.11.220:1.6_3.0.101_rt130_0.10-0.20.370:1.5.4.1_3.0.101_rt130_0.10-0.13.280:7.19.7-1.20.27.10:7.19.7-1.28.10:3.0.101-0.5.10:4.1.6_02_3.0.101_0.5-0.5.50:3.0.101-0.8.10:4.2.3_02_3.0.101_0.8-0.7.90:1.4_3.0.101_0.5-2.18.690:2_3.0.101_0.5-0.7.980:1.6_3.0.101_0.5-0.11.680:1.4_3.0.101_0.8-2.27.220:2_3.0.101_0.8-0.16.280:1.6_3.0.101_0.8-0.20.220:1.4_3.0.101_rt130_0.5-2.18.710:8.4.2_3.0.101_rt130_0.5-0.6.6.620:1.4.20_3.0.101_rt130_0.5-0.25.25.100:3.0.101.rt130-0.5.10:2.0.4_3.0.101_rt130_0.5-0.9.9.10:1.6_3.0.101_rt130_0.5-0.11.700:1.5.2_3.0.101_rt130_0.5-0.28.28.420:1.4_3.0.101_rt130_0.8-2.27.240:8.4.4_3.0.101_rt130_0.8-0.18.80:1.4.20_3.0.101_rt130_0.8-0.38.90:3.0.101.rt130-0.8.30:3.0.101.rt130-0.8.10:2.1.1_3.0.101_rt130_0.8-0.11.110:1.6_3.0.101_rt130_0.8-0.20.240:1.5.4.1_3.0.101_rt130_0.8-0.13.150:1.8.8-0.2.10:9.5.5-0.3.10:9.4.6-0.4.3.20:11.2.202.285-0.3.10:3.0.74-0.6.10.10:4.1.4_02_3.0.74_0.6.10-0.5.320:1.4_3.0.74_0.6.10-2.18.410:2_3.0.74_0.6.10-0.7.730:1.6_3.0.74_0.6.10-0.11.400:1.4_3.0.74_rt98_0.6.6-2.18.420:8.4.2_3.0.74_rt98_0.6.6-0.6.6.330:1.4.20_3.0.74_rt98_0.6.6-0.23.390:3.0.74.rt98-0.6.6.10:2.0.4_3.0.74_rt98_0.6.6-0.7.330:1.6_3.0.74_rt98_0.6.6-0.11.410:1.5.2_3.0.74_rt98_0.6.6-0.28.28.130:4.4.0-6.17.20:4.4.0-6.17.50:11.2.202.291-0.3.10:11.2.202.297-0.3.10:11.2.202.310-0.3.10:4.0.3_21548_18-0.9.10:4.0.3_21548_18_2.6.32.59_0.15-0.9.10:2.6.18-0.6.10:1.7.0.6-0.21.10:1.8.7.p357-0.9.11.10:5.3.17-0.15.10:3.6.3-0.33.35.10:3.4.3-1.46.20:3.6.3-0.42.10:1.34b-12.33.35.10:1.34b-12.42.10:5.2.14-0.7.30.54.10:5.3.17-0.17.10:1.6.17-1.21.30:1.0.5.6-0.7.10:5.5.37-0.7.10:5.0.96-0.6.110:3.0.101-0.7.15.10:4.1.6_04_3.0.101_0.7.15-0.5.120:1.4_3.0.101_0.7.15-2.18.790:2_3.0.101_0.7.15-0.7.1070:1.6_3.0.101_0.7.15-0.11.780:2.11.3-17.62.10:7.4-27.70.74.10:7.4-27.83.20:3.0.101-0.21.10:4.2.4_02_3.0.101_0.21-0.7.120:1.4_3.0.101_0.21-2.27.540:2_3.0.101_0.21-0.16.600:1.6_3.0.101_0.21-0.20.540:1.4_3.0.101_rt130_0.14-2.27.550:8.4.4_3.0.101_rt130_0.14-0.22.210:1.4.20_3.0.101_rt130_0.14-0.38.400:3.0.101.rt130-0.14.10:2.1.1_3.0.101_rt130_0.14-0.11.360:1.6_3.0.101_rt130_0.14-0.20.550:1.5.4.1_3.0.101_rt130_0.14-0.13.460:3.0.101-0.7.19.10:3.4.3-1.54.10:1.34b-11.28.54.10:3.6.3-0.50.10:1.34b-12.33.41.20:3.6.3-0.33.41.20:3.4.3-1.54.40:1.34b-12.50.10:7.19.7-1.20.29.10:7.19.7-1.30.10:2.6.18-0.14.10:9.9.3P2-0.5.10:1.8.9-0.2.50:11.2.202.327-0.3.10:11.2.202.332-0.3.10:1.7.0.6-0.23.10:1.6.0_sr15.1-0.6.10:1.7.0_sr6.1-0.8.10:1.7.0_sr9.0-0.7.10:1.8.11-0.2.10:1.0.5.8-0.7.10:2.2.12-1.48.10:1.0.5.9-0.7.10:0.98.5-0.5.10:5.3.17-0.35.20:1.7.0.6-0.27.10:1.8.12-0.4.10:2.11.3-17.82.110:2.11.1-0.64.10:2.11.3-17.45.59.10:7.19.7-1.32.10:1.6.17-1.27.20:0.9.8j-0.54.10:0.9.8j-0.58.10:3.1.12-8.16.18.10:1.4.2-0.15.20:3.0.101-0.47.50.10:4.2.5_04_3.0.101_0.47.50-0.7.10:1.4_3.0.101_0.47.50-2.28.1.70:2_3.0.101_0.47.50-0.17.1.70:1.6_3.0.101_0.47.50-0.21.1.70:1.4_3.0.101_rt130_0.33.36-2.28.1.140:8.4.4_3.0.101_rt130_0.33.36-0.23.1.140:1.4.20_3.0.101_rt130_0.33.36-0.39.1.140:3.0.101.rt130-0.33.36.10:2.1.1_3.0.101_rt130_0.33.36-0.12.1.130:1.6_3.0.101_rt130_0.33.36-0.21.1.140:1.5.4.1_3.0.101_rt130_0.33.36-0.14.1.140:1.0.1g-0.16.10:3.0.101-0.29.10:4.2.4_02_3.0.101_0.29-0.7.240:1.4_3.0.101_0.29-2.27.630:2_3.0.101_0.29-0.16.690:1.6_3.0.101_0.29-0.20.630:1.4_3.0.101_rt130_0.16-2.27.650:8.4.4_3.0.101_rt130_0.16-0.22.310:1.4.20_3.0.101_rt130_0.16-0.38.500:3.0.101.rt130-0.16.10:2.1.1_3.0.101_rt130_0.16-0.11.450:1.6_3.0.101_rt130_0.16-0.20.650:1.5.4.1_3.0.101_rt130_0.16-0.13.560:5.3.17-0.27.10:0.12.5-1.26.10:6.0.41-0.45.10:5.3.8-0.45.10:5.3.17-0.23.50:2.11.3-17.68.10:11.2.202.335-0.4.10:11.2.202.341-0.3.10:11.2.202.346-0.3.10:11.2.202.350-0.3.10:11.2.202.359-0.3.10:11.2.202.356-0.3.10:11.2.202.378-0.3.10:11.2.202.394-0.3.10:11.2.202.400-0.3.10:11.2.202.406-0.3.10:11.2.202.411-0.3.10:11.2.202.425-0.3.10:9.6ESVR11W1-0.2.10:6.4.3.6-7.28.10:4.24-43.25.10:1.8.13-0.5.10:5.4.2.1-8.12.20.10:4.4.0-6.23.10:1.7.0.65-0.7.40:3.0.101-0.7.21.10:4.1.6_06_3.0.101_0.7.21-0.5.160:2.4.1-24.39.53.10:1.2.10-3.29.10:0.9.8j-0.62.10:0.9.8j-0.62.30:1.0.1g-0.20.10:1.7.0.75-0.7.10:0.9.7g-146.22.27.10:0.9.8j-0.68.10:1.0.1g-0.24.10:1.6.17-1.31.30:2.11.3-17.66.10:5.3.17-0.29.10:1.7.0_sr7.1-0.5.10:1.6.0_sr16.1-0.3.10:1.6.3-133.49.60.10:3.2-147.20.10:5.2-147.20.10:3.2-147.14.20.10:5.2-147.14.20.10:1.10.10-0.2.10:4.2.5_08_3.0.101_0.47.55-0.7.10:1.4_3.0.101_rt130_0.33.38-2.28.1.220:8.4.4_3.0.101_rt130_0.33.38-0.23.1.220:1.4.20_3.0.101_rt130_0.33.38-0.39.1.220:3.0.101.rt130-0.33.38.10:2.1.1_3.0.101_rt130_0.33.38-0.12.1.200:1.6_3.0.101_rt130_0.33.38-0.21.1.220:1.5.4.1_3.0.101_rt130_0.33.38-0.14.1.220:7.4-27.101.10:2.6.32.59-0.17.10:4.0.3_21548_18_2.6.32.59_0.17-0.9.20:3.0.101-0.7.27.10:4.1.6_08_3.0.101_0.7.27-0.5.50:6.00-11.9.10:5.3.17-0.33.10:1.0.1g-0.30.10:11.2.202.424-0.3.10:3.9.8-1.23.10:1.6.0_sr16.3-0.4.50:1.7.0_sr8.10-0.6.40:1.6.0_sr16.3-0.4.10:1.7.0_sr8.10-0.6.10:4.2.4p8-1.28.10:0.98.6-0.6.10:1.3.9-8.46.54.20:1.6.0_sr16.4-0.3.10:1.0.1g-0.26.10:2.11.3-17.74.130:2.11.1-0.60.10:2.11.3-17.45.55.50:1.34b-12.33.43.10:3.6.3-0.33.43.10:3.4.3-1.54.390:7.4-27.103.10:11.2.202.429-0.4.10:11.2.202.438-0.3.10:11.2.202.440-0.3.10:11.2.202.442-0.3.10:11.2.202.451-0.3.10:11.2.202.457-0.3.10:1.7.0.75-0.9.10:1.10.12-0.2.10:31.5.0esr-0.7.10:31.5.0esr-0.4.2.10:9.9.6P1-0.7.10:1.4.2-0.22.25.10:4.2.4p8-1.29.36.10:11.2.202.460-0.3.10:11.2.202.466-0.6.10:11.2.202.468-0.7.10:1.4.2-0.22.31.10:4.1.6_08_3.0.101_0.7.29-0.11.10:5.3.17-0.43.10:1.4.2-0.22.27.10:0.15.1-0.29.10:1.10.14-0.3.10:5.5.43-0.9.10:5.0.96-0.8.8.10:5.0.96-0.8.8.20:4.4.0-6.27.10:9.9.6P1-0.27.10:1.9+git.1473844105.932298f-9.10:1.5.4-0.7.10:1.5.4-12.10:2.4.3-0.25.10:1.9+git.1443859419.95e948a-12.20:2014.2.4~a0~dev103-16.20:2014.2.4~a0~dev103-16.40:0.4-0.13.10:0.9.8j-0.91.10:2014.2.4.dev18-9.70:2014.2.4.dev18-9.110:2014.2.4.dev19-9.70:2014.2.4.dev19-9.120:2014.2.4.dev5-9.50:2014.2.4.dev5-9.70:2014.2.4.dev13-9.60:2014.2.4.dev13-9.80:2014.2.4.dev5-11.80:2014.2.4.dev5-11.120:2014.2.4.dev3-9.50:2014.2-9.20:1.3.1-9.60:1.4.0-14.20:1.2.0-2.50:1.9.0-9.20:1.9+git.1443622531.b2b2939-9.30:2014.2.4~a0~dev12-13.20:1.1.7-11.30:2014.2.4.juno-14.10:2014.2.4.juno-17.10:2014.2.4.juno-17.20:2014.2.4.juno-29.10:2.1.0-14.10:2014.2.4~a0~dev80-20.10:2.1.0-11.10:2014.2.4.juno-15.10:1.6.11-0.7.10:1.6.11-13.10:2.7.0-0.7.10:2.7.0-9.10:3.10-0.13.10:0.15.0-9.20:1.0.0-11.10:1.2.0-11.20:2.20.0-9.20:0.4.1-9.20:2.3.0-9.20:2.11.0-0.9.10:4.1.9-9.10:4.1.9-12.10:4.1.9-9.20:4.1.9-15.10:1.11.1-9.10:0.0.5-9.10:3.2.3-9.10:2.11.3-11.10:1.5.2-9.60:4.4.13-1.160:1.6.1-2.70:3.0+git.1456169766.1e60d19-1.10:1.9.1-58.10:1.5.14-1.40:1.4.15-1.20:2.4.14-1.280:7.0.2~a0~dev1-1.20:8.0.2~a0~dev7-2.10:11.0.2~a0~dev2-1.10:5.0.2~a0~dev9-1.40:0.0.0+git.1452795102.e53f5d3-1.10:4.2.3~a0~dev14-1.10:8.0.2~a0~dev8-1.20:7.0.4~a0~dev18-1.10:7.0.2~a0~dev63-1.10:12.0.2~a0~dev18-1.30:2.1.0-4.10:4.0.1~a0~dev2-2.10:1.6.4-0.7.30:1.8.9-1.10:2.7.3-15.10:2.7.0-1.40:1.7.2-3.10:2.3.1-1.10:2.6.1-2.20:3.0.3-1.10:3.4.4-2.200:4.2.2-2.20:4.2.2-5.10:4.2.2-2.40:1.11.1-2.20:10.32.2-3.20:10.32.2-1.340:10.32.2-1.10:10.32.2-4.20:10.32.2-1.20:0.9.16-1.10:0.5.5-1.10:1.6.4-2.30:1.0.2-7.10:2.11.3-1.20:1.0.3~a0~dev10-6.10:1.0.3~a0~dev10-6.20:4.2.5-6.10:4.2.5-6.20:7.0.5~a0~dev3-6.10:0.0.1~a0~dev238-4.10:3.0.3~a0~dev1-6.10:7.0.0-9.10:4.0.1~a0~dev19-8.10:5.0.4~a0~dev6-6.10:5.0.4~a0~dev6-6.20:7.0.3~a0~dev2-7.10:8.0.2~a0~dev34-8.10:11.0.2~a0~dev13-7.10:5.0.2~a0~dev93-9.10:5.0.2~a0~dev93-9.30:8.1.1~a0~dev13-3.10:8.1.1~a0~dev13-3.20:1.0.2~a0~dev11-9.10:1.0.2~a0~dev11-9.20:7.1.2~a0~dev29-10.10:7.1.2~a0~dev1-6.10:12.0.5~a0~dev2-7.10:1.0+git.1467079370.4f2c49d-7.10:2.1.1-6.10:1.7.2-4.10:1.2.1~a0~dev2-3.10:0.6-4.10:4.2.2-8.10:1.15.2-2.3.10:4.2.9-3.3.10:4.2.9-7.3.10:4.2.9-9.3.10:4.2.9-6.3.10:1.0.3-8.3.10:0.4.1-2.10:2.4.0-3.10:2.8.0-3.10:2.5.1-6.4.70:2.5.1_k3.12.74_60.64.69-6.4.70:1.4.39-3.3.10:1.8.19-3.6.10:3.0+git.1521471181.2b39130da-39.10.10:7.0.2~a0~dev30-1.30:8.0.2~a0~dev34-1.40:4.2.2-6.10:11.0.2~a0~dev7-1.170:1.11.0.1-2.3.10:13.0.1~a0~dev6-4.3.10:13.0.1~a0~dev6-4.3.40:3.0.4~a0~dev1-2.3.10:2.2.3.0-5.10:20170912_10.45-5.10:1.0.5-5.30:14.0.10~dev13-4.11.10:14.0.10~dev13-4.11.30:3.19.0-3.10:3.1.2~a0~dev20-9.40:3.1.2~a0~dev20-9.30:7.0.4~a0~dev7-3.10:7.0.4~a0~dev7-3.20:9.1.5~a0~dev1-3.10:10.0.4~a0~dev2-3.10:13.0.1~a0~dev6-3.10:13.0.1~a0~dev6-3.30:7.0.4~a0~dev4-4.10:7.0.4~a0~dev4-4.20:10.0.2~a0~dev2-6.10:10.0.2~a0~dev2-6.20:3.1.2~a0~dev22-13.10:3.0.1~a0~dev27-3.10:14.0.6~a0~dev16-3.10:14.0.6~a0~dev16-3.30:2.2.3.0-9.10:1.4.39-3.3.20:2.0.8-3.3.10:17.5.6-3.3.10:1.8.19-3.4.10:5.5.1-10.142.10:49.0.2623.75-27.10:0.22.0+git.20160103-5.10:50.0.2661.75-41.10:51.0.2704.79-54.10:49.0.2-36.10:2.4.0-170.20:1.3.21-3.100:6.8.8.1-4.20:41.0.2-1.20:38.3.0-2.20:1.0.6-1.20:4.14-1.20:13.2+git20140911.61c1681-4.60:0.6.40-2.20:1.0.29-8.10:5.1.1_r8-3.20:1.9.4-8.20:1.9.4-8.30:1.9.2-3.10:1.0.15-11.20:3.1-8.10:2.0.9-2.20:5.5.14-36.50:1.6.3-3.110:1.19.0-7.40:1.2.0-6.20:5.0.9-4.30:1.13.4-6.40:1.4.16-3.20:0.6.31-24.10:4.2-76.40:6.2-76.40:9.9.6P1-25.20:2.25.0-5.20:1.2.4-5.10:3.1.2-8.10:1.21.1-5.60:1.0.6-30.40:6.4-4.20:0.98.7-2.70:3.12.0-2.20:1.2.12-1.20:0.1.26-2.20:8.22-4.10:2.11-30.40:4.8.5-16.70:4.8.5-16.80:7.1.3_k4.1.12_1-4.140:4.2-57.50:1.4.11-57.50:5.8-8.20:1.7.5-5.60:1.0.58-10.30:7.37.0-5.20:1.12.12-183.10:2.4.18-1.20:2.1.26-8.10:1.8.16-5.90:1.8.16-5.20:0.100.2-3.20:4.3.3-2.10:0.97.3-2.100:2.71-4.20:1.42.11-10.20:0.158-9.50:24.3-18.70:3.12.10-2.70:3.14.2-2.80:0.6.21-10.20:2.1.0-15.40:6.3.26-12.20:5.19-5.50:1.3.0-9.20:2.5.5-8.20:2.9.3-8.20:0.6-4.20:2.1.0-8.20:2.31.6-1.20:2.40.10-4.20:3.14.2-1.20:2.8.14-2.70:2.6.2-1.10:2.44.1-2.30:2.19-17.40:2.19-17.10:3.10.0-3.10:3.16.0-4.30:3.16.4.1-1.20:3.16.4-1.20:3.2.15-6.20:1.6.0-9.10:1.22.2-7.40:1.22.2-7.70:0.10.23-20.80:3.7.4-5.20:1.2.2-6.20:7.4.326-3.100:1.6-9.40:1.0-8.10:3.14.6-3.100:1.8.28-3.30:6-10.10:1.4.14-1.10:1.5.0-9.20:1.6.1-1.20:3.8.3-267.60:0.8.0-4.40:s20121221-3.30:0.8.17-4.20:1.1.1-1.30:1.8.0.60-4.110:3.00-3.20:1.15.5-6.10:4.11.22-1.70:4.14.10-2.110:15.04.3-3.30:15.04.3-3.40:15.08.1-1.20:4.1.12-1.10:15.08.0-7.60:1.3.3-4.20:1.4.1-779.10:2.0-779.10:1.6-2.90:1.12.1-19.90:4.6.4-4.30:1.0.7-1.10:3.18-4.20:2.1.0-6.20:1.4.5-18.10:5.5.0-2.10:1.6.3-1.10:1.0.7-5.10:1.1.14-6.10:1.3.3-3.10:5.0.1-5.10:1.5.1-5.20:1.7.5-1.10:1.1.3-5.10:1.0.3-1.10:1.5.0-1.10:0.9.9-1.10:1.1.5-1.10:1.2.2-5.10:1.0.10-5.10:1.0.9-1.10:1.1.4-5.10:1.1.4-1.10:1.5.3-3.20:1.5.1-5.10:2.25-7.20:2.25-7.10:1.10.10-3.20:4.2.4-4.30:1.7.1-3.10:9.4.5-1.10:9.4.5-1.20:2.0.21-5.10:0.6.21-10.10:0.25-4.80:2.5.4.26856-5.40:3.20-1.20:1.12.1-2.20:1.6.1-18.70:2.0.0-1.10:0.4-5.10:210-84.10:0.9-9.10:52.1-10.30:0.15.1b-184.10:1.2.0-4.70:1.900.1-164.10:2.4.9-4.100:2.0-3.20:1.3.1-31.30:62.1.0-31.10:8.0.2-31.30:0.12-4.20:1.3.0-2.20:1.19-19.10:1.15.0-4.20:2.4.2-16.60:5.2.2-3.20:2.08-4.10:3.3.7-3.20:1.9-4.40:0.6.4-3.10:0.8.8.5-4.10:4.0.4-1.80:3.1.2-10.50:0.5-4.20:2.1.5-29.10:10.0.21-1.50:0.30.1-2.90:0.52.16-3.30:1.5.2-3.40:1.0.1i-4.10:1.36.8-2.20:1.8.14-1.10:6.14.12-3.50:1.2.50-3.20:1.6.8-2.20:0.112-4.20:0.24.4-5.30:0.24.4-5.20:0.4.11-13.20:7.0-3.10:2.10.11-4.30:2.7.9-21.30:3.4.1-6.20:4.8.6-5.20:4.8.6-5.10:2.0.15-2.20:0.16.2-2.60:5.0.2.2-1.20:1.0.0-2.20:2.1.2-5.70:1.3.8-4.20:0.4.8-20.10:1.0.25-20.10:5.7.3-2.50:2.50.0-2.30:0.29-4.20:0.12.5-6.10:1.4.3-10.10:1.11.5.1-5.10:1.9.1-4.60:3.7-10.20:1.6.10-2.70:1.0.20100204cvs-20.10:4.0.4-1.10:2.1.6-3.20:2.7.1-1.40:1.1.1-8.60:1.2.18.1-3.20:1.3.3-3.70:0.28.2-19.10:0.2.8.4-240.10:1.11.1-1.10:3.1.1-14.20:2.9.1-8.10:0.1.6-3.10:0.11.1-3.10:2.8-3.20:1.2.10-75.10:3.8.7-7.10:2.8.7-3.20:2.1.20-2.20:12.5-21.10:1.13.3-1.50:1.2.5-5.30:4.10.8-2.20:1.5.24-1.70:3.5.1-1.10:2.4.2-4.20:3.11-3.20:1.4.4-19.20:4.2.8p3-7.50:0.5.3-1.10:7.06-2.20:2.4.41-9.50:2.0.0-8.30:6.6p1-6.30:2.3.8-4.20:2.4-726.10:0.152.0-3.20:9.20.1-13.40:1.1.8-12.40:12.1-25.10:2.4.4-8.20:2.1-3.20:2.7.5-5.50:5.18.2-3.50:0.23-2.20:2.82-3.20:3.71-3.70:6.04-7.10:2.0019-5.60:0.38-2.20:2.3-5.20:5.4.2-2.10:2.4.7-3.20:3.0.23-4.20:3.22-267.40:2.07-4.20:2.7.9-21.10:3.4.1-6.10:2.9.0-4.30:1.5.7-3.60:0.14-5.20:2.6.1-4.10:7.1.2-4.50:2.7.0-2.30:2.3.1-7.20:1.0.0-7.20:1.8.1-7.20:8-7.20:0.99.24.1-3.60:2.11-3.20:0.2.1_rc4-9.10:4.11.2-6.20:3.1.0-4.10:8.4.0-3.10:0.11_git201205151338-10.10:9.21-4.60:1.4.8-1.10:0.12.0-5.10:0.9-2.10:4.3-4.10:1.8.10-3.30:1.8.10p3-3.80:0.83.8-5.20:2.88+-97.10:5.2.10-4.20:4.5.1-2.20:0.18.3-2.20:0.2.0-3.20:5.2-11.10:1.5.0-11.10:20141104-2.20:2.84-5.30:2.3.1-3.20:6.00-27.10:1.1.23-3.20:3.16.0-2.30:5.0.6-2.50:5.0.6_k4.1.12_1-2.50:3.0.2-15.10:0.5.3-156.10:1.14-2.20:1.12.7-7.30:2.2-6.20:2.7.0-4.20:4.5.1_10-1.40:4.5.1_10_k4.1.12_1-1.40:2.99.917-7.10:2.3.15-8.10:5.43-7.20:7.6_1-16.10:1.1.0-5.10:7.6-47.10:7.6_1.17.2-7.30:3.1.155-1.10:3.1.18-1.10:2.10-1027.20:4.2.1-10.10:4.2.1-4.10:2.3.0-3.10:1.12.8-9.10:3.3.13-3.10:1.8.10p3-5.10:0.3.6-9.10:2.25-9.40:2.25-9.50:2.25-9.10:1.13-5.10:1.53-16.10:0.113-6.10:4.4.15.1-3.10:42.0-3.50:3.20.1-3.30:4.10.10-4.10:2.39-3.10:38.4.0-3.20:1.1.3-3.10:4.8.5-18.10:4.8.5-18.20:4.8.5-18.30:7.9.1-7.10:4.5.1_12-3.10:4.5.1_12_k4.1.12_1-3.10:1.7.0.91-22.10:1.12.1-21.10:0.66-6.10:4.2.8p4-9.20:5.33-4.10:46.0.2490.86-3.10:1.9-6.10:1.9.0-4.10:5.2.2-7.10:1.0.25-24.10:1.6.8-4.10:1.2.50-5.10:2.4.7-5.10:2.4.18-3.10:1.3.0-4.10:037-68.10:0.9.9-13.10:38.4.0-4.20:4.1.13-5.10:4.1.13-5.40:4.1.13-5.20:2.0.24-5.10:5.6.27-8.10:4.5.2_01-6.10:4.5.2_01_k4.1.12_1-6.10:1.3.15-6.10:1.0.1i-9.10:47.0.2526.80-7.10:1.5.1-7.10:2.3.0-7.10:0.12.2-7.10:47.0.2526.106-10.10:0.9.8j-6.10:43.0-6.10:1.1.24-7.10:4.2.4-9.20:2.1.5-7.10:1.3.8-7.10:0.9.26-7.10:9.9.6P1-27.10:2.46.0-11.10:1.0.4-6.30:5.16.0-6.30:5.4.3-6.30:5.4.3-6.100:5.5.1-2.10:5.5.1-3.30:5.5.1-4.10:5.5.1-3.20:5.5.1-3.10:3.5.1-6.60:0.20-3.10:5.5.1-4.30:0.9.0-4.20:0.9.0-4.10:0.7.1-5.10:1.12.1-24.10:2.8.3-6.10:38.5.0-7.10:38.5.0-7.20:3.20.2-6.10:3.12.0-4.10:2.02~beta2-76.10:4.7.20-7.10:3.4.6-3.10:2.3.9-7.10:4.0.6-3.10:1.28-6.10:6.8.8.1-18.20:4.4.15.8-25.10:4.5.40-7.10:48.0.1-30.60:3.24-26.20:4.8.6-13.10:4.8.6-13.30:2.3.37-11.10:2.4.41-11.10:1.2.3-5.10:3.0.26-9.10:3.1.1-19.10:3.16.5-9.10:8.0.32-8.10:1.8.0.72-6.10:2.25.35.1-6.10:3.1.71-4.10:1.5.4-6.10:1.1.32-7.10:1.12.1-36.30:1.12.1-36.10:1.14-4.10:10.0.26-9.10:2.11.0-5.10:2.32.3-8.10:4.02.3-3.20:1.0.10-11.20:8.4.6-8.10:8.4.6_k4.1.31_30-8.10:1.28-24.10:1.28_k4.1.31_30-24.10:6.25.1-5.10:6.25.1_k4.1.31_30-5.10:4.1.31-30.20:4.1.31-30.10:4.1.31-30.30:2.7.0-2.10:2.7.0_k4.1.31_30-2.10:0.44-266.10:0.44_k4.1.31_30-266.10:20140928-5.10:20140928_k4.1.31_30-5.10:5.1.35-6.10:5.18.2-5.10:39.0.2256.71-25.10:4.0.6-6.10:6.6p1-14.10:3.16.5-7.20:40.0.2308.54-28.10:3.4.6-6.20:2.1.0-10.10:4.2.4-21.30:2.24.31-11.20:42.1-13.10:2.20.2-29.30:49.0-33.10:3.25-29.10:7.37.0-13.10:1.0.2-11.10:9.9.9P1-39.10:1.0.1i-18.10:1.6.1-32.10:1.5.2-5.10:1.7.0.95-25.10:3.1.14-9.20:2.5.37-11.10:2.32.1-19.10:10.66.3-6.10:2.0.0-14.10:1.0.9-1078.10:6.1.6-13.10:5.5.14-59.10:4.1.15-8.10:4.1.15-8.30:4.1.15-8.20:2.8.8-19.10:9.4.9-7.10:4.5.3_10-15.20:4.5.3_10_k4.1.31_30-15.20:4.6.0-33.10:4.0.6-9.10:0.9.8j-15.10:103-3.10:5.1.5.2-11.10:5.5.14-62.10:210-98.10:1.12.9-14.10:1.1.6-12.10:9.15-8.10:1.4-3.10:8.4.6-10.10:8.4.6_k4.1.34_33-10.10:1.28-26.10:1.28_k4.1.34_33-26.10:6.25.1-7.10:6.25.1_k4.1.34_33-7.10:4.1.34-33.10:4.1.34-33.30:2.7.0-4.10:2.7.0_k4.1.34_33-4.10:0.44-268.10:0.44_k4.1.34_33-268.10:20140928-7.10:20140928_k4.1.34_33-7.10:1.6.3-6.10:1.7.5-3.10:1.5.0-3.10:0.9.9-3.10:1.0.9-3.10:0.8.15-27.10:0.2.7.6-13.10:1.8.22-10.10:1.3.21-14.10:1.8.8-22.10:0.99.24.1-14.10:2.3.1-19.30:1.0.0-19.30:2.3.1-19.10:1.8.1-19.30:8-19.30:2.3.1-19.60:1.11.5.1-16.10:2.9.1-22.10:2.40-6.20:0.16.2-4.10:38.6.0-10.20:9.9.9P1-42.10:4.6.1-36.10:44.0-12.20:3.21-9.10:4.11-7.10:7.37.0-16.10:2.1.0-13.10:6.8.8.1-21.10:5.6.34-19.20:41.0.2353.56-3.10:54.0.2840.100-91.10:4.4.15.2-8.10:3.0.24-6.10:1.900.14-167.10:1.3.21-17.10:1.4.22-6.10:2.25-18.10:2.25-18.20:5.5.14-65.20:50.0-39.20:3.26.2-32.10:5.20.0-13.10:2.2.25-3.10:6.2.1-5.10:4.2-81.10:6.2-81.10:1.1.34-9.10:1.8.0.111-3.10:7.4.326-8.10:50.0.2-42.20:45.5.1-28.20:0.94-7.10:0.2.4+gitr565_0366d7e-5.10:1.12.3-22.10:0.1.1+gitr2816_02f8fa7-5.10:3.1.2-16.10:4.4.15.9-28.10:1.3.21-20.10:10.0.28-15.10:1.1.7-15.10:1.6.3-9.10:1.7.5-6.10:1.5.0-5.10:8.4.6-12.20:8.4.6_k4.1.36_38-12.20:1.28-28.20:1.28_k4.1.36_38-28.20:6.25.1-9.20:6.25.1_k4.1.36_38-9.20:4.1.36-38.10:4.1.36-38.20:2.7.0-6.20:2.7.0_k4.1.36_38-6.20:0.44-270.20:0.44_k4.1.36_38-270.20:20140928-9.20:20140928_k4.1.36_38-9.20:3.4.6-9.20:4.1.36-41.10:4.1.36-41.20:0.12.3-6.10:6.8.8.1-24.20:1.7.0.121-37.20:1.1.13-23.20:8.39-6.10:5.5.14-69.10:2.3.1-22.10:1.0.0-22.10:1.8.1-22.10:8-22.10:2.3.1-22.20:55.0.2883.75-99.20:2.1.1-2.10:2.4.2-2.10:8.0.32-11.10:7.2d-8.10:1.0.2-5.10:0.10.23-22.10:15.4.0-3.10:1.4.5-8.10:1.1.2-10.10:50.1.0-45.10:2.5.4-6.10:2.4.4-11.10:2.20-12.10:4.4.15.4-13.10:1.3.25-6.10:1.3.21-23.10:7.37.0-7.10:4.2.8p9-27.10:0.2.7.6-16.10:5.5.14-41.10:1.8.1-5.10:5.6.28-13.10:0.8.8f-8.10:0.8.8f-5.10:2.2.1-24.10:3.12.0-7.10:1.7.3.1-6.10:48.0.2564.109-21.10:38.6.0-10.10:44.0.2-15.20:2.19-19.10:2.19-19.20:1.12.1-27.10:48.0.2564.116-24.10:2.8.6-16.10:0.5.1.git.1455712026.9c0a4a0-6.10:0.3-5.10:0.3.1+git20160217.7897d3f-7.10:0.6+git20160218.73d6618-5.10:0.1.1-20.10:2.3.1-12.10:1.0.0-12.10:1.8.1-12.10:8-12.10:2.3.1-12.20:9.4-6.10:9.3.11-3.20:2.8.4-9.10:0.7.1-8.10:9.4.6-4.10:1.6.8-7.10:1.54-19.10:4.3.1-24.10:5.19.0-6.30:5.19.0-6.20:5.19.0-5.80:5.19.0-9.20:5.19.0-11.20:5.19.0-8.10:5.19.0-6.60:5.19.0-6.70:5.19.0-9.30:5.19.0-12.50:5.19.0-7.20:5.18.0-5.30:1.0.1i-12.10:0.16.5-4.10:0.9.8zh-14.10:3.16.4-6.10:1.2.50-8.10:1.12.10-17.10:4.4.15.5-16.10:1.3.4-3.10:2015.8.7-13.10:4.1.1-4.10:3.2.1-13.10:4.86.2-8.10:0.9.8j-9.10:0.6.3-10.10:3.1.4-5.10:45.0-18.10:3.21.1-12.10:4.12-10.10:2.9.0-6.10:2.10.7-7.10:2.0.0.b5-30.10:4.2.4-9.10:2.6.2-3.10:0.12-9.10:4.5.2_04-9.20:4.5.2_04_k4.1.13_5-9.20:49.0.2623.87-31.10:1.3.3-7.10:1.4.4-5.10:6.6p1-8.10:9.9.6P1-33.10:8.0.32-5.10:2016.72-8.10:1.4.3-12.10:38.7.0-13.10:0.99.24.1-5.10:4.0.2-7.10:4.2.4-12.10:2.4.10-7.20:4.5.2_06-12.10:4.5.2_06_k4.1.15_8-12.10:4.8.6-7.20:49.0.2623.110-37.10:9.15-5.10:2.6.6-7.10:201604040002-71.10:1.8.0.77-9.10:1.7.0.99-28.10:4.1.20-11.10:4.1.20-11.30:4.1.20-11.20:201604110002-74.10:4.2.4-15.10:0.3.1-10.10:0.99.24.1-8.10:3.5.1-3.10:0.7.5-8.20:5.3.1+r233831-6.10:5.3.1+r233831-6.20:0.38-4.10:1.12.1-30.10:3.1.1-16.10:201604180001-77.10:5.5.14-44.10:50.0.2661.94-45.10:46.0-21.10:3.22.3-15.20:1.5-7.10:3.1.41.3-10.10:5.0.5-10.10:1.12.11-20.10:1.6.1-26.10:1.0.1i-15.10:0.9.8zh-17.10:1.8.10-9.10:1.8.0.91-12.10:1.7.0.101-31.10:6.8.8.1-9.10:0.9.8j-12.20:4.2.8p6-15.10:3.1.22-6.10:2.9.1-16.10:50.0.2661.102-48.10:0.12.2-10.10:1.3.16-9.10:7.2.6-5.10:0.99.24.1-11.10:4.2.8p7-21.10:43.0.3-9.20:0.8.8f-11.10:1.3.21-5.10:1.3.5b-4.10:1.6.1-14.10:5.6.30-16.20:2.40.15-7.10:3.5.1-6.10:5.5.14-47.10:4.1.21-14.20:4.1.21-14.50:4.1.21-14.40:210-92.10:51.0.2704.63-51.10:4.4.15.6-19.10:3.0.4-3.10:5.0.18-16.10:5.0.18_k4.1.21_14-16.10:0.67-9.10:6.6p1-11.10:2.31.6-4.10:1.0.58-12.10:3.0.26-6.10:201606060002-105.10:0.12-6.10:1.3.21-8.10:5.5.14-50.10:1.3.0-7.10:1.0.10-4.10:9.9.6P1-30.10:38.0.2220.29-16.10:47.0-24.10:3.23-18.10:4.4.5-27.10:201606130003-109.10:5.10-10.10:2.9.1-19.10:1.12.12-23.10:51.0.2704.103-57.10:4.2.8p8-24.10:1.0.9-7.10:2.5.5-7.10:4.1.26-21.10:4.1.26-21.20:2.2.4-27.10:6.8.8.1-12.10:0.6+git20160531.fbfe336-11.10:3.1.2-10.10:1.2.18.2-5.10:9.20.1-15.10:3.7-12.10:11.4-5.10:3.2.1-5.10:1.1.4-6.10:4.4.15.7-22.10:2.8.16-4.10:0.12.5-8.10:1.8-3.10:2.3.1-15.10:1.0.0-15.10:1.8.1-15.10:8-15.10:2.3.1-15.20:2.19-22.10:2.19-22.20:4.1.27-24.10:4.1.27-24.20:0.5.1-3.10:1.3.2-5.10:0.1.6-3.20:0.11.0-3.10:0.11.0-4.10:5.1.3.2-8.10:0.1.5-3.10:0.4.2-3.10:1.1.0-2.10:20160511-4.10:1.2.18.2-11.10:2.4.16-12.10:6.8.8.1-15.10:4.4.5-30.20:4.3.3-7.10:4.2-3.10:1.26.5-2.10:1.3.17-12.10:2.7.12-23.10:2016.74-11.10:1.7a-7.10:48.0-27.10:3.24-21.10:2.8.5-12.10:1.2.18.4-14.20:4.3-9.20:1.12.13-29.10:10.22-7.10:3.1.2-13.20:3.8.10.2-7.10:1.0.1+git.1456406635.49e230d-5.10:1.7.0.111-34.10:1.8.0.101-15.10:1.3.21-11.10:1.0.3-4.10:3.3.14-6.10:48.0.2564.82-13.10:1.1.5-9.10:3.4.5-8.10:4.1.36-44.10:4.1.36-44.20:4.1.36-44.30:2.71-8.10:1.14.0-4.10:0.31.1-7.10:1.8.17-3.10:4.2.4-24.10:3.4.9-3.10:9.9.9P1-43.10:0.22.1-5.10:3.3.14-12.10:3.7.3-7.10:0.6.0-8.10:4.021-14.10:2.2.12-8.10:1.6.0-6.10:5.0.32-34.10:5.0.32_k4.1.36_44-34.10:2.8-3.10:0.2.5+gitr569_2a5e70c-8.10:1.12.6-25.20:0.1.1+gitr2819_50a19c6-8.10:51.0.1-50.20:2.46-9.20:1.0.3-6.10:201701300007-34.10:1.10a-10.10:4.4.15.10-31.20:1.8.0.121-6.40:3.2.15-9.10:2.11-33.10:0.22.1-8.10:1.3.21-26.10:2.3.0-10.10:2.3.4-3.10:0.12.5-11.10:1.12-5.10:43.0.2442.806-21.10:1.0.1-12.10:1.6.0-11.10:4.1.38-47.10:4.1.38-47.20:4.1.38-47.30:1.0.1i-21.10:10.0.29-18.10:5.6.35-22.10:2.0.9-8.10:3.0.2-3.10:1.10a-11.20:56.0.2924.87-102.10:3.2.2-2.10:1.4.2-3.10:1.1.26-6.10:10.1.0-6.10:1.1-6.10:1.7.0.131-40.10:2.5.6.27020-10.10:7.4.326-11.10:4.0.7-15.10:1.12-7.10:4.7.3-39.10:0.5.0-4.10:4.1.38-50.10:4.1.38-50.30:4.1.38-50.20:1.2.4cvs20150223-6.10:2.1.0-16.10:0.14.16-11.10:0.9.2.3-6.10:3.5.11-8.10:6.8.8.1-28.10:2.25-21.10:5.5.14-75.20:2.0.25-9.10:1.0.24-5.10:1.14-8.10:1.0.4-14.10:1.39-5.10:3.4.2-3.10:2.8.7-6.10:1.2.2-6.10:6.6p1-17.10:52.0-55.20:1.8.0.121-8.10:3.28.3-38.10:037-80.10:0.68-12.10:1.1.8-18.10:52.0.1-57.3.10:2.9-5.3.10:3.3.11-2.3.10:1.8.22-3.10:0.3.5a-2.3.10:4.5.5_06-18.10:4.5.5_06_k4.1.36_41-18.10:5.5.14-77.3.10:1.14-8.3.10:1.3.21-29.10:2.4.16-18.10:4.1.39-53.10:4.1.39-53.20:2.10.11-9.10:2.2.6-6.3.10:2.3.3-2.3.10:4.2.4-27.10:1.2.50-10.3.10:1.6.8-9.3.10:201704030005-54.9.10:2.10.2-12.3.10:7.2.9-7.3.10:1.0.3-4.3.10:1.1.5-12.10:1.2.8-8.10:4.4.15.10-33.6.10:9.3.14-5.5.10:1.6.0-16.5.10:0.3.6-10.3.10:1.5.22-5.3.10:1.900.14-175.3.10:1.3.5d-6.3.10:9.9.9P1-48.3.10:0.10.36-17.10:1.8.0.121-10.2.10:3.28.4-40.3.10:52.1.0-57.6.10:4.2.8p10-29.3.20:7.37.0-16.3.10:1.0.25-26.3.10:4.0.7-17.3.10:1.1.20-3.3.10:4.1.0-5.3.10:2.1.9-8.3.20:4.0.7-12.10:2.18.3-6.3.10:5.0.40-40.10:5.0.40_k4.1.39_53-40.10:1.3.21-32.10:52.1.0-41.3.10:0.99.24.1-17.10:1.16.10-14.10:0.13.62-10.3.10:5.6.36-24.3.30:1.8.1-7.3.10:4.9.0-6.3.10:9.15-11.3.10:2.5.3-13.10:4.1.39-56.10:4.1.39-56.20:4.1.39-56.30:0.9.2-8.3.10:1.3.1-4.3.10:2.1-151.3.10:1.9.1-6.10:1.1.9-17.6.10:8.0.43-6.7.10:2.3.1-25.10:1.0.0-25.10:1.8.1-25.10:8-25.10:4.2.4-33.10:5.5.14-72.10:1.900.14-170.10:2.6.1-7.10:1.14-6.10:1.4.5-11.1b88b2fd43dbdc2840:1.900.14-166.10:3.0.4-6.10:2.6.1-6.10:1.8.1-4.10:2.1.9-10.20:1.8.1-8.10:6.8.8.1-27.10:4.9.0-7.10:2.2.6-6.10:1.14.0-3.10:2.20-11.10:1.2.50-11.10:1.5.22-7.10:2.71-9.10:6.2.1-4.10:6.8.8.1-30.10:1.6.8-10.10:1.8.14-3.10:3.5.11-7.10:3.4.1-5.10:1.5.0-32.10:1.900.14-176.10:4.0.7-18.10:4.1.0-5.10:4.021-13.10:52.0.2743.82-61.10:45.2-16.10:3.4.6-12.10:1.8.0.121-21.40:1.2.4cvs20150223-4.10:9.9.9P1-51.10:45.3.0-19.20:3.0.12-5.10:2.9-5.10:2.2.18-9.10:52.0.2743.116-64.10:53.0.2785.89-68.10:53.0.2785.113-74.10:53.0.2785.143-79.20:54.0.2840.59-82.10:54.0.2840.90-85.10:50.0-39.10:1.6.2-21.10:9.3.14-8.10:5.6.36-25.30:1.8.0.111-18.10:5.5.14-68.30:1.0.3-5.10:1.27.1-9.10:0.8.20-6.10:3.7.3-6.10:3.2.15-8.10:5.5.5-18.10:2.0.9-7.10:1.1.2-9.10:8.0.43-17.10:0.2.4+gitr565_0366d7e-7.10:1.12.3-24.10:0.1.1+gitr2816_02f8fa7-7.10:4.2.8p10-31.10:50.0.2-42.10:9.9.9P1-45.10:2.8.7-5.10:1.39-4.10:7.2d-7.10:0.5.3.git20161120-161.10:1.8.0.121-25.10:3.28.4-41.10:7.37.0-19.10:45.6.0-31.10:5.5.14-75.10:0.6.0-7.10:0.2.5+gitr569_2a5e70c-10.10:1.12.6-27.10:0.1.1+gitr2819_50a19c6-10.10:1.1-5.10:9.9.9P1-48.10:57.0.2987.98-105.20:57.0.2987.133-108.10:58.0.3029.81-111.10:58.0.3029.96-114.10:0.8.21-9.10:15.12.3-18.10:45.7.0-34.10:52.1.0-42.10:1.8.0.121-23.10:52.0.1-58.10:52.1.0-61.10:1.12-4.10:0.4.7-3.10:1.10a-15.10:3.0.2-5.10:1.1.26-5.10:0.13.62-10.10:2.0.25-7.10:7.2.9-8.10:4.14.18-15.20:5.21.0-23.20:3.3.11-6.10:2.10.2-12.10:1.14-11.10:0.3.5a-7.10:0.3.6-12.10:1.5.0-40.10:1.3.5d-7.10:1.1.20-3.10:1.0.25-27.10:2.13.1-6.10:1.1.9-21.10:2.1-151.10:0.9.2-8.10:5.21.0-16.10:4.14.18-18.1