Opensuse Project Opensuse — known CVE vulnerabilities
Every CVE whose affected-product data names Opensuse Project Opensuse, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2014-1528 — CVSS 10.0 (critical): The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote…
CVE-2014-1494 — CVSS 9.3 (critical): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers…
CVE-2014-1502 — CVSS 6.8 (medium): The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25…
CVE-2014-1542 — CVSS 6.8 (medium): Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute…
CVE-2014-4616 — CVSS 5.9 (medium): Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows…
CVE-2011-4093 — CVSS 5.8 (medium): Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain…
CVE-2013-5611 — CVSS 5.8 (medium): Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to…
CVE-2014-1500 — CVSS 5.0 (medium): Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and…
CVE-2014-1484 — CVSS 5.0 (medium): Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to…
CVE-2014-1498 — CVSS 5.0 (medium): The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key…
CVE-2014-0081 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17…
CVE-2014-3004 — CVSS 4.3 (medium): The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External…
CVE-2014-1489 — CVSS 4.3 (medium): Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted…
CVE-2012-0867 — CVSS 4.3 (medium): PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying…
CVE-2014-1499 — CVSS 4.3 (medium): Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2)…
CVE-2014-0481 — CVSS 4.3 (medium): The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7…