opensuse opensuse 12.3 vulnerabilities and exploits

(subscribe to this query)

NA

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors....

Opensuse Opensuse 12.3

NA

Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a...

Google Chrome Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

NA

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header....

Trustwave Modsecurity Opensuse Opensuse 11.4 Opensuse Opensuse 12.2 Opensuse Opensuse 12.31 EDB exploit available1 Github repository available

8.8

CVSSv3

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and...

Uclouvain Openjpeg Opensuse Opensuse 13.1 Opensuse Opensuse 12.3

NA

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks....

Claws-mail Claws-mail Opensuse Opensuse 12.3 Opensuse Opensuse 13.1

NA

ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request parameter in the...

Trustwave Modsecurity Opensuse Opensuse 11.4 Opensuse Opensuse 12.2 Opensuse Opensuse 12.3

NA

The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate...

Clutter Project Clutter -Opensuse Opensuse 12.3 Opensuse Opensuse 12.2

NA

The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /tmp/toto.fdf....

Opensuse Opensuse 13.1 Opensuse Opensuse 12.3 Logilab Logilab-common

NA

The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file....

Opensuse Opensuse 12.3 Opensuse Opensuse 13.1 Logilab Logilab-common

NA

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has...

Opensuse Opensuse 12.3 Opensuse Opensuse 11.4 Nagios Remote Plugin Executor Opensuse Opensuse 13.12 EDB exploits available

Get Started

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook