OpenSUSE Project OpenSUSE 12.3

CPE Details

OpenSUSE Project OpenSUSE 12.3
opensuse_project
opensuse
12.3
2020-08-07
16h31 +00:00
2021-06-25
13h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:opensuse_project:opensuse:12.3:*:*:*:*:*:*:*

Informations

Vendor

opensuse_project

Product

opensuse

Version

12.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-4616 2017-08-24 18h00 +00:00 Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
5.9
Medium
CVE-2014-0481 2014-08-26 12h00 +00:00 The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a denial of service (CPU consumption) by unloading a multiple files with the same name.
4.3
CVE-2014-3004 2014-06-11 12h00 +00:00 The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document.
4.3
CVE-2014-1542 2014-06-11 08h00 +00:00 Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
6.8
CVE-2014-1528 2014-04-30 08h00 +00:00 The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.
10
CVE-2014-1494 2014-03-19 09h00 +00:00 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
9.3
CVE-2014-1498 2014-03-19 09h00 +00:00 The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.
5
CVE-2014-1499 2014-03-19 09h00 +00:00 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.
4.3
CVE-2014-1500 2014-03-19 09h00 +00:00 Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
5
CVE-2014-1502 2014-03-19 09h00 +00:00 The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
6.8
CVE-2014-0081 2014-02-20 10h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper.
4.3
CVE-2014-1484 2014-02-06 01h00 +00:00 Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.
5
CVE-2014-1489 2014-02-06 01h00 +00:00 Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
4.3
CVE-2013-5611 2013-12-11 14h00 +00:00 Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
5.8