Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Opensuse Subscribe
Filtered by product Leap
Total 1874 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-3069 6 Debian, Fedoraproject, Mercurial and 3 more 14 Debian Linux, Fedora, Mercurial and 11 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
CVE-2016-3068 6 Debian, Fedoraproject, Mercurial and 3 more 14 Debian Linux, Fedora, Mercurial and 11 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
CVE-2016-3062 4 Debian, Ffmpeg, Libav and 1 more 4 Debian Linux, Ffmpeg, Libav and 1 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
CVE-2016-2834 4 Canonical, Mozilla, Novell and 1 more 8 Ubuntu Linux, Firefox, Network Security Services and 5 more 2018-10-30 9.3 HIGH 8.8 HIGH
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-2831 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2018-10-30 5.8 MEDIUM 8.8 HIGH
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
CVE-2016-2829 3 Canonical, Mozilla, Opensuse 4 Ubuntu Linux, Firefox, Leap and 1 more 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.
CVE-2016-2828 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
CVE-2016-2825 3 Canonical, Mozilla, Opensuse 4 Ubuntu Linux, Firefox, Leap and 1 more 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
CVE-2016-2824 3 Microsoft, Mozilla, Opensuse 5 Windows, Firefox, Firefox Esr and 2 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.
CVE-2016-2822 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.
CVE-2016-2821 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2018-10-30 6.8 MEDIUM 7.5 HIGH
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
CVE-2016-2819 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
CVE-2016-2818 6 Canonical, Debian, Mozilla and 3 more 22 Ubuntu Linux, Debian Linux, Firefox and 19 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2815 4 Canonical, Mozilla, Novell and 1 more 8 Ubuntu Linux, Firefox, Firefox Esr and 5 more 2018-10-30 6.8 MEDIUM 8.8 HIGH
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2807 3 Mozilla, Opensuse, Suse 5 Firefox, Firefox Esr, Leap and 2 more 2018-10-30 10.0 HIGH 8.8 HIGH
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2806 4 Debian, Mozilla, Opensuse and 1 more 5 Debian Linux, Firefox, Leap and 2 more 2018-10-30 10.0 HIGH 8.8 HIGH
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-7213 3 Fedoraproject, Mozilla, Opensuse 5 Fedora, Firefox, Firefox Esr and 2 more 2018-10-30 6.8 MEDIUM N/A
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
CVE-2015-7212 3 Fedoraproject, Mozilla, Opensuse 5 Fedora, Firefox, Firefox Esr and 2 more 2018-10-30 7.5 HIGH N/A
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
CVE-2015-7211 3 Fedoraproject, Mozilla, Opensuse 4 Fedora, Firefox, Leap and 1 more 2018-10-30 5.0 MEDIUM N/A
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
CVE-2015-7210 3 Fedoraproject, Mozilla, Opensuse 5 Fedora, Firefox, Firefox Esr and 2 more 2018-10-30 7.5 HIGH N/A
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.