openSUSE
by OpenSUSE
Source repositories
CVEs (1,425)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-0883 | 0.00 | — | 0.01 | Apr 18, 2012 | envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl. | |||
| CVE-2011-3049 | 0.00 | — | 0.02 | Mar 23, 2012 | Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension. | |||
| CVE-2011-3056 | 0.00 | — | 0.01 | Mar 22, 2012 | Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." | |||
| CVE-2011-3055 | 0.00 | — | 0.02 | Mar 22, 2012 | The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. | |||
| CVE-2011-3054 | 0.00 | — | 0.02 | Mar 22, 2012 | The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | |||
| CVE-2011-3053 | 0.00 | — | 0.02 | Mar 22, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. | |||
| CVE-2011-3052 | 0.00 | — | 0.02 | Mar 22, 2012 | The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3051 | 0.00 | — | 0.02 | Mar 22, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. | |||
| CVE-2011-3050 | 0.00 | — | 0.02 | Mar 22, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | |||
| CVE-2011-3047 | 0.00 | — | 0.03 | Mar 10, 2012 | The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism. | |||
| CVE-2011-3046 | 0.00 | — | 0.05 | Mar 9, 2012 | The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. | |||
| CVE-2011-3044 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. | |||
| CVE-2011-3043 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. | |||
| CVE-2011-3042 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. | |||
| CVE-2011-3041 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. | |||
| CVE-2011-3040 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | |||
| CVE-2011-3039 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. | |||
| CVE-2011-3038 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. | |||
| CVE-2011-3037 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2011-3036 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
- CVE-2012-0883Apr 18, 2012risk 0.00cvss —epss 0.01
envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
- CVE-2011-3049Mar 23, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
- CVE-2011-3056Mar 22, 2012risk 0.00cvss —epss 0.01
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
- CVE-2011-3055Mar 22, 2012risk 0.00cvss —epss 0.02
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.
- CVE-2011-3054Mar 22, 2012risk 0.00cvss —epss 0.02
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
- CVE-2011-3053Mar 22, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
- CVE-2011-3052Mar 22, 2012risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3051Mar 22, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function.
- CVE-2011-3050Mar 22, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
- CVE-2011-3047Mar 10, 2012risk 0.00cvss —epss 0.03
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism.
- CVE-2011-3046Mar 9, 2012risk 0.00cvss —epss 0.05
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
- CVE-2011-3044Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.
- CVE-2011-3043Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.
- CVE-2011-3042Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.
- CVE-2011-3041Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.
- CVE-2011-3040Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
- CVE-2011-3039Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
- CVE-2011-3038Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
- CVE-2011-3037Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2011-3036Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
Page 67 of 72