Opensuse: >> Opensuse Security Vulnerabilities
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."
CVSS Score
10.0
EPSS Score
0.035
Published
2012-12-12
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
CVSS Score
10.0
EPSS Score
0.04
Published
2012-12-04
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.008
Published
2012-12-04
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CVSS Score
5.0
EPSS Score
0.138
Published
2012-11-30
Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.
CVSS Score
5.0
EPSS Score
0.015
Published
2012-11-28
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
CVSS Score
7.5
EPSS Score
0.014
Published
2012-11-28
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
CVSS Score
7.5
EPSS Score
0.015
Published
2012-11-28
Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
CVSS Score
6.8
EPSS Score
0.013
Published
2012-11-28
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.015
Published
2012-11-28
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
CVSS Score
7.2
EPSS Score
0.001
Published
2012-11-23