SUSE CVE-2011-3927

Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

SUSE CVE-2011-3963

Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

SUSE CVE-2011-4685

Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service application crash via unspecified content on a web page, as demonstrated by forbes.com...

SUSE CVE-2011-4690

Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code...

SUSE CVE-2012-0049

OpenTTD before 1.1.5 contains a Denial of Service slow read attack that prevents users from joining the server...

SUSE CVE-2012-0467

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service memory corruption and...

SUSE CVE-2012-0484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors...

SUSE CVE-2012-0511

Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality and integrity via unknown vectors...

SUSE CVE-2012-1147

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service file descriptor consumption via a large number of crafted XML files...

SUSE CVE-2012-2883

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874...

SUSE CVE-2012-2887

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events...

SUSE CVE-2012-3132

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMSSTATS.GATHERTABLESTATS...

SUSE CVE-2012-3141

Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability th...

SUSE CVE-2012-3148

Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity, related to Wireless/WAP upload...

SUSE CVE-2012-3481

Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted height and len properties in a GIF image...

SUSE CVE-2012-3519

routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack...

SUSE CVE-2012-3963

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors...

SUSE CVE-2012-4447

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

SUSE CVE-2012-5132

Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service application crash via a response with chunked transfer coding...

SUSE CVE-2012-5526

CGI.pm module before 3.63 for Perl does not properly escape newlines in 1 Set-Cookie or 2 P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm...