SUSE CVE-2021-29966

Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 89...

SUSE CVE-2021-29967

Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 78.11,...

SUSE CVE-2021-29988

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...

SUSE CVE-2021-29990

Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 91...

SUSE CVE-2021-30500

Null pointer dereference was found in upx PackLinuxElf::canUnpack in plxelf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file...

SUSE CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

SUSE CVE-2021-32687

Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the...

SUSE CVE-2021-34825

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system...

SUSE CVE-2021-37322

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c...

SUSE CVE-2021-38494

Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 92...

SUSE CVE-2021-38648

unknown...

SUSE CVE-2021-40325

Cobbler before 3.3.0 allows authorization bypass for modification of settings...

SUSE CVE-2021-42716

An issue was discovered in stb stbimage.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stbimage, or...

SUSE CVE-2021-43539

Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird 91.4.0, Firefox...

SUSE CVE-2021-44026

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or searchparams...

SUSE CVE-2021-45930

Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps::growAppend called from QPainterPath::addPath and QPathClipper::intersect...

SUSE CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

SUSE CVE-2021-46242

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5ACunpinentry...

SUSE CVE-2022-0318

Heap-based Buffer Overflow in vim/vim prior to 8.2...

SUSE CVE-2022-0393

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2...