SUSE CVE-2009-2844

cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service crash via a sequence of beacon frames in which one frame omits an SSID Information Element IE and the subsequent frame contains an SSID IE, whic...

SUSE CVE-2009-3382

layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified...

SUSE CVE-2009-3613

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping...

SUSE CVE-2009-4536

drivers/net/e1000/e1000main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a craft...

SUSE CVE-2010-4263

The igbreceiveskb function in drivers/net/igb/igbmain.c in the Intel Gigabit Ethernet aka igb subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization SR-IOV and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service...

SUSE CVE-2011-3593

A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...

SUSE CVE-2011-3910

Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

SUSE CVE-2011-3921

Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames...

SUSE CVE-2012-0445

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute...

SUSE CVE-2012-2889

Cross-site scripting XSS vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS UXSS."...

SUSE CVE-2014-1578

The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...

SUSE CVE-2015-1258

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame...

SUSE CVE-2015-1863

Heap-based buffer overflow in wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service crash, read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries...

SUSE CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

SUSE CVE-2015-1142857

On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before...

SUSE CVE-2016-1661

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...

SUSE CVE-2017-5026

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page...

SUSE CVE-2017-5446

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

SUSE CVE-2017-11643

GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage function in coders/cmyk.c when processing multiple frames that have non-identical widths...

SUSE CVE-2017-12678

In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file...