Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Opensuse Subscribe
Total 3278 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14233 2 Djangoproject, Opensuse 2 Django, Leap 2023-11-07 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.
CVE-2019-13962 4 Canonical, Debian, Opensuse and 1 more 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more 2023-11-07 7.5 HIGH 9.8 CRITICAL
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
CVE-2019-13767 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13764 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13745 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13734 8 Canonical, Debian, Fedoraproject and 5 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13730 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13723 4 Fedoraproject, Google, Opensuse and 1 more 6 Fedora, Chrome, Backports and 3 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13719 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
CVE-2019-13718 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13717 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
CVE-2019-13716 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-13715 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13714 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 6.1 MEDIUM
Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.
CVE-2019-13713 2 Google, Opensuse 2 Chrome, Backports 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13711 2 Google, Opensuse 2 Chrome, Backports 2023-11-07 5.0 MEDIUM 5.3 MEDIUM
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13710 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
CVE-2019-13709 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
CVE-2019-13708 2 Google, Opensuse 2 Chrome, Backports Sle 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2019-13707 2 Google, Opensuse 2 Chrome, Backports 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.