CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

novell

suse_package_hub_for_suse_linux_enterprise

4 known vulnerabilities · sorted by CVSS score

CVE-2019-11338

HIGH8.8

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.

ffmpeg / ffmpeg+9

Network

Published Apr 19, 2019

CVE-2019-13730

HIGH8.8

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

google / chrome+10

Network

Published Dec 10, 2019

CVE-2019-9811

HIGH8.3

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

mozilla / firefox+6

Network

Published Jul 23, 2019

CVE-2019-11717

MEDIUM5.3

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

mozilla / firefox+6

Network

Published Jul 23, 2019