SUSE CVE-2020-11888

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

SUSE CVE-2020-11908

The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP...

SUSE CVE-2020-11909

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow...

SUSE CVE-2020-12605

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs...

SUSE CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...

SUSE CVE-2020-13249

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

SUSE CVE-2020-13435

SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c...

SUSE CVE-2020-13529

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server...

SUSE CVE-2020-15801

In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected...

SUSE CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2020-16013

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2020-17353

scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...

SUSE CVE-2020-17467

An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in fnetllmnrpo...

SUSE CVE-2020-21833

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionclasses ../../src/decode.c:2440...

SUSE CVE-2020-21834

A null pointer deference issue exists in GNU LibreDWG 0.10 via getbmp ../../programs/dwgbmp.c:164...

SUSE CVE-2020-22026

Buffer Overflow vulnerability exists in FFmpeg 4.2 in the configinput function at libavfilter/aftremolo.c, which could let a remote malicious user cause a Denial of Service...

SUSE CVE-2020-24119

A heap buffer overflow read was discovered in upx 4.0.0, because the check in plxelf.cpp is not perfect...

SUSE CVE-2020-25412

comline in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy that may lead to arbitrary code execution...

SUSE CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

SUSE CVE-2020-28011

Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queuerun via two sender options: -R and -S. This may cause privilege escalation from exim to root...