Leap Security Vulnerabilities and Issues — Page 25 of Leap CVE List

Lucene search

OpensuseLeap

1897 matches found

CVE•added 2020/06/24 1:15 p.m.•172 views

CVE-2020-12862

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.

4.3CVSS5.7AI score0.00198EPSS

CVE•added 2020/06/24 1:15 p.m.•172 views

CVE-2020-12863

4.3CVSS5.7AI score0.00198EPSS

CVE•added 2020/09/23 10:15 p.m.•172 views

CVE-2020-25601

An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these (when resetting all event channels or when cle...

5.5CVSS6.1AI score0.00052EPSS

CVE•added 2020/05/21 4:15 a.m.•172 views

CVE-2020-6473

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.3AI score0.01451EPSS

CVE•added 2021/02/09 4:15 p.m.•172 views

CVE-2021-26676

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.

6.5CVSS7.1AI score0.00109EPSS

CVE•added 2019/04/18 6:29 p.m.•171 views

CVE-2018-16878

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

6.2CVSS6.1AI score0.00031EPSS

CVE•added 2019/04/23 2:29 p.m.•171 views

CVE-2019-11474

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.

6.5CVSS6.9AI score0.01671EPSS

CVE•added 2019/02/05 12:29 a.m.•171 views

CVE-2019-7395

In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.

7.5CVSS7.2AI score0.02743EPSS

CVE•added 2020/03/23 1:15 p.m.•171 views

CVE-2020-10593

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_circ because a circuit-padding machine can be negotiated twice on the same circuit.

7.5CVSS7.2AI score0.01218EPSS

CVE•added 2020/06/09 1:15 p.m.•171 views

CVE-2020-10761

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

5CVSS5.1AI score0.00811EPSS

CVE•added 2020/09/21 8:15 p.m.•171 views

CVE-2020-6568

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5CVSS6.2AI score0.0053EPSS

CVE•added 2018/09/03 7:29 p.m.•170 views

CVE-2018-16412

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.

8.8CVSS7.2AI score0.00387EPSS

CVE•added 2018/12/28 4:29 p.m.•170 views

CVE-2018-20548

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.

8.8CVSS8.5AI score0.00724EPSS

CVE•added 2019/05/08 5:29 p.m.•170 views

CVE-2019-11499

In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.

7.5CVSS7.5AI score0.00753EPSS

CVE•added 2019/12/23 4:15 p.m.•170 views

CVE-2019-18390

An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.

7.1CVSS6.6AI score0.0003EPSS

CVE•added 2019/12/03 4:15 p.m.•170 views

CVE-2019-19531

In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.

6.8CVSS7.3AI score0.00098EPSS

CVE•added 2019/12/27 1:15 a.m.•170 views

CVE-2019-20009

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.

6.5CVSS7.4AI score0.00556EPSS

CVE•added 2019/12/27 1:15 a.m.•170 views

CVE-2019-20015

An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.

6.5CVSS7.4AI score0.00577EPSS

CVE•added 2020/06/24 1:15 p.m.•170 views

CVE-2020-12866

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.

5.7CVSS6.4AI score0.00223EPSS

CVE•added 2020/07/07 1:15 p.m.•170 views

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield write...

7.8CVSS8AI score0.00029EPSS

CVE•added 2020/07/22 5:15 p.m.•170 views

CVE-2020-6529

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.

4.3CVSS5AI score0.00403EPSS

CVE•added 2020/07/22 5:15 p.m.•170 views

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.

6.1CVSS6.3AI score0.00864EPSS

CVE•added 2019/09/08 4:15 p.m.•169 views

CVE-2016-10937

IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.

7.5CVSS7.3AI score0.00383EPSS

CVE•added 2018/05/31 12:29 a.m.•169 views

CVE-2018-11577

Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.

8.8CVSS8.4AI score0.00338EPSS

CVE•added 2019/02/05 8:29 p.m.•169 views

CVE-2018-8795

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.06788EPSS

CVE•added 2019/08/01 5:15 p.m.•169 views

CVE-2019-14492

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

7.5CVSS7.3AI score0.00528EPSS

CVE•added 2019/07/23 11:15 p.m.•169 views

CVE-2019-2877

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

5.5CVSS5.8AI score0.00062EPSS

CVE•added 2019/12/03 10:15 p.m.•169 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerabil...

7.5CVSS7.3AI score0.00486EPSS

CVE•added 2020/09/21 8:15 p.m.•169 views

CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.

7.8CVSS7.7AI score0.00026EPSS

CVE•added 2018/06/09 11:29 a.m.•168 views

CVE-2018-12085

Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

8.8CVSS7.8AI score0.00403EPSS

CVE•added 2018/12/14 2:29 p.m.•168 views

CVE-2018-16875

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are...

7.8CVSS7.5AI score0.01525EPSS

CVE•added 2018/12/13 7:29 p.m.•168 views

CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.

5.5CVSS5.7AI score0.0005EPSS

CVE•added 2019/03/15 6:29 p.m.•168 views

CVE-2018-20177

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.

9.8CVSS9.7AI score0.05116EPSS

CVE•added 2019/12/20 8:15 p.m.•168 views

CVE-2019-19917

Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.

7.8CVSS7.6AI score0.00355EPSS

CVE•added 2019/12/27 1:15 a.m.•168 views

CVE-2019-20014

An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.

8.8CVSS8.8AI score0.0051EPSS

CVE•added 2019/07/30 9:15 p.m.•168 views

CVE-2019-5459

An Integer underflow in VLC Media Player versions

7.1CVSS7.8AI score0.00944EPSS

CVE•added 2020/06/24 1:15 p.m.•168 views

CVE-2020-12864

4.3CVSS5.7AI score0.00208EPSS

CVE•added 2020/09/25 7:15 p.m.•168 views

CVE-2020-15209

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. ...

5.9CVSS5.8AI score0.00357EPSS

CVE•added 2020/08/11 4:15 p.m.•168 views

CVE-2020-17368

Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.

9.8CVSS9.5AI score0.0449EPSS

CVE•added 2020/05/21 4:15 a.m.•168 views

CVE-2020-6480

Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.

6.5CVSS6.6AI score0.00495EPSS

CVE•added 2020/09/21 8:15 p.m.•168 views

CVE-2020-6566

Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.00889EPSS

CVE•added 2019/05/20 5:29 p.m.•167 views

CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.

6.5CVSS7.1AI score0.01893EPSS

CVE•added 2020/09/25 7:15 p.m.•167 views

CVE-2020-15211

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices ...

5.8CVSS5.2AI score0.00344EPSS

CVE•added 2020/06/30 12:15 p.m.•167 views

CVE-2020-15396

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.

7.8CVSS7.3AI score0.00073EPSS

CVE•added 2020/10/06 3:15 p.m.•167 views

CVE-2020-25862

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

7.5CVSS7.3AI score0.00297EPSS

CVE•added 2020/07/22 5:15 p.m.•167 views

CVE-2020-6528

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3CVSS4.8AI score0.01606EPSS

CVE•added 2020/06/18 3:15 p.m.•166 views

CVE-2017-9103

An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling prog...

9.8CVSS9AI score0.00858EPSS

CVE•added 2019/02/05 8:29 p.m.•166 views

CVE-2018-8793

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.

9.8CVSS9.7AI score0.08095EPSS

CVE•added 2019/02/05 12:29 a.m.•166 views

CVE-2019-7396

In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.

7.5CVSS7.2AI score0.02743EPSS

CVE•added 2019/03/21 4:1 p.m.•166 views

CVE-2019-9894

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.

7.5CVSS8.3AI score0.00939EPSS

Total number of security vulnerabilities1897