Leap Security Vulnerabilities and Issues — Page 7 of Leap CVE List

Lucene search

OpensuseLeap

306 matches found

CVE•added 2016/01/27 8:59 p.m.•43 views

CVE-2015-8618

The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.

7.5CVSS7.2AI score0.00735EPSS

CVE•added 2016/12/23 10:59 p.m.•43 views

CVE-2016-2312

Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.

6.8CVSS6.4AI score0.00077EPSS

CVE•added 2016/06/30 5:59 p.m.•41 views

CVE-2016-5301

The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.

7.5CVSS7.4AI score0.01385EPSS

CVE•added 2016/12/23 10:59 p.m.•41 views

CVE-2016-7787

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.

4.9CVSS5.2AI score0.0054EPSS

CVE•added 2016/07/13 3:59 p.m.•38 views

CVE-2016-3100

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.

8.4CVSS8.1AI score0.00071EPSS

CVE•added 2016/04/13 2:59 p.m.•34 views

CVE-2016-4007

Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal options."

10CVSS9.7AI score0.01314EPSS

Total number of security vulnerabilities306