Marcus Updateinfo to OVAL Converter5.52022-04-29T06:38:54CVE-2009-4112openSUSE Leap 15.1
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
LowCVE-2009-4112SUSE bug 1122535SUSE bug 558664cpe:/o:opensuse:leap:15.1CVE-2011-2767openSUSE Leap 15.1
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.
ModerateCVE-2011-2767SUSE bug 1156944cpe:/o:opensuse:leap:15.1CVE-2011-3389openSUSE Leap 15.1
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
ModerateCVE-2011-3389SUSE bug 716002SUSE bug 719047SUSE bug 725167SUSE bug 726096SUSE bug 739248SUSE bug 739256SUSE bug 742306SUSE bug 751718SUSE bug 759666SUSE bug 763598SUSE bug 814655cpe:/o:opensuse:leap:15.1CVE-2011-4944openSUSE Leap 15.1
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
LowCVE-2011-4944SUSE bug 754447cpe:/o:opensuse:leap:15.1CVE-2012-0845openSUSE Leap 15.1
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
ModerateCVE-2012-0845SUSE bug 747125cpe:/o:opensuse:leap:15.1CVE-2012-1150openSUSE Leap 15.1
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
ModerateCVE-2012-1150SUSE bug 751718SUSE bug 755383SUSE bug 826682cpe:/o:opensuse:leap:15.1CVE-2012-6708openSUSE Leap 15.1
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
ModerateCVE-2012-6708SUSE bug 1111661cpe:/o:opensuse:leap:15.1CVE-2013-1752openSUSE Leap 15.1
** REJECT ** Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 "Independently Fixable" in the CVE Counting Decisions.
ModerateCVE-2013-1752SUSE bug 856835SUSE bug 856836SUSE bug 863741SUSE bug 885882SUSE bug 898572SUSE bug 912739cpe:/o:opensuse:leap:15.1CVE-2013-4238openSUSE Leap 15.1
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
ModerateCVE-2013-4238SUSE bug 834601SUSE bug 839107SUSE bug 882915SUSE bug 912739cpe:/o:opensuse:leap:15.1CVE-2014-10401openSUSE Leap 15.1
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
ModerateCVE-2014-10401SUSE bug 1176492cpe:/o:opensuse:leap:15.1CVE-2014-10402openSUSE Leap 15.1
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
ModerateCVE-2014-10402SUSE bug 1176492cpe:/o:opensuse:leap:15.1CVE-2014-2667openSUSE Leap 15.1
Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.
ModerateCVE-2014-2667SUSE bug 871152cpe:/o:opensuse:leap:15.1CVE-2014-2905openSUSE Leap 15.1
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions.
ImportantCVE-2014-2905cpe:/o:opensuse:leap:15.1CVE-2014-2906openSUSE Leap 15.1
The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name.
ImportantCVE-2014-2906cpe:/o:opensuse:leap:15.1CVE-2014-2914openSUSE Leap 15.1
fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.
ModerateCVE-2014-2914cpe:/o:opensuse:leap:15.1CVE-2014-3219openSUSE Leap 15.1
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
ModerateCVE-2014-3219cpe:/o:opensuse:leap:15.1CVE-2014-3577openSUSE Leap 15.1
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
ModerateCVE-2014-3577SUSE bug 1178171cpe:/o:opensuse:leap:15.1CVE-2014-3856openSUSE Leap 15.1
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
ModerateCVE-2014-3856cpe:/o:opensuse:leap:15.1CVE-2014-4650openSUSE Leap 15.1
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.
ModerateCVE-2014-4650SUSE bug 856835SUSE bug 856836SUSE bug 863741SUSE bug 885882SUSE bug 898572SUSE bug 912739cpe:/o:opensuse:leap:15.1CVE-2015-4141openSUSE Leap 15.1
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
ModerateCVE-2015-4141SUSE bug 915323SUSE bug 930077cpe:/o:opensuse:leap:15.1CVE-2015-4142openSUSE Leap 15.1
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
ModerateCVE-2015-4142SUSE bug 915323SUSE bug 930078cpe:/o:opensuse:leap:15.1CVE-2015-4143openSUSE Leap 15.1
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
ModerateCVE-2015-4143SUSE bug 930079cpe:/o:opensuse:leap:15.1CVE-2015-5262openSUSE Leap 15.1
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
ImportantCVE-2015-5262SUSE bug 1120767SUSE bug 945190cpe:/o:opensuse:leap:15.1CVE-2015-8041openSUSE Leap 15.1
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
LowCVE-2015-8041SUSE bug 937419cpe:/o:opensuse:leap:15.1CVE-2015-9251openSUSE Leap 15.1
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
ModerateCVE-2015-9251SUSE bug 1099458SUSE bug 1100133SUSE bug 1111660cpe:/o:opensuse:leap:15.1CVE-2015-9275openSUSE Leap 15.1
ARC 5.21q allows directory traversal via a full pathname in an archive file.
LowCVE-2015-9275SUSE bug 1121032cpe:/o:opensuse:leap:15.1CVE-2016-0772openSUSE Leap 15.1
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
ModerateCVE-2016-0772SUSE bug 984751cpe:/o:opensuse:leap:15.1CVE-2016-1000110openSUSE Leap 15.1
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
ModerateCVE-2016-1000110SUSE bug 988484SUSE bug 989523cpe:/o:opensuse:leap:15.1CVE-2016-10937openSUSE Leap 15.1
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
ModerateCVE-2016-10937SUSE bug 1149931cpe:/o:opensuse:leap:15.1CVE-2016-3189openSUSE Leap 15.1
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
LowCVE-2016-3189SUSE bug 985657cpe:/o:opensuse:leap:15.1CVE-2016-5195openSUSE Leap 15.1
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
ImportantCVE-2016-5195SUSE bug 1004418SUSE bug 1004419SUSE bug 1004436SUSE bug 1006323SUSE bug 1006695SUSE bug 1008110SUSE bug 1030118SUSE bug 1069496SUSE bug 1149725SUSE bug 870618SUSE bug 986445SUSE bug 998689cpe:/o:opensuse:leap:15.1CVE-2016-5636openSUSE Leap 15.1
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
ImportantCVE-2016-5636SUSE bug 1065451SUSE bug 1106262SUSE bug 985177cpe:/o:opensuse:leap:15.1CVE-2016-5699openSUSE Leap 15.1
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
ModerateCVE-2016-5699SUSE bug 1122729SUSE bug 1130840SUSE bug 985348SUSE bug 985351SUSE bug 986630cpe:/o:opensuse:leap:15.1CVE-2016-6328openSUSE Leap 15.1
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
ModerateCVE-2016-6328SUSE bug 1055857cpe:/o:opensuse:leap:15.1CVE-2016-8859openSUSE Leap 15.1
Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write.
ModerateCVE-2016-8859SUSE bug 1005483cpe:/o:opensuse:leap:15.1CVE-2016-9180openSUSE Leap 15.1
perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option's setting.
ImportantCVE-2016-9180SUSE bug 1008644cpe:/o:opensuse:leap:15.1CVE-2016-9398openSUSE Leap 15.1
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
ModerateCVE-2016-9398SUSE bug 1010979SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2016-9399openSUSE Leap 15.1
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
ModerateCVE-2016-9399SUSE bug 1010980SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2016-9797openSUSE Leap 15.1
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
LowCVE-2016-9797SUSE bug 1013708SUSE bug 1013712cpe:/o:opensuse:leap:15.1CVE-2016-9798openSUSE Leap 15.1
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
LowCVE-2016-9798SUSE bug 1013708SUSE bug 1013712SUSE bug 1013732cpe:/o:opensuse:leap:15.1CVE-2016-9802openSUSE Leap 15.1
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
LowCVE-2016-9802SUSE bug 1013893SUSE bug 1015173cpe:/o:opensuse:leap:15.1CVE-2016-9917openSUSE Leap 15.1
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
ModerateCVE-2016-9917SUSE bug 1015171cpe:/o:opensuse:leap:15.1CVE-2017-1000126openSUSE Leap 15.1
exiv2 0.26 contains a Stack out of bounds read in webp parser
ModerateCVE-2017-1000126SUSE bug 1068873cpe:/o:opensuse:leap:15.1CVE-2017-1000231openSUSE Leap 15.1
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
ImportantCVE-2017-1000231SUSE bug 1068711cpe:/o:opensuse:leap:15.1CVE-2017-1000232openSUSE Leap 15.1
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
ModerateCVE-2017-1000232SUSE bug 1068709cpe:/o:opensuse:leap:15.1CVE-2017-1002101openSUSE Leap 15.1
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem.
ImportantCVE-2017-1002101SUSE bug 1084923SUSE bug 1085007SUSE bug 1085009SUSE bug 1096726cpe:/o:opensuse:leap:15.1CVE-2017-11104openSUSE Leap 15.1
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.
ImportantCVE-2017-11104SUSE bug 1047841cpe:/o:opensuse:leap:15.1CVE-2017-12481openSUSE Leap 15.1
The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ImportantCVE-2017-12481SUSE bug 1052484cpe:/o:opensuse:leap:15.1CVE-2017-12482openSUSE Leap 15.1
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
ImportantCVE-2017-12482SUSE bug 1052478SUSE bug 1052484cpe:/o:opensuse:leap:15.1CVE-2017-12911openSUSE Leap 15.1
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file.
ModerateCVE-2017-12911SUSE bug 1082274SUSE bug 1092152cpe:/o:opensuse:leap:15.1CVE-2017-13077openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
ImportantCVE-2017-13077SUSE bug 1056061SUSE bug 1063479SUSE bug 1063963cpe:/o:opensuse:leap:15.1CVE-2017-13078openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13078SUSE bug 1056061SUSE bug 1063479SUSE bug 1063667cpe:/o:opensuse:leap:15.1CVE-2017-13079openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
ImportantCVE-2017-13079SUSE bug 1056061SUSE bug 1063479cpe:/o:opensuse:leap:15.1CVE-2017-13080openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13080SUSE bug 1056061SUSE bug 1063479SUSE bug 1063667SUSE bug 1063671SUSE bug 1066295SUSE bug 1105108SUSE bug 1178872cpe:/o:opensuse:leap:15.1CVE-2017-13081openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
ImportantCVE-2017-13081SUSE bug 1056061SUSE bug 1063479SUSE bug 1066295SUSE bug 1105108cpe:/o:opensuse:leap:15.1CVE-2017-13082openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
ImportantCVE-2017-13082SUSE bug 1056061SUSE bug 1063479cpe:/o:opensuse:leap:15.1CVE-2017-13086openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
ImportantCVE-2017-13086SUSE bug 1056061SUSE bug 1063479cpe:/o:opensuse:leap:15.1CVE-2017-13087openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13087SUSE bug 1056061SUSE bug 1063479cpe:/o:opensuse:leap:15.1CVE-2017-13088openSUSE Leap 15.1
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
ImportantCVE-2017-13088SUSE bug 1056061SUSE bug 1063479cpe:/o:opensuse:leap:15.1CVE-2017-13098openSUSE Leap 15.1
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT."
ModerateCVE-2017-13098SUSE bug 1072697cpe:/o:opensuse:leap:15.1CVE-2017-14132openSUSE Leap 15.1
JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c.
LowCVE-2017-14132SUSE bug 1057152SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-14988openSUSE Leap 15.1
** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.
ModerateCVE-2017-14988SUSE bug 1061305cpe:/o:opensuse:leap:15.1CVE-2017-15107openSUSE Leap 15.1
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.
ModerateCVE-2017-15107SUSE bug 1076958cpe:/o:opensuse:leap:15.1CVE-2017-15298openSUSE Leap 15.1
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
ModerateCVE-2017-15298SUSE bug 1063412cpe:/o:opensuse:leap:15.1CVE-2017-16808openSUSE Leap 15.1
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
ImportantCVE-2017-16808SUSE bug 1068716SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2017-17555openSUSE Leap 15.1
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
ModerateCVE-2017-17555SUSE bug 1072366cpe:/o:opensuse:leap:15.1CVE-2017-17740openSUSE Leap 15.1
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
ModerateCVE-2017-17740SUSE bug 1073313cpe:/o:opensuse:leap:15.1CVE-2017-17742openSUSE Leap 15.1
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.
ModerateCVE-2017-17742SUSE bug 1087434SUSE bug 1136906SUSE bug 1152992cpe:/o:opensuse:leap:15.1CVE-2017-17784openSUSE Leap 15.1
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
ModerateCVE-2017-17784SUSE bug 1073624cpe:/o:opensuse:leap:15.1CVE-2017-17785openSUSE Leap 15.1
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
ModerateCVE-2017-17785SUSE bug 1073625cpe:/o:opensuse:leap:15.1CVE-2017-17786openSUSE Leap 15.1
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.
ModerateCVE-2017-17786SUSE bug 1073626cpe:/o:opensuse:leap:15.1CVE-2017-17787openSUSE Leap 15.1
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.
ModerateCVE-2017-17787SUSE bug 1073628cpe:/o:opensuse:leap:15.1CVE-2017-17789openSUSE Leap 15.1
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.
ModerateCVE-2017-17789SUSE bug 1073627cpe:/o:opensuse:leap:15.1CVE-2017-18207openSUSE Leap 15.1
** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions."
ModerateCVE-2017-18207SUSE bug 1083507cpe:/o:opensuse:leap:15.1CVE-2017-18551openSUSE Leap 15.1
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
ModerateCVE-2017-18551SUSE bug 1146163cpe:/o:opensuse:leap:15.1CVE-2017-18594openSUSE Leap 15.1
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
ModerateCVE-2017-18594SUSE bug 1148742cpe:/o:opensuse:leap:15.1CVE-2017-18595openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
ModerateCVE-2017-18595SUSE bug 1149555cpe:/o:opensuse:leap:15.1CVE-2017-18922openSUSE Leap 15.1
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
ImportantCVE-2017-18922SUSE bug 1173477cpe:/o:opensuse:leap:15.1CVE-2017-18926openSUSE Leap 15.1
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
ImportantCVE-2017-18926SUSE bug 1178593SUSE bug 1178784SUSE bug 1178903SUSE bug 1183914cpe:/o:opensuse:leap:15.1CVE-2017-2579openSUSE Leap 15.1
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
ModerateCVE-2017-2579SUSE bug 1024287SUSE bug 1024288cpe:/o:opensuse:leap:15.1CVE-2017-2580openSUSE Leap 15.1
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
ModerateCVE-2017-2580SUSE bug 1024287SUSE bug 1024291cpe:/o:opensuse:leap:15.1CVE-2017-2807openSUSE Leap 15.1
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability.
ImportantCVE-2017-2807SUSE bug 1052484cpe:/o:opensuse:leap:15.1CVE-2017-2808openSUSE Leap 15.1
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this vulnerability.
ImportantCVE-2017-2808SUSE bug 1052484cpe:/o:opensuse:leap:15.1CVE-2017-3136openSUSE Leap 15.1
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
ImportantCVE-2017-3136SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702SUSE bug 1024130SUSE bug 1033461SUSE bug 1033466SUSE bug 1081545cpe:/o:opensuse:leap:15.1CVE-2017-5499openSUSE Leap 15.1
Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
ModerateCVE-2017-5499SUSE bug 1020451SUSE bug 1020456SUSE bug 1020460SUSE bug 1115637SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-5503openSUSE Leap 15.1
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
ModerateCVE-2017-5503SUSE bug 1020456SUSE bug 1020458SUSE bug 1020460SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-5504openSUSE Leap 15.1
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
ModerateCVE-2017-5504SUSE bug 1020456SUSE bug 1020458SUSE bug 1020460SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-5505openSUSE Leap 15.1
The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
ModerateCVE-2017-5505SUSE bug 1020456SUSE bug 1020458SUSE bug 1020460SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-7418openSUSE Leap 15.1
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.
ImportantCVE-2017-7418SUSE bug 1032443cpe:/o:opensuse:leap:15.1CVE-2017-7544openSUSE Leap 15.1
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
LowCVE-2017-7544SUSE bug 1059893cpe:/o:opensuse:leap:15.1CVE-2017-7607openSUSE Leap 15.1
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7607SUSE bug 1033084cpe:/o:opensuse:leap:15.1CVE-2017-7608openSUSE Leap 15.1
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7608SUSE bug 1033085cpe:/o:opensuse:leap:15.1CVE-2017-7609openSUSE Leap 15.1
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
ModerateCVE-2017-7609SUSE bug 1033086cpe:/o:opensuse:leap:15.1CVE-2017-7610openSUSE Leap 15.1
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7610SUSE bug 1033087cpe:/o:opensuse:leap:15.1CVE-2017-7611openSUSE Leap 15.1
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7611SUSE bug 1033088cpe:/o:opensuse:leap:15.1CVE-2017-7612openSUSE Leap 15.1
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
ModerateCVE-2017-7612SUSE bug 1033089cpe:/o:opensuse:leap:15.1CVE-2017-7613openSUSE Leap 15.1
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
ModerateCVE-2017-7613SUSE bug 1033090cpe:/o:opensuse:leap:15.1CVE-2017-8834openSUSE Leap 15.1
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
LowCVE-2017-8834SUSE bug 1043898SUSE bug 1043899cpe:/o:opensuse:leap:15.1CVE-2017-8871openSUSE Leap 15.1
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
LowCVE-2017-8871SUSE bug 1043898SUSE bug 1043899cpe:/o:opensuse:leap:15.1CVE-2017-9103openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling program, leaking aspects of the contents of some of its memory, causing it to allocate lots of memory, or perhaps overrunning a buffer. This is only possible with applications which make non-raw queries for SOA or RP records.
ImportantCVE-2017-9103SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9104openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.
ImportantCVE-2017-9104SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9105openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
ImportantCVE-2017-9105SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9106openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the sizes of the types on the current platform). Of course the inputs ought to be right. And there are pointers in there too, so perhaps one could say that the caller ought to check these things. It may be better to require the caller to make the pointer structure right, but to have the code here be defensive about (and tolerate with an error but without crashing) out-of-range integer values. So: it should defend each of these integer conversion sites with a check for the actual permitted range, and return adns_s_invaliddata if not. The lack of this check causes the SOA sign extension bug to be a serious security problem: the sign extended SOA value is out of range, and overruns the buffer when reconverted. This is related to sign extending SOA 32-bit integer fields, and use of a signed data type.
ImportantCVE-2017-9106SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9107openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart the input buffer and start processing many bytes of arbitrary heap data as if it were the query domain. Eventually it would run out of input or find some other kind of error, and declare the query domain invalid. But before then it might outrun available memory and crash. In principle this could be a denial of service attack.
ImportantCVE-2017-9107SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9108openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte.
ImportantCVE-2017-9108SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9109openSUSE Leap 15.1
An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct.
ImportantCVE-2017-9109SUSE bug 1172265cpe:/o:opensuse:leap:15.1CVE-2017-9111openSUSE Leap 15.1
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9111SUSE bug 1040109cpe:/o:opensuse:leap:15.1CVE-2017-9113openSUSE Leap 15.1
In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9113SUSE bug 1040113cpe:/o:opensuse:leap:15.1CVE-2017-9115openSUSE Leap 15.1
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
ModerateCVE-2017-9115SUSE bug 1040115cpe:/o:opensuse:leap:15.1CVE-2017-9239openSUSE Leap 15.1
An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file.
LowCVE-2017-9239SUSE bug 1040973cpe:/o:opensuse:leap:15.1CVE-2017-9782openSUSE Leap 15.1
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
LowCVE-2017-9782SUSE bug 1045450SUSE bug 1117328SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2017-9814openSUSE Leap 15.1
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
ModerateCVE-2017-9814SUSE bug 1049092cpe:/o:opensuse:leap:15.1CVE-2018-0734openSUSE Leap 15.1
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
ModerateCVE-2018-0734SUSE bug 1113534SUSE bug 1113652SUSE bug 1113742SUSE bug 1122198SUSE bug 1122212SUSE bug 1126909SUSE bug 1148697cpe:/o:opensuse:leap:15.1CVE-2018-1000073openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the root. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000073SUSE bug 1082007cpe:/o:opensuse:leap:15.1CVE-2018-1000074openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `gem owner` command on a gem with a specially crafted YAML file. This vulnerability appears to have been fixed in 2.7.6.
ImportantCVE-2018-1000074SUSE bug 1082008SUSE bug 1175764cpe:/o:opensuse:leap:15.1CVE-2018-1000075openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6.
LowCVE-2018-1000075SUSE bug 1082014cpe:/o:opensuse:leap:15.1CVE-2018-1000076openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in a mis-signed gem could be installed, as the tarball would contain multiple gem signatures.. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000076SUSE bug 1082009cpe:/o:opensuse:leap:15.1CVE-2018-1000077openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem could set an invalid homepage URL. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000077SUSE bug 1082010SUSE bug 1183937cpe:/o:opensuse:leap:15.1CVE-2018-1000078openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000078SUSE bug 1082011cpe:/o:opensuse:leap:15.1CVE-2018-1000079openSUSE Leap 15.1
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6.
ModerateCVE-2018-1000079SUSE bug 1082058cpe:/o:opensuse:leap:15.1CVE-2018-1000199openSUSE Leap 15.1
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
ImportantCVE-2018-1000199SUSE bug 1089895SUSE bug 1090036cpe:/o:opensuse:leap:15.1CVE-2018-1000613openSUSE Leap 15.1
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
ModerateCVE-2018-1000613SUSE bug 1096291SUSE bug 1100694SUSE bug 1153385cpe:/o:opensuse:leap:15.1CVE-2018-1000622openSUSE Leap 15.1
The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plugin-path flag. This vulnerability appears to have been fixed in 1.27.1.
ModerateCVE-2018-1000622SUSE bug 1100691cpe:/o:opensuse:leap:15.1CVE-2018-1000654openSUSE Leap 15.1
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.
ModerateCVE-2018-1000654SUSE bug 1105435cpe:/o:opensuse:leap:15.1CVE-2018-1000667openSUSE Leap 15.1
NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
LowCVE-2018-1000667SUSE bug 1107592cpe:/o:opensuse:leap:15.1CVE-2018-1000802openSUSE Leap 15.1
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.
ModerateCVE-2018-1000802SUSE bug 1109663cpe:/o:opensuse:leap:15.1CVE-2018-1000876openSUSE Leap 15.1
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
ModerateCVE-2018-1000876SUSE bug 1120640cpe:/o:opensuse:leap:15.1CVE-2018-1000877openSUSE Leap 15.1
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
LowCVE-2018-1000877SUSE bug 1120653cpe:/o:opensuse:leap:15.1CVE-2018-1000878openSUSE Leap 15.1
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive.
ModerateCVE-2018-1000878SUSE bug 1120654cpe:/o:opensuse:leap:15.1CVE-2018-10016openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.
LowCVE-2018-10016SUSE bug 1089084cpe:/o:opensuse:leap:15.1CVE-2018-1002105openSUSE Leap 15.1
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
CriticalCVE-2018-1002105SUSE bug 1118198SUSE bug 1118260cpe:/o:opensuse:leap:15.1CVE-2018-10103openSUSE Leap 15.1
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
ModerateCVE-2018-10103SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-10105openSUSE Leap 15.1
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
ModerateCVE-2018-10105SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-10196openSUSE Leap 15.1
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
LowCVE-2018-10196SUSE bug 1093447cpe:/o:opensuse:leap:15.1CVE-2018-10254openSUSE Leap 15.1
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.
LowCVE-2018-10254SUSE bug 1090519cpe:/o:opensuse:leap:15.1CVE-2018-10316openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow.
LowCVE-2018-10316SUSE bug 1090840cpe:/o:opensuse:leap:15.1CVE-2018-10536openSUSE Leap 15.1
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
ImportantCVE-2018-10536SUSE bug 1091344cpe:/o:opensuse:leap:15.1CVE-2018-10537openSUSE Leap 15.1
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
ImportantCVE-2018-10537SUSE bug 1091343cpe:/o:opensuse:leap:15.1CVE-2018-10538openSUSE Leap 15.1
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10538SUSE bug 1091342cpe:/o:opensuse:leap:15.1CVE-2018-10539openSUSE Leap 15.1
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10539SUSE bug 1091341cpe:/o:opensuse:leap:15.1CVE-2018-10540openSUSE Leap 15.1
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
ModerateCVE-2018-10540SUSE bug 1091340cpe:/o:opensuse:leap:15.1CVE-2018-1060openSUSE Leap 15.1
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
LowCVE-2018-1060SUSE bug 1088009cpe:/o:opensuse:leap:15.1CVE-2018-1061openSUSE Leap 15.1
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
ModerateCVE-2018-1061SUSE bug 1088004cpe:/o:opensuse:leap:15.1CVE-2018-10811openSUSE Leap 15.1
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
ImportantCVE-2018-10811SUSE bug 1093536cpe:/o:opensuse:leap:15.1CVE-2018-1088openSUSE Leap 15.1
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
ImportantCVE-2018-1088SUSE bug 1090084cpe:/o:opensuse:leap:15.1CVE-2018-10886openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None.
ModerateCVE-2018-10886SUSE bug 1100053cpe:/o:opensuse:leap:15.1CVE-2018-10892openSUSE Leap 15.1
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.
ModerateCVE-2018-10892SUSE bug 1100331SUSE bug 1100838cpe:/o:opensuse:leap:15.1CVE-2018-10904openSUSE Leap 15.1
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume.
ImportantCVE-2018-10904SUSE bug 1105776SUSE bug 1107018cpe:/o:opensuse:leap:15.1CVE-2018-10907openSUSE Leap 15.1
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.
ImportantCVE-2018-10907SUSE bug 1105776SUSE bug 1107019cpe:/o:opensuse:leap:15.1CVE-2018-10911openSUSE Leap 15.1
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
ModerateCVE-2018-10911SUSE bug 1105776SUSE bug 1107020cpe:/o:opensuse:leap:15.1CVE-2018-10913openSUSE Leap 15.1
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.
LowCVE-2018-10913SUSE bug 1105776SUSE bug 1107021cpe:/o:opensuse:leap:15.1CVE-2018-10914openSUSE Leap 15.1
It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes.
ModerateCVE-2018-10914SUSE bug 1105776SUSE bug 1107022cpe:/o:opensuse:leap:15.1CVE-2018-10915openSUSE Leap 15.1
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
ImportantCVE-2018-10915SUSE bug 1104199SUSE bug 1140876SUSE bug 1185814cpe:/o:opensuse:leap:15.1CVE-2018-10923openSUSE Leap 15.1
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.
ImportantCVE-2018-10923SUSE bug 1105776SUSE bug 1107023cpe:/o:opensuse:leap:15.1CVE-2018-10924openSUSE Leap 15.1
It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine.
ModerateCVE-2018-10924SUSE bug 1105776SUSE bug 1107024cpe:/o:opensuse:leap:15.1CVE-2018-10925openSUSE Leap 15.1
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.
ImportantCVE-2018-10925SUSE bug 1104202cpe:/o:opensuse:leap:15.1CVE-2018-10926openSUSE Leap 15.1
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
ImportantCVE-2018-10926SUSE bug 1105776SUSE bug 1107025SUSE bug 1112909cpe:/o:opensuse:leap:15.1CVE-2018-10927openSUSE Leap 15.1
A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.
ImportantCVE-2018-10927SUSE bug 1105776SUSE bug 1107026SUSE bug 1112909cpe:/o:opensuse:leap:15.1CVE-2018-10928openSUSE Leap 15.1
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.
ImportantCVE-2018-10928SUSE bug 1105776SUSE bug 1107027SUSE bug 1112909cpe:/o:opensuse:leap:15.1CVE-2018-10929openSUSE Leap 15.1
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.
ImportantCVE-2018-10929SUSE bug 1105776SUSE bug 1107028SUSE bug 1112909cpe:/o:opensuse:leap:15.1CVE-2018-10930openSUSE Leap 15.1
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.
ModerateCVE-2018-10930SUSE bug 1105776SUSE bug 1107029SUSE bug 1112909cpe:/o:opensuse:leap:15.1CVE-2018-1112openSUSE Leap 15.1
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
ImportantCVE-2018-1112SUSE bug 1090084cpe:/o:opensuse:leap:15.1CVE-2018-1115openSUSE Leap 15.1
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
ModerateCVE-2018-1115SUSE bug 1091610cpe:/o:opensuse:leap:15.1CVE-2018-1122openSUSE Leap 15.1
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
ModerateCVE-2018-1122SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:opensuse:leap:15.1CVE-2018-1123openSUSE Leap 15.1
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).
ModerateCVE-2018-1123SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:opensuse:leap:15.1CVE-2018-11233openSUSE Leap 15.1
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.
ModerateCVE-2018-11233SUSE bug 1095218cpe:/o:opensuse:leap:15.1CVE-2018-11235openSUSE Leap 15.1
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.
ImportantCVE-2018-11235SUSE bug 1095219cpe:/o:opensuse:leap:15.1CVE-2018-1124openSUSE Leap 15.1
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
ModerateCVE-2018-1124SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:opensuse:leap:15.1CVE-2018-11243openSUSE Leap 15.1
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file.
ModerateCVE-2018-11243SUSE bug 1094138cpe:/o:opensuse:leap:15.1CVE-2018-1125openSUSE Leap 15.1
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.
ModerateCVE-2018-1125SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:opensuse:leap:15.1CVE-2018-1126openSUSE Leap 15.1
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
ModerateCVE-2018-1126SUSE bug 1087082SUSE bug 1092100SUSE bug 1093158SUSE bug 1123135SUSE bug 1126909SUSE bug 1128955cpe:/o:opensuse:leap:15.1CVE-2018-11354openSUSE Leap 15.1
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
ModerateCVE-2018-11354SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11355openSUSE Leap 15.1
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
ModerateCVE-2018-11355SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11356openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
ModerateCVE-2018-11356SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11357openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
ModerateCVE-2018-11357SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11358openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
ModerateCVE-2018-11358SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11359openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
ModerateCVE-2018-11359SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11360openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.
ModerateCVE-2018-11360SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11361openSUSE Leap 15.1
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
ModerateCVE-2018-11361SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11362openSUSE Leap 15.1
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character.
ModerateCVE-2018-11362SUSE bug 1094301cpe:/o:opensuse:leap:15.1CVE-2018-11396openSUSE Leap 15.1
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
ModerateCVE-2018-11396SUSE bug 1094464SUSE bug 1096688cpe:/o:opensuse:leap:15.1CVE-2018-11499openSUSE Leap 15.1
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
ModerateCVE-2018-11499SUSE bug 1096894cpe:/o:opensuse:leap:15.1CVE-2018-11763openSUSE Leap 15.1
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.
ImportantCVE-2018-11763SUSE bug 1109961SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2018-11782openSUSE Leap 15.1
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
ModerateCVE-2018-11782SUSE bug 1142743cpe:/o:opensuse:leap:15.1CVE-2018-11784openSUSE Leap 15.1
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.
ModerateCVE-2018-11784SUSE bug 1110850SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2018-11805openSUSE Leap 15.1
In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places.
ImportantCVE-2018-11805SUSE bug 1118987SUSE bug 1162197SUSE bug 1162200cpe:/o:opensuse:leap:15.1CVE-2018-12086openSUSE Leap 15.1
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
ImportantCVE-2018-12086SUSE bug 1111647cpe:/o:opensuse:leap:15.1CVE-2018-12126openSUSE Leap 15.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12126SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1135524SUSE bug 1137916SUSE bug 1138534SUSE bug 1141977SUSE bug 1149725SUSE bug 1149726SUSE bug 1149729SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2018-12127openSUSE Leap 15.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12127SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2018-12130openSUSE Leap 15.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2018-12130SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1135409SUSE bug 1137916SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2018-12207openSUSE Leap 15.1
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
ModerateCVE-2018-12207SUSE bug 1117665SUSE bug 1139073SUSE bug 1152505SUSE bug 1155812SUSE bug 1155817SUSE bug 1155945SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2018-12264openSUSE Leap 15.1
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.
ModerateCVE-2018-12264SUSE bug 1097600cpe:/o:opensuse:leap:15.1CVE-2018-12265openSUSE Leap 15.1
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
ModerateCVE-2018-12265SUSE bug 1097599cpe:/o:opensuse:leap:15.1CVE-2018-12648openSUSE Leap 15.1
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.
ModerateCVE-2018-12648SUSE bug 1098946cpe:/o:opensuse:leap:15.1CVE-2018-13305openSUSE Leap 15.1
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service.
ModerateCVE-2018-13305SUSE bug 1100345cpe:/o:opensuse:leap:15.1CVE-2018-13441openSUSE Leap 15.1
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
ModerateCVE-2018-13441SUSE bug 1101293cpe:/o:opensuse:leap:15.1CVE-2018-13457openSUSE Leap 15.1
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
ModerateCVE-2018-13457SUSE bug 1101290cpe:/o:opensuse:leap:15.1CVE-2018-13458openSUSE Leap 15.1
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
ModerateCVE-2018-13458SUSE bug 1101289cpe:/o:opensuse:leap:15.1CVE-2018-13785openSUSE Leap 15.1
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
LowCVE-2018-13785SUSE bug 1100687SUSE bug 1112153SUSE bug 1116574cpe:/o:opensuse:leap:15.1CVE-2018-14332openSUSE Leap 15.1
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.
ModerateCVE-2018-14332SUSE bug 1103041cpe:/o:opensuse:leap:15.1CVE-2018-14339openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
LowCVE-2018-14339SUSE bug 1101810cpe:/o:opensuse:leap:15.1CVE-2018-14340openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
LowCVE-2018-14340SUSE bug 1101804cpe:/o:opensuse:leap:15.1CVE-2018-14341openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
LowCVE-2018-14341SUSE bug 1101776cpe:/o:opensuse:leap:15.1CVE-2018-14342openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
LowCVE-2018-14342SUSE bug 1101777cpe:/o:opensuse:leap:15.1CVE-2018-14343openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.
LowCVE-2018-14343SUSE bug 1101786cpe:/o:opensuse:leap:15.1CVE-2018-14344openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.
LowCVE-2018-14344SUSE bug 1101788cpe:/o:opensuse:leap:15.1CVE-2018-14367openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.
LowCVE-2018-14367SUSE bug 1101791cpe:/o:opensuse:leap:15.1CVE-2018-14368openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.
LowCVE-2018-14368SUSE bug 1101794cpe:/o:opensuse:leap:15.1CVE-2018-14369openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.
LowCVE-2018-14369SUSE bug 1101800cpe:/o:opensuse:leap:15.1CVE-2018-14370openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.
LowCVE-2018-14370SUSE bug 1101802cpe:/o:opensuse:leap:15.1CVE-2018-14461openSUSE Leap 15.1
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
ModerateCVE-2018-14461SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14462openSUSE Leap 15.1
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
ModerateCVE-2018-14462SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14463openSUSE Leap 15.1
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().
ModerateCVE-2018-14463SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14464openSUSE Leap 15.1
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
ModerateCVE-2018-14464SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14465openSUSE Leap 15.1
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
ModerateCVE-2018-14465SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14466openSUSE Leap 15.1
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
ModerateCVE-2018-14466SUSE bug 1153098SUSE bug 1166972cpe:/o:opensuse:leap:15.1CVE-2018-14467openSUSE Leap 15.1
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
ModerateCVE-2018-14467SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14468openSUSE Leap 15.1
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
ModerateCVE-2018-14468SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14469openSUSE Leap 15.1
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
ModerateCVE-2018-14469SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14470openSUSE Leap 15.1
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
ModerateCVE-2018-14470SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14526openSUSE Leap 15.1
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
ModerateCVE-2018-14526SUSE bug 1104205cpe:/o:opensuse:leap:15.1CVE-2018-14553openSUSE Leap 15.1
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
ModerateCVE-2018-14553SUSE bug 1165471cpe:/o:opensuse:leap:15.1CVE-2018-14647openSUSE Leap 15.1
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
ModerateCVE-2018-14647SUSE bug 1109847SUSE bug 1126909cpe:/o:opensuse:leap:15.1CVE-2018-14879openSUSE Leap 15.1
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
ModerateCVE-2018-14879SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14880openSUSE Leap 15.1
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
ModerateCVE-2018-14880SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14881openSUSE Leap 15.1
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
ModerateCVE-2018-14881SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-14882openSUSE Leap 15.1
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
ModerateCVE-2018-14882SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-15173openSUSE Leap 15.1
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.
ModerateCVE-2018-15173SUSE bug 1104139cpe:/o:opensuse:leap:15.1CVE-2018-15518openSUSE Leap 15.1
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
ModerateCVE-2018-15518SUSE bug 1118595SUSE bug 1126909cpe:/o:opensuse:leap:15.1CVE-2018-15587openSUSE Leap 15.1
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
ModerateCVE-2018-15587SUSE bug 1125230cpe:/o:opensuse:leap:15.1CVE-2018-15664openSUSE Leap 15.1
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
ModerateCVE-2018-15664SUSE bug 1096726SUSE bug 1139649cpe:/o:opensuse:leap:15.1CVE-2018-15750openSUSE Leap 15.1
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
ImportantCVE-2018-15750SUSE bug 1113698cpe:/o:opensuse:leap:15.1CVE-2018-15751openSUSE Leap 15.1
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
CriticalCVE-2018-15751SUSE bug 1113698SUSE bug 1113699cpe:/o:opensuse:leap:15.1CVE-2018-16056openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
ImportantCVE-2018-16056SUSE bug 1106514cpe:/o:opensuse:leap:15.1CVE-2018-16057openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
ImportantCVE-2018-16057SUSE bug 1106514cpe:/o:opensuse:leap:15.1CVE-2018-16058openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
ImportantCVE-2018-16058SUSE bug 1106514cpe:/o:opensuse:leap:15.1CVE-2018-16062openSUSE Leap 15.1
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
ModerateCVE-2018-16062SUSE bug 1106390cpe:/o:opensuse:leap:15.1CVE-2018-16140openSUSE Leap 15.1
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
LowCVE-2018-16140SUSE bug 1106531cpe:/o:opensuse:leap:15.1CVE-2018-16151openSUSE Leap 15.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.
ModerateCVE-2018-16151SUSE bug 1107874SUSE bug 1109845cpe:/o:opensuse:leap:15.1CVE-2018-16152openSUSE Leap 15.1
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
ModerateCVE-2018-16152SUSE bug 1107874cpe:/o:opensuse:leap:15.1CVE-2018-16227openSUSE Leap 15.1
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
ModerateCVE-2018-16227SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16228openSUSE Leap 15.1
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
ModerateCVE-2018-16228SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16229openSUSE Leap 15.1
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
ModerateCVE-2018-16229SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16230openSUSE Leap 15.1
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
ModerateCVE-2018-16230SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16300openSUSE Leap 15.1
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
ImportantCVE-2018-16300SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16301openSUSE Leap 15.1
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
ModerateCVE-2018-16301SUSE bug 1153098SUSE bug 1153332SUSE bug 1195825cpe:/o:opensuse:leap:15.1CVE-2018-16382openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.
LowCVE-2018-16382SUSE bug 1106878cpe:/o:opensuse:leap:15.1CVE-2018-16395openSUSE Leap 15.1
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
CriticalCVE-2018-16395SUSE bug 1112530SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-16396openSUSE Leap 15.1
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
ModerateCVE-2018-16396SUSE bug 1112532SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-16402openSUSE Leap 15.1
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
ModerateCVE-2018-16402SUSE bug 1107066cpe:/o:opensuse:leap:15.1CVE-2018-16403openSUSE Leap 15.1
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
LowCVE-2018-16403SUSE bug 1107067cpe:/o:opensuse:leap:15.1CVE-2018-16451openSUSE Leap 15.1
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
ModerateCVE-2018-16451SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16452openSUSE Leap 15.1
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
ModerateCVE-2018-16452SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2018-16471openSUSE Leap 15.1
There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.
ModerateCVE-2018-16471SUSE bug 1114828SUSE bug 1116600SUSE bug 1122178cpe:/o:opensuse:leap:15.1CVE-2018-16517openSUSE Leap 15.1
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
LowCVE-2018-16517SUSE bug 1107594cpe:/o:opensuse:leap:15.1CVE-2018-16548openSUSE Leap 15.1
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.
LowCVE-2018-16548SUSE bug 1107424cpe:/o:opensuse:leap:15.1CVE-2018-16837openSUSE Leap 15.1
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
ImportantCVE-2018-16837SUSE bug 1112959cpe:/o:opensuse:leap:15.1CVE-2018-16838openSUSE Leap 15.1
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
ModerateCVE-2018-16838SUSE bug 1124194cpe:/o:opensuse:leap:15.1CVE-2018-16843openSUSE Leap 15.1
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
ModerateCVE-2018-16843SUSE bug 1115022SUSE bug 1115025cpe:/o:opensuse:leap:15.1CVE-2018-16844openSUSE Leap 15.1
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
ModerateCVE-2018-16844SUSE bug 1115022SUSE bug 1115025cpe:/o:opensuse:leap:15.1CVE-2018-16845openSUSE Leap 15.1
nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.
ImportantCVE-2018-16845SUSE bug 1115015cpe:/o:opensuse:leap:15.1CVE-2018-16858openSUSE Leap 15.1
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
CVE-2018-16858SUSE bug 1124062SUSE bug 1146107cpe:/o:opensuse:leap:15.1CVE-2018-16859openSUSE Leap 15.1
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
ModerateCVE-2018-16859SUSE bug 1109957SUSE bug 1116587cpe:/o:opensuse:leap:15.1CVE-2018-16860openSUSE Leap 15.1
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.
ImportantCVE-2018-16860SUSE bug 1134024cpe:/o:opensuse:leap:15.1CVE-2018-16868openSUSE Leap 15.1
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
ModerateCVE-2018-16868SUSE bug 1117951SUSE bug 1118087SUSE bug 1134856cpe:/o:opensuse:leap:15.1CVE-2018-16871openSUSE Leap 15.1
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.
ImportantCVE-2018-16871SUSE bug 1137103SUSE bug 1156320cpe:/o:opensuse:leap:15.1CVE-2018-16873openSUSE Leap 15.1
In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it's possible to arrange things so that a Git repository is cloned to a folder named ".git" by using a vanity import path that ends with "/.git". If the Git repository root contains a "HEAD" file, a "config" file, an "objects" directory, a "refs" directory, with some work to ensure the proper ordering of operations, "go get -u" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the "config" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running "go get -u".
ImportantCVE-2018-16873SUSE bug 1118897SUSE bug 1118898SUSE bug 1118899cpe:/o:opensuse:leap:15.1CVE-2018-16874openSUSE Leap 15.1
In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution.
ModerateCVE-2018-16874SUSE bug 1118897SUSE bug 1118898SUSE bug 1118899cpe:/o:opensuse:leap:15.1CVE-2018-16875openSUSE Leap 15.1
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.
ModerateCVE-2018-16875SUSE bug 1118897SUSE bug 1118898SUSE bug 1118899cpe:/o:opensuse:leap:15.1CVE-2018-16876openSUSE Leap 15.1
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
LowCVE-2018-16876SUSE bug 1109957SUSE bug 1118896cpe:/o:opensuse:leap:15.1CVE-2018-16999openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file.
LowCVE-2018-16999SUSE bug 1108404cpe:/o:opensuse:leap:15.1CVE-2018-17229openSUSE Leap 15.1
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
ModerateCVE-2018-17229SUSE bug 1109175SUSE bug 1109176cpe:/o:opensuse:leap:15.1CVE-2018-17230openSUSE Leap 15.1
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
ModerateCVE-2018-17230SUSE bug 1109176cpe:/o:opensuse:leap:15.1CVE-2018-17282openSUSE Leap 15.1
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
LowCVE-2018-17282SUSE bug 1109299cpe:/o:opensuse:leap:15.1CVE-2018-17358openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
ModerateCVE-2018-17358SUSE bug 1109412cpe:/o:opensuse:leap:15.1CVE-2018-17359openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
ModerateCVE-2018-17359SUSE bug 1109413cpe:/o:opensuse:leap:15.1CVE-2018-17360openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.
ModerateCVE-2018-17360SUSE bug 1109414cpe:/o:opensuse:leap:15.1CVE-2018-17456openSUSE Leap 15.1
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
ImportantCVE-2018-17456SUSE bug 1110949cpe:/o:opensuse:leap:15.1CVE-2018-17540openSUSE Leap 15.1
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
ImportantCVE-2018-17540SUSE bug 1107874SUSE bug 1109845cpe:/o:opensuse:leap:15.1CVE-2018-17985openSUSE Leap 15.1
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.
ModerateCVE-2018-17985SUSE bug 1116827cpe:/o:opensuse:leap:15.1CVE-2018-18074openSUSE Leap 15.1
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
ModerateCVE-2018-18074SUSE bug 1111622cpe:/o:opensuse:leap:15.1CVE-2018-18225openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.
ImportantCVE-2018-18225SUSE bug 1111647cpe:/o:opensuse:leap:15.1CVE-2018-18226openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.
ImportantCVE-2018-18226SUSE bug 1111647cpe:/o:opensuse:leap:15.1CVE-2018-18227openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.
ImportantCVE-2018-18227SUSE bug 1111647cpe:/o:opensuse:leap:15.1CVE-2018-18245openSUSE Leap 15.1
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
ModerateCVE-2018-18245SUSE bug 1119832cpe:/o:opensuse:leap:15.1CVE-2018-18246openSUSE Leap 15.1
Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module.
ModerateCVE-2018-18246SUSE bug 1119784cpe:/o:opensuse:leap:15.1CVE-2018-18247openSUSE Leap 15.1
Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter.
LowCVE-2018-18247SUSE bug 1119785cpe:/o:opensuse:leap:15.1CVE-2018-18248openSUSE Leap 15.1
Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string.
ModerateCVE-2018-18248SUSE bug 1119801cpe:/o:opensuse:leap:15.1CVE-2018-18249openSUSE Leap 15.1
Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet.
ImportantCVE-2018-18249SUSE bug 1119799cpe:/o:opensuse:leap:15.1CVE-2018-18250openSUSE Leap 15.1
Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.
ModerateCVE-2018-18250SUSE bug 1119800cpe:/o:opensuse:leap:15.1CVE-2018-18309openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.
LowCVE-2018-18309SUSE bug 1111996cpe:/o:opensuse:leap:15.1CVE-2018-18310openSUSE Leap 15.1
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
LowCVE-2018-18310SUSE bug 1111973cpe:/o:opensuse:leap:15.1CVE-2018-18483openSUSE Leap 15.1
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.
ModerateCVE-2018-18483SUSE bug 1112535cpe:/o:opensuse:leap:15.1CVE-2018-18484openSUSE Leap 15.1
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.
ModerateCVE-2018-18484SUSE bug 1112534cpe:/o:opensuse:leap:15.1CVE-2018-18508openSUSE Leap 15.1
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.
ModerateCVE-2018-18508SUSE bug 1124571cpe:/o:opensuse:leap:15.1CVE-2018-18520openSUSE Leap 15.1
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
LowCVE-2018-18520SUSE bug 1112726cpe:/o:opensuse:leap:15.1CVE-2018-18521openSUSE Leap 15.1
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
LowCVE-2018-18521SUSE bug 1112723cpe:/o:opensuse:leap:15.1CVE-2018-18541openSUSE Leap 15.1
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
ImportantCVE-2018-18541SUSE bug 1112910cpe:/o:opensuse:leap:15.1CVE-2018-18605openSUSE Leap 15.1
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
ModerateCVE-2018-18605SUSE bug 1113255cpe:/o:opensuse:leap:15.1CVE-2018-18606openSUSE Leap 15.1
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
LowCVE-2018-18606SUSE bug 1113252cpe:/o:opensuse:leap:15.1CVE-2018-18607openSUSE Leap 15.1
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
LowCVE-2018-18607SUSE bug 1113247cpe:/o:opensuse:leap:15.1CVE-2018-18751openSUSE Leap 15.1
An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
ModerateCVE-2018-18751SUSE bug 1113719cpe:/o:opensuse:leap:15.1CVE-2018-18873openSUSE Leap 15.1
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
LowCVE-2018-18873SUSE bug 1114495SUSE bug 1114498SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-19052openSUSE Leap 15.1
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
ModerateCVE-2018-19052SUSE bug 1115016cpe:/o:opensuse:leap:15.1CVE-2018-19108openSUSE Leap 15.1
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
LowCVE-2018-19108SUSE bug 1115364cpe:/o:opensuse:leap:15.1CVE-2018-19139openSUSE Leap 15.1
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
LowCVE-2018-19139SUSE bug 1115637SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-19214openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
ModerateCVE-2018-19214SUSE bug 1115795cpe:/o:opensuse:leap:15.1CVE-2018-19215openSUSE Leap 15.1
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
ModerateCVE-2018-19215SUSE bug 1115774cpe:/o:opensuse:leap:15.1CVE-2018-19216openSUSE Leap 15.1
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
LowCVE-2018-19216SUSE bug 1115758cpe:/o:opensuse:leap:15.1CVE-2018-19387openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2018-19387SUSE bug 1116887cpe:/o:opensuse:leap:15.1CVE-2018-19540openSUSE Leap 15.1
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
ModerateCVE-2018-19540SUSE bug 1117508SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-19541openSUSE Leap 15.1
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.
ModerateCVE-2018-19541SUSE bug 1117507SUSE bug 1119411SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-19543openSUSE Leap 15.1
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
ModerateCVE-2018-19543SUSE bug 1045450SUSE bug 1117328SUSE bug 1117507SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-19607openSUSE Leap 15.1
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
ModerateCVE-2018-19607SUSE bug 1117513cpe:/o:opensuse:leap:15.1CVE-2018-19622openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
ModerateCVE-2018-19622SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19623openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
ModerateCVE-2018-19623SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19624openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.
ModerateCVE-2018-19624SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19625openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.
ModerateCVE-2018-19625SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19626openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.
ModerateCVE-2018-19626SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19627openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
ModerateCVE-2018-19627SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19628openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
ModerateCVE-2018-19628SUSE bug 1117740cpe:/o:opensuse:leap:15.1CVE-2018-19797openSUSE Leap 15.1
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
LowCVE-2018-19797SUSE bug 1118301cpe:/o:opensuse:leap:15.1CVE-2018-19800openSUSE Leap 15.1
aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.
ModerateCVE-2018-19800SUSE bug 1137828SUSE bug 1142436cpe:/o:opensuse:leap:15.1CVE-2018-19801openSUSE Leap 15.1
aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.
ModerateCVE-2018-19801SUSE bug 1137822SUSE bug 1142433cpe:/o:opensuse:leap:15.1CVE-2018-19802openSUSE Leap 15.1
aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.
ModerateCVE-2018-19802SUSE bug 1137823cpe:/o:opensuse:leap:15.1CVE-2018-19827openSUSE Leap 15.1
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
ImportantCVE-2018-19827SUSE bug 1118346cpe:/o:opensuse:leap:15.1CVE-2018-19837openSUSE Leap 15.1
In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Expression*) inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp.
LowCVE-2018-19837SUSE bug 1118348cpe:/o:opensuse:leap:15.1CVE-2018-19838openSUSE Leap 15.1
In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().
LowCVE-2018-19838SUSE bug 1118349cpe:/o:opensuse:leap:15.1CVE-2018-19839openSUSE Leap 15.1
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
LowCVE-2018-19839SUSE bug 1118351cpe:/o:opensuse:leap:15.1CVE-2018-19840openSUSE Leap 15.1
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
LowCVE-2018-19840SUSE bug 1120930cpe:/o:opensuse:leap:15.1CVE-2018-19841openSUSE Leap 15.1
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
LowCVE-2018-19841SUSE bug 1120929cpe:/o:opensuse:leap:15.1CVE-2018-19857openSUSE Leap 15.1
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
ModerateCVE-2018-19857SUSE bug 1118586cpe:/o:opensuse:leap:15.1CVE-2018-19869openSUSE Leap 15.1
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
ModerateCVE-2018-19869SUSE bug 1118599cpe:/o:opensuse:leap:15.1CVE-2018-19873openSUSE Leap 15.1
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
ModerateCVE-2018-19873SUSE bug 1118596SUSE bug 1126909cpe:/o:opensuse:leap:15.1CVE-2018-19931openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
LowCVE-2018-19931SUSE bug 1118830SUSE bug 1118831cpe:/o:opensuse:leap:15.1CVE-2018-19932openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
LowCVE-2018-19932SUSE bug 1118830SUSE bug 1118831cpe:/o:opensuse:leap:15.1CVE-2018-19935openSUSE Leap 15.1
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
LowCVE-2018-19935SUSE bug 1118832cpe:/o:opensuse:leap:15.1CVE-2018-20030openSUSE Leap 15.1
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
LowCVE-2018-20030SUSE bug 1120943cpe:/o:opensuse:leap:15.1CVE-2018-20073openSUSE Leap 15.1
Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem.
LowCVE-2018-20073SUSE bug 1120892cpe:/o:opensuse:leap:15.1CVE-2018-20105openSUSE Leap 15.1
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.
ModerateCVE-2018-20105SUSE bug 1119835cpe:/o:opensuse:leap:15.1CVE-2018-20126openSUSE Leap 15.1
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
LowCVE-2018-20126SUSE bug 1119991cpe:/o:opensuse:leap:15.1CVE-2018-20174openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.
ModerateCVE-2018-20174SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20175openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).
ModerateCVE-2018-20175SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20176openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault).
ModerateCVE-2018-20176SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20177openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.
ModerateCVE-2018-20177SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20178openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault).
ModerateCVE-2018-20178SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20179openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.
ModerateCVE-2018-20179SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20180openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution.
ModerateCVE-2018-20180SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20181openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.
ModerateCVE-2018-20181SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20182openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution.
ModerateCVE-2018-20182SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-20190openSUSE Leap 15.1
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
LowCVE-2018-20190SUSE bug 1119789cpe:/o:opensuse:leap:15.1CVE-2018-20340openSUSE Leap 15.1
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey.
ModerateCVE-2018-20340SUSE bug 1124781cpe:/o:opensuse:leap:15.1CVE-2018-20406openSUSE Leap 15.1
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ModerateCVE-2018-20406SUSE bug 1120644cpe:/o:opensuse:leap:15.1CVE-2018-20532openSUSE Leap 15.1
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
LowCVE-2018-20532SUSE bug 1120629cpe:/o:opensuse:leap:15.1CVE-2018-20533openSUSE Leap 15.1
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
LowCVE-2018-20533SUSE bug 1120630cpe:/o:opensuse:leap:15.1CVE-2018-20534openSUSE Leap 15.1
** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.
LowCVE-2018-20534SUSE bug 1120631cpe:/o:opensuse:leap:15.1CVE-2018-20570openSUSE Leap 15.1
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
ModerateCVE-2018-20570SUSE bug 1120807SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-20622openSUSE Leap 15.1
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
ModerateCVE-2018-20622SUSE bug 1115637SUSE bug 1120805SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-20623openSUSE Leap 15.1
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
ModerateCVE-2018-20623SUSE bug 1121035cpe:/o:opensuse:leap:15.1CVE-2018-20651openSUSE Leap 15.1
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.
ModerateCVE-2018-20651SUSE bug 1121034cpe:/o:opensuse:leap:15.1CVE-2018-20669openSUSE Leap 15.1
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
ImportantCVE-2018-20669SUSE bug 1122971cpe:/o:opensuse:leap:15.1CVE-2018-20671openSUSE Leap 15.1
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
ModerateCVE-2018-20671SUSE bug 1121056cpe:/o:opensuse:leap:15.1CVE-2018-20723openSUSE Leap 15.1
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
ModerateCVE-2018-20723SUSE bug 1122245cpe:/o:opensuse:leap:15.1CVE-2018-20724openSUSE Leap 15.1
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
LowCVE-2018-20724SUSE bug 1122244cpe:/o:opensuse:leap:15.1CVE-2018-20725openSUSE Leap 15.1
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
LowCVE-2018-20725SUSE bug 1122243cpe:/o:opensuse:leap:15.1CVE-2018-20726openSUSE Leap 15.1
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
LowCVE-2018-20726SUSE bug 1122242cpe:/o:opensuse:leap:15.1CVE-2018-20743openSUSE Leap 15.1
murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood.
ImportantCVE-2018-20743SUSE bug 1123334cpe:/o:opensuse:leap:15.1CVE-2018-20783openSUSE Leap 15.1
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
ModerateCVE-2018-20783SUSE bug 1126713SUSE bug 1127122cpe:/o:opensuse:leap:15.1CVE-2018-20821openSUSE Leap 15.1
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
ImportantCVE-2018-20821SUSE bug 1133200cpe:/o:opensuse:leap:15.1CVE-2018-20822openSUSE Leap 15.1
LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).
ImportantCVE-2018-20822SUSE bug 1133201cpe:/o:opensuse:leap:15.1CVE-2018-20836openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
ModerateCVE-2018-20836SUSE bug 1134395cpe:/o:opensuse:leap:15.1CVE-2018-20843openSUSE Leap 15.1
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
ModerateCVE-2018-20843SUSE bug 1139937cpe:/o:opensuse:leap:15.1CVE-2018-20852openSUSE Leap 15.1
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.
ModerateCVE-2018-20852SUSE bug 1141853cpe:/o:opensuse:leap:15.1CVE-2018-20855openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
ModerateCVE-2018-20855SUSE bug 1143045cpe:/o:opensuse:leap:15.1CVE-2018-20860openSUSE Leap 15.1
libopenmpt before 0.3.13 allows a crash with malformed MED files.
ModerateCVE-2018-20860SUSE bug 1143581cpe:/o:opensuse:leap:15.1CVE-2018-20861openSUSE Leap 15.1
libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
ModerateCVE-2018-20861SUSE bug 1143578cpe:/o:opensuse:leap:15.1CVE-2018-20976openSUSE Leap 15.1
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
ModerateCVE-2018-20976SUSE bug 1146285cpe:/o:opensuse:leap:15.1CVE-2018-21008openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c.
ModerateCVE-2018-21008SUSE bug 1149591cpe:/o:opensuse:leap:15.1CVE-2018-21247openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
ImportantCVE-2018-21247SUSE bug 1173477SUSE bug 1173874cpe:/o:opensuse:leap:15.1CVE-2018-3288openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3288SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3289openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3289SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3290openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3290SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3291openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3291SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3292openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3292SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3293openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3293SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3294openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3294SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3295openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3295SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3296openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3296SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3297openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3297SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3298openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2018-3298SUSE bug 1112097cpe:/o:opensuse:leap:15.1CVE-2018-3639openSUSE Leap 15.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
ModerateCVE-2018-3639SUSE bug 1074701SUSE bug 1085235SUSE bug 1085308SUSE bug 1087078SUSE bug 1087082SUSE bug 1092631SUSE bug 1092885SUSE bug 1094912SUSE bug 1100394SUSE bug 1102640SUSE bug 1105412SUSE bug 1172781SUSE bug 1172782SUSE bug 1172783SUSE bug 1173489SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2018-5388openSUSE Leap 15.1
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
ModerateCVE-2018-5388SUSE bug 1094462SUSE bug 1101792cpe:/o:opensuse:leap:15.1CVE-2018-5740openSUSE Leap 15.1
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
ImportantCVE-2018-5740SUSE bug 1104129SUSE bug 1148887SUSE bug 1177790cpe:/o:opensuse:leap:15.1CVE-2018-5741openSUSE Leap 15.1
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.
ModerateCVE-2018-5741SUSE bug 1109160SUSE bug 1171740cpe:/o:opensuse:leap:15.1CVE-2018-5743openSUSE Leap 15.1
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
ImportantCVE-2018-5743SUSE bug 1133185SUSE bug 1148887SUSE bug 1157051cpe:/o:opensuse:leap:15.1CVE-2018-5745openSUSE Leap 15.1
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.
ModerateCVE-2018-5745SUSE bug 1126068SUSE bug 1148887SUSE bug 1177790cpe:/o:opensuse:leap:15.1CVE-2018-6323openSUSE Leap 15.1
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
LowCVE-2018-6323SUSE bug 1077745cpe:/o:opensuse:leap:15.1CVE-2018-6459openSUSE Leap 15.1
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.
ImportantCVE-2018-6459SUSE bug 1079548cpe:/o:opensuse:leap:15.1CVE-2018-6543openSUSE Leap 15.1
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
ModerateCVE-2018-6543SUSE bug 1079103cpe:/o:opensuse:leap:15.1CVE-2018-6759openSUSE Leap 15.1
The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.
ModerateCVE-2018-6759SUSE bug 1079741cpe:/o:opensuse:leap:15.1CVE-2018-6767openSUSE Leap 15.1
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.
ModerateCVE-2018-6767SUSE bug 1079746cpe:/o:opensuse:leap:15.1CVE-2018-6872openSUSE Leap 15.1
The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.
ModerateCVE-2018-6872SUSE bug 1080556cpe:/o:opensuse:leap:15.1CVE-2018-6914openSUSE Leap 15.1
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument.
LowCVE-2018-6914SUSE bug 1087441SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-6942openSUSE Leap 15.1
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
ModerateCVE-2018-6942cpe:/o:opensuse:leap:15.1CVE-2018-7191openSUSE Leap 15.1
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
ModerateCVE-2018-7191SUSE bug 1135603cpe:/o:opensuse:leap:15.1CVE-2018-7208openSUSE Leap 15.1
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.
LowCVE-2018-7208SUSE bug 1081527cpe:/o:opensuse:leap:15.1CVE-2018-7253openSUSE Leap 15.1
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
ModerateCVE-2018-7253SUSE bug 1081692cpe:/o:opensuse:leap:15.1CVE-2018-7254openSUSE Leap 15.1
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
ModerateCVE-2018-7254SUSE bug 1081693cpe:/o:opensuse:leap:15.1CVE-2018-7568openSUSE Leap 15.1
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.
ModerateCVE-2018-7568SUSE bug 1086788cpe:/o:opensuse:leap:15.1CVE-2018-7569openSUSE Leap 15.1
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
ModerateCVE-2018-7569SUSE bug 1083532cpe:/o:opensuse:leap:15.1CVE-2018-7570openSUSE Leap 15.1
The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy.
ModerateCVE-2018-7570SUSE bug 1083528cpe:/o:opensuse:leap:15.1CVE-2018-7642openSUSE Leap 15.1
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.
ModerateCVE-2018-7642SUSE bug 1086786SUSE bug 1128518cpe:/o:opensuse:leap:15.1CVE-2018-7643openSUSE Leap 15.1
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
ModerateCVE-2018-7643SUSE bug 1086784cpe:/o:opensuse:leap:15.1CVE-2018-8777openSUSE Leap 15.1
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).
ImportantCVE-2018-8777SUSE bug 1087436SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-8778openSUSE Leap 15.1
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure.
ModerateCVE-2018-8778SUSE bug 1087433SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-8779openSUSE Leap 15.1
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket.
LowCVE-2018-8779SUSE bug 1087440SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-8780openSUSE Leap 15.1
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed.
LowCVE-2018-8780SUSE bug 1087437SUSE bug 1136906cpe:/o:opensuse:leap:15.1CVE-2018-8791openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.
ModerateCVE-2018-8791SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8792openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).
ModerateCVE-2018-8792SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8793openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.
ModerateCVE-2018-8793SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8794openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.
ModerateCVE-2018-8794SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8795openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.
ModerateCVE-2018-8795SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8796openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).
ModerateCVE-2018-8796SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8797openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.
ModerateCVE-2018-8797SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8798openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.
ModerateCVE-2018-8798SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8799openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).
ModerateCVE-2018-8799SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8800openSUSE Leap 15.1
rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.
ModerateCVE-2018-8800SUSE bug 1121448cpe:/o:opensuse:leap:15.1CVE-2018-8881openSUSE Leap 15.1
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
LowCVE-2018-8881SUSE bug 1086228cpe:/o:opensuse:leap:15.1CVE-2018-8882openSUSE Leap 15.1
Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.
LowCVE-2018-8882SUSE bug 1086227cpe:/o:opensuse:leap:15.1CVE-2018-8883openSUSE Leap 15.1
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.
LowCVE-2018-8883SUSE bug 1086186cpe:/o:opensuse:leap:15.1CVE-2018-8945openSUSE Leap 15.1
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section.
LowCVE-2018-8945SUSE bug 1086608cpe:/o:opensuse:leap:15.1CVE-2018-8956openSUSE Leap 15.1
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.
ModerateCVE-2018-8956SUSE bug 1171355cpe:/o:opensuse:leap:15.1CVE-2018-9154openSUSE Leap 15.1
There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack by triggering an unexpected jas_alloc2 return value, a different vulnerability than CVE-2017-13745.
LowCVE-2018-9154SUSE bug 1092115SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-9252openSUSE Leap 15.1
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.
LowCVE-2018-9252SUSE bug 1088278SUSE bug 1178702cpe:/o:opensuse:leap:15.1CVE-2018-9305openSUSE Leap 15.1
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
LowCVE-2018-9305SUSE bug 1088424cpe:/o:opensuse:leap:15.1CVE-2019-0154openSUSE Leap 15.1
Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.
ImportantCVE-2019-0154SUSE bug 1135966SUSE bug 1181720cpe:/o:opensuse:leap:15.1CVE-2019-0155openSUSE Leap 15.1
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2019-0155SUSE bug 1135966SUSE bug 1135967SUSE bug 1173663cpe:/o:opensuse:leap:15.1CVE-2019-0199openSUSE Leap 15.1
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.
ImportantCVE-2019-0199SUSE bug 1131055SUSE bug 1139924cpe:/o:opensuse:leap:15.1CVE-2019-0203openSUSE Leap 15.1
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
ImportantCVE-2019-0203SUSE bug 1142721cpe:/o:opensuse:leap:15.1CVE-2019-0221openSUSE Leap 15.1
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
ModerateCVE-2019-0221SUSE bug 1136085cpe:/o:opensuse:leap:15.1CVE-2019-0804openSUSE Leap 15.1
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
ModerateCVE-2019-0804SUSE bug 1127838SUSE bug 1152980cpe:/o:opensuse:leap:15.1CVE-2019-0816openSUSE Leap 15.1
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.
ModerateCVE-2019-0816SUSE bug 1129124cpe:/o:opensuse:leap:15.1CVE-2019-1000019openSUSE Leap 15.1
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
LowCVE-2019-1000019SUSE bug 1124341cpe:/o:opensuse:leap:15.1CVE-2019-1000020openSUSE Leap 15.1
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.
LowCVE-2019-1000020SUSE bug 1124342cpe:/o:opensuse:leap:15.1CVE-2019-10067openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.
LowCVE-2019-10067SUSE bug 1133754SUSE bug 1139406cpe:/o:opensuse:leap:15.1CVE-2019-10072openSUSE Leap 15.1
The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.
ModerateCVE-2019-10072SUSE bug 1139924SUSE bug 1154162cpe:/o:opensuse:leap:15.1CVE-2019-10081openSUSE Leap 15.1
HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.
ModerateCVE-2019-10081SUSE bug 1145742cpe:/o:opensuse:leap:15.1CVE-2019-10082openSUSE Leap 15.1
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
ModerateCVE-2019-10082SUSE bug 1145741cpe:/o:opensuse:leap:15.1CVE-2019-10086openSUSE Leap 15.1
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.
ImportantCVE-2019-10086SUSE bug 1146657cpe:/o:opensuse:leap:15.1CVE-2019-10092openSUSE Leap 15.1
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
ImportantCVE-2019-10092SUSE bug 1145740SUSE bug 1182703cpe:/o:opensuse:leap:15.1CVE-2019-10097openSUSE Leap 15.1
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
ModerateCVE-2019-10097SUSE bug 1145739cpe:/o:opensuse:leap:15.1CVE-2019-10098openSUSE Leap 15.1
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
ImportantCVE-2019-10098SUSE bug 1145738SUSE bug 1168407cpe:/o:opensuse:leap:15.1CVE-2019-1010006openSUSE Leap 15.1
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
ImportantCVE-2019-1010006SUSE bug 1141619cpe:/o:opensuse:leap:15.1CVE-2019-1010048openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-1010048SUSE bug 1141777cpe:/o:opensuse:leap:15.1CVE-2019-1010180openSUSE Leap 15.1
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
ImportantCVE-2019-1010180SUSE bug 1142772cpe:/o:opensuse:leap:15.1CVE-2019-1010190openSUSE Leap 15.1
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
LowCVE-2019-1010190SUSE bug 1142770cpe:/o:opensuse:leap:15.1CVE-2019-1010220openSUSE Leap 15.1
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
ModerateCVE-2019-1010220SUSE bug 1142439SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2019-1010222openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19801. Reason: This candidate is a reservation duplicate of CVE-2018-19801. Notes: All CVE users should reference CVE-2018-19801 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-1010222SUSE bug 1142433cpe:/o:opensuse:leap:15.1CVE-2019-1010223openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19800. Reason: This candidate is a reservation duplicate of CVE-2018-19800. Notes: All CVE users should reference CVE-2018-19800 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-1010223SUSE bug 1142436cpe:/o:opensuse:leap:15.1CVE-2019-1010224openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19802. Reason: This candidate is a reservation duplicate of CVE-2018-19802. Notes: All CVE users should reference CVE-2018-19802 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-1010224SUSE bug 1142435cpe:/o:opensuse:leap:15.1CVE-2019-1010305openSUSE Leap 15.1
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.
LowCVE-2019-1010305SUSE bug 1141680cpe:/o:opensuse:leap:15.1CVE-2019-1010319openSUSE Leap 15.1
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe.
ModerateCVE-2019-1010319SUSE bug 1141334cpe:/o:opensuse:leap:15.1CVE-2019-10124openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-10124SUSE bug 1130699cpe:/o:opensuse:leap:15.1CVE-2019-10126openSUSE Leap 15.1
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
ImportantCVE-2019-10126SUSE bug 1136935SUSE bug 1137944SUSE bug 1156330cpe:/o:opensuse:leap:15.1CVE-2019-10130openSUSE Leap 15.1
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.
ModerateCVE-2019-10130SUSE bug 1134689cpe:/o:opensuse:leap:15.1CVE-2019-10149openSUSE Leap 15.1
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
CriticalCVE-2019-10149SUSE bug 1136587cpe:/o:opensuse:leap:15.1CVE-2019-10152openSUSE Leap 15.1
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.
ImportantCVE-2019-10152SUSE bug 1136974cpe:/o:opensuse:leap:15.1CVE-2019-10153openSUSE Leap 15.1
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
ModerateCVE-2019-10153SUSE bug 1137314cpe:/o:opensuse:leap:15.1CVE-2019-10160openSUSE Leap 15.1
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.
CriticalCVE-2019-10160SUSE bug 1138459cpe:/o:opensuse:leap:15.1CVE-2019-10161openSUSE Leap 15.1
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.
ImportantCVE-2019-10161SUSE bug 1138301cpe:/o:opensuse:leap:15.1CVE-2019-10162openSUSE Leap 15.1
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
ModerateCVE-2019-10162SUSE bug 1138582cpe:/o:opensuse:leap:15.1CVE-2019-10163openSUSE Leap 15.1
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.
ModerateCVE-2019-10163SUSE bug 1138582cpe:/o:opensuse:leap:15.1CVE-2019-10164openSUSE Leap 15.1
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
ImportantCVE-2019-10164SUSE bug 1138034cpe:/o:opensuse:leap:15.1CVE-2019-10166openSUSE Leap 15.1
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed.
ImportantCVE-2019-10166SUSE bug 1138302cpe:/o:opensuse:leap:15.1CVE-2019-10167openSUSE Leap 15.1
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
ImportantCVE-2019-10167SUSE bug 1138303cpe:/o:opensuse:leap:15.1CVE-2019-10168openSUSE Leap 15.1
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.
ImportantCVE-2019-10168SUSE bug 1138305SUSE bug 1138582cpe:/o:opensuse:leap:15.1CVE-2019-10197openSUSE Leap 15.1
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
ImportantCVE-2019-10197SUSE bug 1141267cpe:/o:opensuse:leap:15.1CVE-2019-10203openSUSE Leap 15.1
PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.
ModerateCVE-2019-10203SUSE bug 1142810cpe:/o:opensuse:leap:15.1CVE-2019-10206openSUSE Leap 15.1
ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them.
ModerateCVE-2019-10206SUSE bug 1142690SUSE bug 1154232cpe:/o:opensuse:leap:15.1CVE-2019-10207openSUSE Leap 15.1
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.
ModerateCVE-2019-10207SUSE bug 1123959SUSE bug 1142857cpe:/o:opensuse:leap:15.1CVE-2019-10208openSUSE Leap 15.1
A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.
ImportantCVE-2019-10208SUSE bug 1145092SUSE bug 1171566cpe:/o:opensuse:leap:15.1CVE-2019-10214openSUSE Leap 15.1
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.
CriticalCVE-2019-10214SUSE bug 1144065cpe:/o:opensuse:leap:15.1CVE-2019-10216openSUSE Leap 15.1
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.
ImportantCVE-2019-10216SUSE bug 1144621SUSE bug 1146882SUSE bug 1146884cpe:/o:opensuse:leap:15.1CVE-2019-10217openSUSE Leap 15.1
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.
ModerateCVE-2019-10217SUSE bug 1144453cpe:/o:opensuse:leap:15.1CVE-2019-10218openSUSE Leap 15.1
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
ModerateCVE-2019-10218SUSE bug 1144902SUSE bug 1144903cpe:/o:opensuse:leap:15.1CVE-2019-10220openSUSE Leap 15.1
Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
ImportantCVE-2019-10220SUSE bug 1144903SUSE bug 1153108cpe:/o:opensuse:leap:15.1CVE-2019-10638openSUSE Leap 15.1
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
ModerateCVE-2019-10638SUSE bug 1140575SUSE bug 1140577cpe:/o:opensuse:leap:15.1CVE-2019-10639openSUSE Leap 15.1
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.
ModerateCVE-2019-10639SUSE bug 1140577cpe:/o:opensuse:leap:15.1CVE-2019-10732openSUSE Leap 15.1
In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
ModerateCVE-2019-10732SUSE bug 1131885cpe:/o:opensuse:leap:15.1CVE-2019-10740openSUSE Leap 15.1
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
ModerateCVE-2019-10740SUSE bug 1131801SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2019-10751openSUSE Leap 15.1
All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control.
ModerateCVE-2019-10751SUSE bug 1148466cpe:/o:opensuse:leap:15.1CVE-2019-10877openSUSE Leap 15.1
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled.
ModerateCVE-2019-10877SUSE bug 1131731cpe:/o:opensuse:leap:15.1CVE-2019-10878openSUSE Leap 15.1
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.
ModerateCVE-2019-10878SUSE bug 1131730cpe:/o:opensuse:leap:15.1CVE-2019-10879openSUSE Leap 15.1
In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled.
ModerateCVE-2019-10879SUSE bug 1131729cpe:/o:opensuse:leap:15.1CVE-2019-10894openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
ModerateCVE-2019-10894SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-10895openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
ModerateCVE-2019-10895SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-10896openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
ModerateCVE-2019-10896SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-10897openSUSE Leap 15.1
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.
ModerateCVE-2019-10897SUSE bug 1131941cpe:/o:opensuse:leap:15.1CVE-2019-10898openSUSE Leap 15.1
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.
ModerateCVE-2019-10898SUSE bug 1131941cpe:/o:opensuse:leap:15.1CVE-2019-10899openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
ModerateCVE-2019-10899SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-10900openSUSE Leap 15.1
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.
ModerateCVE-2019-10900SUSE bug 1131941cpe:/o:opensuse:leap:15.1CVE-2019-10901openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
ModerateCVE-2019-10901SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-10902openSUSE Leap 15.1
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.
ModerateCVE-2019-10902SUSE bug 1131941cpe:/o:opensuse:leap:15.1CVE-2019-10903openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
ModerateCVE-2019-10903SUSE bug 1131941SUSE bug 1131943SUSE bug 1131945cpe:/o:opensuse:leap:15.1CVE-2019-11023openSUSE Leap 15.1
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
LowCVE-2019-11023SUSE bug 1132091cpe:/o:opensuse:leap:15.1CVE-2019-11034openSUSE Leap 15.1
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
ModerateCVE-2019-11034SUSE bug 1132838cpe:/o:opensuse:leap:15.1CVE-2019-11035openSUSE Leap 15.1
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
ModerateCVE-2019-11035SUSE bug 1132837cpe:/o:opensuse:leap:15.1CVE-2019-11036openSUSE Leap 15.1
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
ModerateCVE-2019-11036SUSE bug 1134322cpe:/o:opensuse:leap:15.1CVE-2019-11037openSUSE Leap 15.1
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
ImportantCVE-2019-11037SUSE bug 1135418cpe:/o:opensuse:leap:15.1CVE-2019-11038openSUSE Leap 15.1
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
ModerateCVE-2019-11038SUSE bug 1140118SUSE bug 1140120cpe:/o:opensuse:leap:15.1CVE-2019-11039openSUSE Leap 15.1
Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
ModerateCVE-2019-11039SUSE bug 1138173cpe:/o:opensuse:leap:15.1CVE-2019-11040openSUSE Leap 15.1
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
ModerateCVE-2019-11040SUSE bug 1138172cpe:/o:opensuse:leap:15.1CVE-2019-11041openSUSE Leap 15.1
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
ImportantCVE-2019-11041SUSE bug 1146360cpe:/o:opensuse:leap:15.1CVE-2019-11042openSUSE Leap 15.1
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
ModerateCVE-2019-11042SUSE bug 1145095cpe:/o:opensuse:leap:15.1CVE-2019-11043openSUSE Leap 15.1
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
ImportantCVE-2019-11043SUSE bug 1154999cpe:/o:opensuse:leap:15.1CVE-2019-11045openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.
ModerateCVE-2019-11045SUSE bug 1159923cpe:/o:opensuse:leap:15.1CVE-2019-11046openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.
ModerateCVE-2019-11046SUSE bug 1159924cpe:/o:opensuse:leap:15.1CVE-2019-11047openSUSE Leap 15.1
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
ModerateCVE-2019-11047SUSE bug 1159922cpe:/o:opensuse:leap:15.1CVE-2019-11048openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.
ModerateCVE-2019-11048SUSE bug 1171999cpe:/o:opensuse:leap:15.1CVE-2019-11050openSUSE Leap 15.1
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
ModerateCVE-2019-11050SUSE bug 1159927cpe:/o:opensuse:leap:15.1CVE-2019-11059openSUSE Leap 15.1
Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.
ModerateCVE-2019-11059SUSE bug 1134853cpe:/o:opensuse:leap:15.1CVE-2019-11068openSUSE Leap 15.1
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
ModerateCVE-2019-11068SUSE bug 1132160SUSE bug 1154212cpe:/o:opensuse:leap:15.1CVE-2019-11085openSUSE Leap 15.1
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2019-11085SUSE bug 1135278SUSE bug 1135280cpe:/o:opensuse:leap:15.1CVE-2019-11091openSUSE Leap 15.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
ModerateCVE-2019-11091SUSE bug 1103186SUSE bug 1111331SUSE bug 1132686SUSE bug 1133319SUSE bug 1135394SUSE bug 1138534SUSE bug 1141977SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-11135openSUSE Leap 15.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
ModerateCVE-2019-11135SUSE bug 1139073SUSE bug 1152497SUSE bug 1152505SUSE bug 1152506cpe:/o:opensuse:leap:15.1CVE-2019-11139openSUSE Leap 15.1
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
ModerateCVE-2019-11139SUSE bug 1141035cpe:/o:opensuse:leap:15.1CVE-2019-11234openSUSE Leap 15.1
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
ModerateCVE-2019-11234SUSE bug 1132664cpe:/o:opensuse:leap:15.1CVE-2019-11235openSUSE Leap 15.1
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
ImportantCVE-2019-11235SUSE bug 1132549SUSE bug 1132664SUSE bug 1144524cpe:/o:opensuse:leap:15.1CVE-2019-11236openSUSE Leap 15.1
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
ModerateCVE-2019-11236SUSE bug 1129071SUSE bug 1132663cpe:/o:opensuse:leap:15.1CVE-2019-1125openSUSE Leap 15.1
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
ModerateCVE-2019-1125SUSE bug 1139358cpe:/o:opensuse:leap:15.1CVE-2019-11324openSUSE Leap 15.1
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
ModerateCVE-2019-11324SUSE bug 1132900cpe:/o:opensuse:leap:15.1CVE-2019-11328openSUSE Leap 15.1
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.
ModerateCVE-2019-11328SUSE bug 1128598cpe:/o:opensuse:leap:15.1CVE-2019-11338openSUSE Leap 15.1
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
ImportantCVE-2019-11338SUSE bug 1133155cpe:/o:opensuse:leap:15.1CVE-2019-11339openSUSE Leap 15.1
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
ModerateCVE-2019-11339SUSE bug 1133153cpe:/o:opensuse:leap:15.1CVE-2019-11358openSUSE Leap 15.1
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
ModerateCVE-2019-11358cpe:/o:opensuse:leap:15.1CVE-2019-11459openSUSE Leap 15.1
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
ModerateCVE-2019-11459SUSE bug 1133037cpe:/o:opensuse:leap:15.1CVE-2019-11470openSUSE Leap 15.1
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
ModerateCVE-2019-11470SUSE bug 1133205cpe:/o:opensuse:leap:15.1CVE-2019-11472openSUSE Leap 15.1
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
ModerateCVE-2019-11472SUSE bug 1133202SUSE bug 1133203SUSE bug 1133204SUSE bug 1146213cpe:/o:opensuse:leap:15.1CVE-2019-11477openSUSE Leap 15.1
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
ImportantCVE-2019-11477SUSE bug 1132686SUSE bug 1137586cpe:/o:opensuse:leap:15.1CVE-2019-11478openSUSE Leap 15.1
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
ImportantCVE-2019-11478SUSE bug 1132686SUSE bug 1137586cpe:/o:opensuse:leap:15.1CVE-2019-11479openSUSE Leap 15.1
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.
ImportantCVE-2019-11479SUSE bug 1132686SUSE bug 1137586cpe:/o:opensuse:leap:15.1CVE-2019-11486openSUSE Leap 15.1
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
ImportantCVE-2019-11486SUSE bug 1133188SUSE bug 1173667cpe:/o:opensuse:leap:15.1CVE-2019-11487openSUSE Leap 15.1
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
ImportantCVE-2019-11487SUSE bug 1133190SUSE bug 1133191cpe:/o:opensuse:leap:15.1CVE-2019-11494openSUSE Leap 15.1
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command.
CVE-2019-11494SUSE bug 1133624SUSE bug 1133625cpe:/o:opensuse:leap:15.1CVE-2019-11498openSUSE Leap 15.1
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
LowCVE-2019-11498SUSE bug 1133384cpe:/o:opensuse:leap:15.1CVE-2019-11499openSUSE Leap 15.1
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.
CVE-2019-11499SUSE bug 1133624SUSE bug 1133625cpe:/o:opensuse:leap:15.1CVE-2019-11500openSUSE Leap 15.1
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
ImportantCVE-2019-11500SUSE bug 1145559cpe:/o:opensuse:leap:15.1CVE-2019-11505openSUSE Leap 15.1
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
ImportantCVE-2019-11505SUSE bug 1133501cpe:/o:opensuse:leap:15.1CVE-2019-11506openSUSE Leap 15.1
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
ModerateCVE-2019-11506SUSE bug 1133498cpe:/o:opensuse:leap:15.1CVE-2019-11555openSUSE Leap 15.1
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.
ModerateCVE-2019-11555SUSE bug 1133640cpe:/o:opensuse:leap:15.1CVE-2019-11556openSUSE Leap 15.1
Pagure before 5.6 allows XSS via the templates/blame.html blame view.
ModerateCVE-2019-11556SUSE bug 1176987cpe:/o:opensuse:leap:15.1CVE-2019-11596openSUSE Leap 15.1
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
ImportantCVE-2019-11596SUSE bug 1133817cpe:/o:opensuse:leap:15.1CVE-2019-11597openSUSE Leap 15.1
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
ModerateCVE-2019-11597SUSE bug 1138464SUSE bug 1146211cpe:/o:opensuse:leap:15.1CVE-2019-11598openSUSE Leap 15.1
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
ModerateCVE-2019-11598SUSE bug 1136732SUSE bug 1179313SUSE bug 1179336cpe:/o:opensuse:leap:15.1CVE-2019-11599openSUSE Leap 15.1
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.
ModerateCVE-2019-11599SUSE bug 1131645SUSE bug 1133738SUSE bug 1157905cpe:/o:opensuse:leap:15.1CVE-2019-11690openSUSE Leap 15.1
gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.
LowCVE-2019-11690SUSE bug 1134157cpe:/o:opensuse:leap:15.1CVE-2019-11703openSUSE Leap 15.1
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CriticalCVE-2019-11703SUSE bug 1137595cpe:/o:opensuse:leap:15.1CVE-2019-11704openSUSE Leap 15.1
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CriticalCVE-2019-11704SUSE bug 1137595cpe:/o:opensuse:leap:15.1CVE-2019-11705openSUSE Leap 15.1
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CriticalCVE-2019-11705SUSE bug 1137595cpe:/o:opensuse:leap:15.1CVE-2019-11706openSUSE Leap 15.1
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
CriticalCVE-2019-11706SUSE bug 1137595cpe:/o:opensuse:leap:15.1CVE-2019-11707openSUSE Leap 15.1
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
ImportantCVE-2019-11707SUSE bug 1138614cpe:/o:opensuse:leap:15.1CVE-2019-11708openSUSE Leap 15.1
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.
ImportantCVE-2019-11708SUSE bug 1138872cpe:/o:opensuse:leap:15.1CVE-2019-11709openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11709SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11710openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11710SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11711openSUSE Leap 15.1
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11711SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11712openSUSE Leap 15.1
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11712SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11713openSUSE Leap 15.1
A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11713SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11714openSUSE Leap 15.1
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11714SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11715openSUSE Leap 15.1
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11715SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11716openSUSE Leap 15.1
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11716SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11717openSUSE Leap 15.1
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11717SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11718openSUSE Leap 15.1
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11718SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11719openSUSE Leap 15.1
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11719SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11720openSUSE Leap 15.1
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11720SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11721openSUSE Leap 15.1
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11721SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11723openSUSE Leap 15.1
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11723SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11724openSUSE Leap 15.1
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11724SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11725openSUSE Leap 15.1
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11725SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11727openSUSE Leap 15.1
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
ModerateCVE-2019-11727SUSE bug 1140868SUSE bug 1141322cpe:/o:opensuse:leap:15.1CVE-2019-11728openSUSE Leap 15.1
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68.
ImportantCVE-2019-11728SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11729openSUSE Leap 15.1
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11729SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11730openSUSE Leap 15.1
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-11730SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-11733openSUSE Leap 15.1
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
ModerateCVE-2019-11733SUSE bug 1145665cpe:/o:opensuse:leap:15.1CVE-2019-11735openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11735SUSE bug 1149293SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11736openSUSE Leap 15.1
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11736SUSE bug 1149292SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11738openSUSE Leap 15.1
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11738SUSE bug 1149302SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11739openSUSE Leap 15.1
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 68.1 and Thunderbird < 60.9.
ModerateCVE-2019-11739SUSE bug 1150939SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11740openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11740SUSE bug 1149299SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11742openSUSE Leap 15.1
A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11742SUSE bug 1149303SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11743openSUSE Leap 15.1
Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ModerateCVE-2019-11743SUSE bug 1149298SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11744openSUSE Leap 15.1
Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11744SUSE bug 1149304SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11745openSUSE Leap 15.1
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ImportantCVE-2019-11745SUSE bug 1158328SUSE bug 1158527cpe:/o:opensuse:leap:15.1CVE-2019-11746openSUSE Leap 15.1
A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11746SUSE bug 1149297SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11747openSUSE Leap 15.1
The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
LowCVE-2019-11747SUSE bug 1149301SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11748openSUSE Leap 15.1
WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11748SUSE bug 1149291SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11749openSUSE Leap 15.1
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11749SUSE bug 1149290SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11750openSUSE Leap 15.1
A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ModerateCVE-2019-11750SUSE bug 1149289SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11751openSUSE Leap 15.1
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
ImportantCVE-2019-11751SUSE bug 1149286SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11752openSUSE Leap 15.1
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11752SUSE bug 1149296SUSE bug 1149323SUSE bug 1149324SUSE bug 1150940cpe:/o:opensuse:leap:15.1CVE-2019-11753openSUSE Leap 15.1
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1.
ImportantCVE-2019-11753SUSE bug 1149295SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-11755openSUSE Leap 15.1
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.
ModerateCVE-2019-11755SUSE bug 1152375cpe:/o:opensuse:leap:15.1CVE-2019-11757openSUSE Leap 15.1
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11757SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11758openSUSE Leap 15.1
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11758SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11759openSUSE Leap 15.1
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11759SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11760openSUSE Leap 15.1
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11760SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11761openSUSE Leap 15.1
By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11761SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11762openSUSE Leap 15.1
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11762SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11763openSUSE Leap 15.1
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11763SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11764openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
ModerateCVE-2019-11764SUSE bug 1154738cpe:/o:opensuse:leap:15.1CVE-2019-11768openSUSE Leap 15.1
An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
ModerateCVE-2019-11768SUSE bug 1137496cpe:/o:opensuse:leap:15.1CVE-2019-11779openSUSE Leap 15.1
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.
ModerateCVE-2019-11779SUSE bug 1151494cpe:/o:opensuse:leap:15.1CVE-2019-11810openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
LowCVE-2019-11810SUSE bug 1134399cpe:/o:opensuse:leap:15.1CVE-2019-11811openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
LowCVE-2019-11811SUSE bug 1134397cpe:/o:opensuse:leap:15.1CVE-2019-11815openSUSE Leap 15.1
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
ModerateCVE-2019-11815SUSE bug 1134537cpe:/o:opensuse:leap:15.1CVE-2019-11833openSUSE Leap 15.1
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
ModerateCVE-2019-11833SUSE bug 1135281cpe:/o:opensuse:leap:15.1CVE-2019-11884openSUSE Leap 15.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.
ModerateCVE-2019-11884SUSE bug 1134848SUSE bug 1139868cpe:/o:opensuse:leap:15.1CVE-2019-11922openSUSE Leap 15.1
A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.
ModerateCVE-2019-11922SUSE bug 1142941cpe:/o:opensuse:leap:15.1CVE-2019-12068openSUSE Leap 15.1
In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.
ModerateCVE-2019-12068SUSE bug 1146873SUSE bug 1146874SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-12083openSUSE Leap 15.1
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected.
ModerateCVE-2019-12083SUSE bug 1134978cpe:/o:opensuse:leap:15.1CVE-2019-12098openSUSE Leap 15.1
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
LowCVE-2019-12098cpe:/o:opensuse:leap:15.1CVE-2019-12155openSUSE Leap 15.1
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
LowCVE-2019-12155SUSE bug 1135902SUSE bug 1135905cpe:/o:opensuse:leap:15.1CVE-2019-12209openSUSE Leap 15.1
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by root. If the debug option is enabled in the PAM configuration, part of the file contents of a symlink target will be logged, possibly revealing sensitive information.
ModerateCVE-2019-12209SUSE bug 1087061SUSE bug 1135727SUSE bug 1135729cpe:/o:opensuse:leap:15.1CVE-2019-12210openSUSE Leap 15.1
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debug_file, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it. This can leak sensitive information and also, if written to, be used to fill the disk or plant misinformation.
ModerateCVE-2019-12210SUSE bug 1087061SUSE bug 1135727SUSE bug 1135729cpe:/o:opensuse:leap:15.1CVE-2019-12217openSUSE Leap 15.1
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
ModerateCVE-2019-12217SUSE bug 1135787cpe:/o:opensuse:leap:15.1CVE-2019-12218openSUSE Leap 15.1
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
ModerateCVE-2019-12218SUSE bug 1135789cpe:/o:opensuse:leap:15.1CVE-2019-12220openSUSE Leap 15.1
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.
ModerateCVE-2019-12220SUSE bug 1135806cpe:/o:opensuse:leap:15.1CVE-2019-12221openSUSE Leap 15.1
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
LowCVE-2019-12221SUSE bug 1135796cpe:/o:opensuse:leap:15.1CVE-2019-12222openSUSE Leap 15.1
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
ModerateCVE-2019-12222SUSE bug 1136101cpe:/o:opensuse:leap:15.1CVE-2019-12248openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.7, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user quotes it, the email could cause the browser to load external image resources.
ModerateCVE-2019-12248SUSE bug 1137615cpe:/o:opensuse:leap:15.1CVE-2019-12269openSUSE Leap 15.1
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
ImportantCVE-2019-12269SUSE bug 1135855cpe:/o:opensuse:leap:15.1CVE-2019-12290openSUSE Leap 15.1
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.
ModerateCVE-2019-12290SUSE bug 1154884cpe:/o:opensuse:leap:15.1CVE-2019-12308openSUSE Leap 15.1
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.
ModerateCVE-2019-12308SUSE bug 1136468cpe:/o:opensuse:leap:15.1CVE-2019-12380openSUSE Leap 15.1
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.
ModerateCVE-2019-12380SUSE bug 1136598SUSE bug 1155298cpe:/o:opensuse:leap:15.1CVE-2019-12382openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.
LowCVE-2019-12382SUSE bug 1136586SUSE bug 1155298cpe:/o:opensuse:leap:15.1CVE-2019-12387openSUSE Leap 15.1
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
ModerateCVE-2019-12387SUSE bug 1137825cpe:/o:opensuse:leap:15.1CVE-2019-12418openSUSE Leap 15.1
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
ImportantCVE-2019-12418SUSE bug 1159723cpe:/o:opensuse:leap:15.1CVE-2019-12435openSUSE Leap 15.1
Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.
ModerateCVE-2019-12435SUSE bug 1137815cpe:/o:opensuse:leap:15.1CVE-2019-12439openSUSE Leap 15.1
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
ImportantCVE-2019-12439SUSE bug 1136958cpe:/o:opensuse:leap:15.1CVE-2019-12447openSUSE Leap 15.1
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
ImportantCVE-2019-12447SUSE bug 1136986cpe:/o:opensuse:leap:15.1CVE-2019-12448openSUSE Leap 15.1
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
ModerateCVE-2019-12448SUSE bug 1136981cpe:/o:opensuse:leap:15.1CVE-2019-12449openSUSE Leap 15.1
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.
ModerateCVE-2019-12449SUSE bug 1136992cpe:/o:opensuse:leap:15.1CVE-2019-12456openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a "double fetch" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.
ImportantCVE-2019-12456SUSE bug 1136922SUSE bug 1136993cpe:/o:opensuse:leap:15.1CVE-2019-12497openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes.
ModerateCVE-2019-12497SUSE bug 1137614cpe:/o:opensuse:leap:15.1CVE-2019-12519openSUSE Leap 15.1
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
ImportantCVE-2019-12519SUSE bug 1169659cpe:/o:opensuse:leap:15.1CVE-2019-12521openSUSE Leap 15.1
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
ImportantCVE-2019-12521SUSE bug 1169659cpe:/o:opensuse:leap:15.1CVE-2019-12523openSUSE Leap 15.1
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.
ImportantCVE-2019-12523SUSE bug 1156329SUSE bug 1165586cpe:/o:opensuse:leap:15.1CVE-2019-12525openSUSE Leap 15.1
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
ImportantCVE-2019-12525SUSE bug 1141332cpe:/o:opensuse:leap:15.1CVE-2019-12526openSUSE Leap 15.1
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
ImportantCVE-2019-12526SUSE bug 1156326cpe:/o:opensuse:leap:15.1CVE-2019-12527openSUSE Leap 15.1
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.
CriticalCVE-2019-12527SUSE bug 1141330cpe:/o:opensuse:leap:15.1CVE-2019-12528openSUSE Leap 15.1
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
ModerateCVE-2019-12528SUSE bug 1162689cpe:/o:opensuse:leap:15.1CVE-2019-12529openSUSE Leap 15.1
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.
ModerateCVE-2019-12529SUSE bug 1141329cpe:/o:opensuse:leap:15.1CVE-2019-12594openSUSE Leap 15.1
DOSBox 0.74-2 has Incorrect Access Control.
CriticalCVE-2019-12594SUSE bug 1140254cpe:/o:opensuse:leap:15.1CVE-2019-12614openSUSE Leap 15.1
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
ModerateCVE-2019-12614SUSE bug 1137194cpe:/o:opensuse:leap:15.1CVE-2019-12616openSUSE Leap 15.1
An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim.
ModerateCVE-2019-12616SUSE bug 1137497cpe:/o:opensuse:leap:15.1CVE-2019-12625openSUSE Leap 15.1
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
ImportantCVE-2019-12625SUSE bug 1144504cpe:/o:opensuse:leap:15.1CVE-2019-12735openSUSE Leap 15.1
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
ImportantCVE-2019-12735SUSE bug 1137443cpe:/o:opensuse:leap:15.1CVE-2019-12746openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.
ModerateCVE-2019-12746SUSE bug 1141430cpe:/o:opensuse:leap:15.1CVE-2019-12749openSUSE Leap 15.1
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.
ImportantCVE-2019-12749SUSE bug 1137832cpe:/o:opensuse:leap:15.1CVE-2019-12779openSUSE Leap 15.1
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
ModerateCVE-2019-12779SUSE bug 1137835cpe:/o:opensuse:leap:15.1CVE-2019-12781openSUSE Leap 15.1
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.
ModerateCVE-2019-12781SUSE bug 1124991SUSE bug 1139945cpe:/o:opensuse:leap:15.1CVE-2019-12795openSUSE Leap 15.1
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)
ModerateCVE-2019-12795SUSE bug 1137930cpe:/o:opensuse:leap:15.1CVE-2019-12815openSUSE Leap 15.1
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CriticalCVE-2019-12815SUSE bug 1142281cpe:/o:opensuse:leap:15.1CVE-2019-12816openSUSE Leap 15.1
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
ImportantCVE-2019-12816SUSE bug 1138572cpe:/o:opensuse:leap:15.1CVE-2019-12817openSUSE Leap 15.1
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.
ImportantCVE-2019-12817SUSE bug 1138263SUSE bug 1138264cpe:/o:opensuse:leap:15.1CVE-2019-12818openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in net/nfc/llcp_core.c.
ModerateCVE-2019-12818SUSE bug 1138293cpe:/o:opensuse:leap:15.1CVE-2019-12819openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0. The function __mdiobus_register() in drivers/net/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.
LowCVE-2019-12819SUSE bug 1138291cpe:/o:opensuse:leap:15.1CVE-2019-12838openSUSE Leap 15.1
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
ModerateCVE-2019-12838SUSE bug 1140709cpe:/o:opensuse:leap:15.1CVE-2019-12854openSUSE Leap 15.1
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
ModerateCVE-2019-12854SUSE bug 1141442cpe:/o:opensuse:leap:15.1CVE-2019-12855openSUSE Leap 15.1
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
ModerateCVE-2019-12855SUSE bug 1138461cpe:/o:opensuse:leap:15.1CVE-2019-12874openSUSE Leap 15.1
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
ImportantCVE-2019-12874SUSE bug 1138933cpe:/o:opensuse:leap:15.1CVE-2019-12900openSUSE Leap 15.1
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
ImportantCVE-2019-12900SUSE bug 1139083SUSE bug 1149458cpe:/o:opensuse:leap:15.1CVE-2019-12904openSUSE Leap 15.1
** DISPUTED ** In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because there is no description of an attack.
ModerateCVE-2019-12904SUSE bug 1138939cpe:/o:opensuse:leap:15.1CVE-2019-12921openSUSE Leap 15.1
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
ModerateCVE-2019-12921SUSE bug 1138425SUSE bug 1167208cpe:/o:opensuse:leap:15.1CVE-2019-12922openSUSE Leap 15.1
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
ModerateCVE-2019-12922SUSE bug 1150914cpe:/o:opensuse:leap:15.1CVE-2019-12972openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.
ModerateCVE-2019-12972SUSE bug 1140126cpe:/o:opensuse:leap:15.1CVE-2019-12973openSUSE Leap 15.1
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
ModerateCVE-2019-12973SUSE bug 1140359cpe:/o:opensuse:leap:15.1CVE-2019-12974openSUSE Leap 15.1
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
ModerateCVE-2019-12974SUSE bug 1140111cpe:/o:opensuse:leap:15.1CVE-2019-12975openSUSE Leap 15.1
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
ModerateCVE-2019-12975SUSE bug 1140106cpe:/o:opensuse:leap:15.1CVE-2019-12976openSUSE Leap 15.1
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
ModerateCVE-2019-12976SUSE bug 1140110cpe:/o:opensuse:leap:15.1CVE-2019-12977openSUSE Leap 15.1
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
ModerateCVE-2019-12977SUSE bug 1139884cpe:/o:opensuse:leap:15.1CVE-2019-12978openSUSE Leap 15.1
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
ModerateCVE-2019-12978SUSE bug 1139885cpe:/o:opensuse:leap:15.1CVE-2019-12979openSUSE Leap 15.1
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
ModerateCVE-2019-12979SUSE bug 1139886cpe:/o:opensuse:leap:15.1CVE-2019-13045openSUSE Leap 15.1
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
ModerateCVE-2019-13045SUSE bug 1139802cpe:/o:opensuse:leap:15.1CVE-2019-13050openSUSE Leap 15.1
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
ModerateCVE-2019-13050SUSE bug 1141093cpe:/o:opensuse:leap:15.1CVE-2019-13057openSUSE Leap 15.1
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)
ModerateCVE-2019-13057SUSE bug 1143273cpe:/o:opensuse:leap:15.1CVE-2019-13103openSUSE Leap 15.1
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
ModerateCVE-2019-13103SUSE bug 1143463cpe:/o:opensuse:leap:15.1CVE-2019-13104openSUSE Leap 15.1
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
ModerateCVE-2019-13104SUSE bug 1144675cpe:/o:opensuse:leap:15.1CVE-2019-13106openSUSE Leap 15.1
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
ModerateCVE-2019-13106SUSE bug 1144656cpe:/o:opensuse:leap:15.1CVE-2019-13114openSUSE Leap 15.1
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
ModerateCVE-2019-13114SUSE bug 1142684cpe:/o:opensuse:leap:15.1CVE-2019-13117openSUSE Leap 15.1
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
ModerateCVE-2019-13117SUSE bug 1140095SUSE bug 1157028SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2019-13118openSUSE Leap 15.1
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
LowCVE-2019-13118SUSE bug 1140101SUSE bug 1157028SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2019-13132openSUSE Leap 15.1
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.
ImportantCVE-2019-13132SUSE bug 1140255cpe:/o:opensuse:leap:15.1CVE-2019-13133openSUSE Leap 15.1
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
ModerateCVE-2019-13133SUSE bug 1140100cpe:/o:opensuse:leap:15.1CVE-2019-13134openSUSE Leap 15.1
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
ModerateCVE-2019-13134SUSE bug 1140102cpe:/o:opensuse:leap:15.1CVE-2019-13135openSUSE Leap 15.1
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
ModerateCVE-2019-13135SUSE bug 1140103cpe:/o:opensuse:leap:15.1CVE-2019-13136openSUSE Leap 15.1
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
ModerateCVE-2019-13136SUSE bug 1140104cpe:/o:opensuse:leap:15.1CVE-2019-13137openSUSE Leap 15.1
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
ModerateCVE-2019-13137SUSE bug 1140105cpe:/o:opensuse:leap:15.1CVE-2019-13164openSUSE Leap 15.1
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
ModerateCVE-2019-13164SUSE bug 1140402cpe:/o:opensuse:leap:15.1CVE-2019-13173openSUSE Leap 15.1
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter() function is vulnerable.
ImportantCVE-2019-13173SUSE bug 1140290cpe:/o:opensuse:leap:15.1CVE-2019-13178openSUSE Leap 15.1
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.
ModerateCVE-2019-13178SUSE bug 1140256cpe:/o:opensuse:leap:15.1CVE-2019-13207openSUSE Leap 15.1
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
ModerateCVE-2019-13207SUSE bug 1182952cpe:/o:opensuse:leap:15.1CVE-2019-13233openSUSE Leap 15.1
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
ImportantCVE-2019-13233SUSE bug 1140454SUSE bug 1144502cpe:/o:opensuse:leap:15.1CVE-2019-13295openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
ModerateCVE-2019-13295SUSE bug 1140664cpe:/o:opensuse:leap:15.1CVE-2019-13296openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
ModerateCVE-2019-13296SUSE bug 1140665cpe:/o:opensuse:leap:15.1CVE-2019-13297openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
ModerateCVE-2019-13297SUSE bug 1140666cpe:/o:opensuse:leap:15.1CVE-2019-13298openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
ModerateCVE-2019-13298SUSE bug 1140667cpe:/o:opensuse:leap:15.1CVE-2019-13299openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
ModerateCVE-2019-13299SUSE bug 1140668cpe:/o:opensuse:leap:15.1CVE-2019-13300openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
ModerateCVE-2019-13300SUSE bug 1140669cpe:/o:opensuse:leap:15.1CVE-2019-13301openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
ModerateCVE-2019-13301SUSE bug 1140554cpe:/o:opensuse:leap:15.1CVE-2019-13302openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
ModerateCVE-2019-13302SUSE bug 1140552cpe:/o:opensuse:leap:15.1CVE-2019-13303openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
ImportantCVE-2019-13303SUSE bug 1140549cpe:/o:opensuse:leap:15.1CVE-2019-13304openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
ImportantCVE-2019-13304SUSE bug 1140547cpe:/o:opensuse:leap:15.1CVE-2019-13305openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
ImportantCVE-2019-13305SUSE bug 1140545cpe:/o:opensuse:leap:15.1CVE-2019-13306openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
ModerateCVE-2019-13306SUSE bug 1140543cpe:/o:opensuse:leap:15.1CVE-2019-13307openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
ModerateCVE-2019-13307SUSE bug 1140538cpe:/o:opensuse:leap:15.1CVE-2019-13308openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
ModerateCVE-2019-13308SUSE bug 1140534cpe:/o:opensuse:leap:15.1CVE-2019-13309openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
LowCVE-2019-13309SUSE bug 1140501SUSE bug 1140520cpe:/o:opensuse:leap:15.1CVE-2019-13310openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
LowCVE-2019-13310SUSE bug 1140501SUSE bug 1140520cpe:/o:opensuse:leap:15.1CVE-2019-13311openSUSE Leap 15.1
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
LowCVE-2019-13311SUSE bug 1140513SUSE bug 1140554cpe:/o:opensuse:leap:15.1CVE-2019-13314openSUSE Leap 15.1
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
LowCVE-2019-13314SUSE bug 1140750cpe:/o:opensuse:leap:15.1CVE-2019-13345openSUSE Leap 15.1
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
ModerateCVE-2019-13345SUSE bug 1140738cpe:/o:opensuse:leap:15.1CVE-2019-13377openSUSE Leap 15.1
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.
ModerateCVE-2019-13377SUSE bug 1144443cpe:/o:opensuse:leap:15.1CVE-2019-13391openSUSE Leap 15.1
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.
ModerateCVE-2019-13391SUSE bug 1140673cpe:/o:opensuse:leap:15.1CVE-2019-13454openSUSE Leap 15.1
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
ModerateCVE-2019-13454SUSE bug 1141171cpe:/o:opensuse:leap:15.1CVE-2019-13456openSUSE Leap 15.1
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
ModerateCVE-2019-13456SUSE bug 1144524SUSE bug 1166858cpe:/o:opensuse:leap:15.1CVE-2019-13457openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8. A customer user can use the search results to disclose information from their "company" tickets (with the same CustomerID), even when the CustomerDisableCompanyTicketAccess setting is turned on.
ModerateCVE-2019-13457SUSE bug 1141431cpe:/o:opensuse:leap:15.1CVE-2019-13458openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.
ModerateCVE-2019-13458SUSE bug 1141431SUSE bug 1141432cpe:/o:opensuse:leap:15.1CVE-2019-1348openSUSE Leap 15.1
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.
ModerateCVE-2019-1348SUSE bug 1158785cpe:/o:opensuse:leap:15.1CVE-2019-1349openSUSE Leap 15.1
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.
CriticalCVE-2019-1349SUSE bug 1158785SUSE bug 1158787cpe:/o:opensuse:leap:15.1CVE-2019-1350openSUSE Leap 15.1
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.
CriticalCVE-2019-1350SUSE bug 1158785SUSE bug 1158788cpe:/o:opensuse:leap:15.1CVE-2019-13508openSUSE Leap 15.1
FreeTDS through 1.1.11 has a Buffer Overflow.
ImportantCVE-2019-13508SUSE bug 1141132cpe:/o:opensuse:leap:15.1CVE-2019-13509openSUSE Leap 15.1
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.
ModerateCVE-2019-13509SUSE bug 1142160cpe:/o:opensuse:leap:15.1CVE-2019-1351openSUSE Leap 15.1
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
ModerateCVE-2019-1351SUSE bug 1158785SUSE bug 1158789cpe:/o:opensuse:leap:15.1CVE-2019-1352openSUSE Leap 15.1
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.
CriticalCVE-2019-1352SUSE bug 1158785SUSE bug 1158787SUSE bug 1158790cpe:/o:opensuse:leap:15.1CVE-2019-1353openSUSE Leap 15.1
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.
ImportantCVE-2019-1353SUSE bug 1158785SUSE bug 1158791cpe:/o:opensuse:leap:15.1CVE-2019-1354openSUSE Leap 15.1
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.
ModerateCVE-2019-1354SUSE bug 1158785SUSE bug 1158792cpe:/o:opensuse:leap:15.1CVE-2019-13565openSUSE Leap 15.1
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.
ModerateCVE-2019-13565SUSE bug 1143194cpe:/o:opensuse:leap:15.1CVE-2019-13602openSUSE Leap 15.1
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
ImportantCVE-2019-13602SUSE bug 1141522SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-13616openSUSE Leap 15.1
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
ModerateCVE-2019-13616SUSE bug 1141844cpe:/o:opensuse:leap:15.1CVE-2019-13619openSUSE Leap 15.1
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
ModerateCVE-2019-13619SUSE bug 1141980cpe:/o:opensuse:leap:15.1CVE-2019-13626openSUSE Leap 15.1
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.
ModerateCVE-2019-13626SUSE bug 1142031cpe:/o:opensuse:leap:15.1CVE-2019-13627openSUSE Leap 15.1
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
ModerateCVE-2019-13627SUSE bug 1148987cpe:/o:opensuse:leap:15.1CVE-2019-13631openSUSE Leap 15.1
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
ModerateCVE-2019-13631SUSE bug 1142023cpe:/o:opensuse:leap:15.1CVE-2019-13640openSUSE Leap 15.1
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed.
ModerateCVE-2019-13640SUSE bug 1141967cpe:/o:opensuse:leap:15.1CVE-2019-13648openSUSE Leap 15.1
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.
ModerateCVE-2019-13648SUSE bug 1142254SUSE bug 1142265cpe:/o:opensuse:leap:15.1CVE-2019-13659openSUSE Leap 15.1
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13659SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13660openSUSE Leap 15.1
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
ModerateCVE-2019-13660SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13661openSUSE Leap 15.1
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
ModerateCVE-2019-13661SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13662openSUSE Leap 15.1
Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-13662SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13663openSUSE Leap 15.1
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13663SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13664openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-13664SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13665openSUSE Leap 15.1
Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.
ModerateCVE-2019-13665SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13666openSUSE Leap 15.1
Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13666SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13667openSUSE Leap 15.1
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13667SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13668openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13668SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13669openSUSE Leap 15.1
Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13669SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13670openSUSE Leap 15.1
Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13670SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13671openSUSE Leap 15.1
UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2019-13671SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13673openSUSE Leap 15.1
Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13673SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13674openSUSE Leap 15.1
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13674SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13675openSUSE Leap 15.1
Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.
ModerateCVE-2019-13675SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13676openSUSE Leap 15.1
Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-13676SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13677openSUSE Leap 15.1
Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
ModerateCVE-2019-13677SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13678openSUSE Leap 15.1
Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-13678SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13679openSUSE Leap 15.1
Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.
ModerateCVE-2019-13679SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13680openSUSE Leap 15.1
Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.
ModerateCVE-2019-13680SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13681openSUSE Leap 15.1
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
ModerateCVE-2019-13681SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13682openSUSE Leap 15.1
Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
ModerateCVE-2019-13682SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13683openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13683SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-13685openSUSE Leap 15.1
Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CriticalCVE-2019-13685SUSE bug 1151229cpe:/o:opensuse:leap:15.1CVE-2019-13686openSUSE Leap 15.1
Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13686SUSE bug 1151229cpe:/o:opensuse:leap:15.1CVE-2019-13687openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13687SUSE bug 1151229cpe:/o:opensuse:leap:15.1CVE-2019-13688openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13688SUSE bug 1151229cpe:/o:opensuse:leap:15.1CVE-2019-13693openSUSE Leap 15.1
Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
ModerateCVE-2019-13693SUSE bug 1153660cpe:/o:opensuse:leap:15.1CVE-2019-13694openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13694SUSE bug 1153660cpe:/o:opensuse:leap:15.1CVE-2019-13695openSUSE Leap 15.1
Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13695SUSE bug 1153660cpe:/o:opensuse:leap:15.1CVE-2019-13696openSUSE Leap 15.1
Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13696SUSE bug 1153660cpe:/o:opensuse:leap:15.1CVE-2019-13697openSUSE Leap 15.1
Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13697SUSE bug 1153660cpe:/o:opensuse:leap:15.1CVE-2019-13699openSUSE Leap 15.1
Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13699SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13700openSUSE Leap 15.1
Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13700SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13701openSUSE Leap 15.1
Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2019-13701SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13702openSUSE Leap 15.1
Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.
ModerateCVE-2019-13702SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13703openSUSE Leap 15.1
Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13703SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13704openSUSE Leap 15.1
Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-13704SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13705openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.
ModerateCVE-2019-13705SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13706openSUSE Leap 15.1
Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2019-13706SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13707openSUSE Leap 15.1
Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.
ModerateCVE-2019-13707SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13708openSUSE Leap 15.1
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13708SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13709openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
ModerateCVE-2019-13709SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13710openSUSE Leap 15.1
Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
ModerateCVE-2019-13710SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13711openSUSE Leap 15.1
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13711SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13713openSUSE Leap 15.1
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13713SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13714openSUSE Leap 15.1
Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.
ModerateCVE-2019-13714SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13715openSUSE Leap 15.1
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13715SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13716openSUSE Leap 15.1
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2019-13716SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13717openSUSE Leap 15.1
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
ModerateCVE-2019-13717SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13718openSUSE Leap 15.1
Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13718SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13719openSUSE Leap 15.1
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
ModerateCVE-2019-13719SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-13720openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13720SUSE bug 1155643cpe:/o:opensuse:leap:15.1CVE-2019-13721openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-13721SUSE bug 1155643cpe:/o:opensuse:leap:15.1CVE-2019-13722openSUSE Leap 15.1
Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13722SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-13723openSUSE Leap 15.1
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13723SUSE bug 1157269cpe:/o:opensuse:leap:15.1CVE-2019-13724openSUSE Leap 15.1
Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13724SUSE bug 1157269cpe:/o:opensuse:leap:15.1CVE-2019-13725openSUSE Leap 15.1
Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
ModerateCVE-2019-13725SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13726openSUSE Leap 15.1
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
ModerateCVE-2019-13726SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13727openSUSE Leap 15.1
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
ModerateCVE-2019-13727SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13728openSUSE Leap 15.1
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13728SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13729openSUSE Leap 15.1
Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13729SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13730openSUSE Leap 15.1
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13730SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13732openSUSE Leap 15.1
Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13732SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13734openSUSE Leap 15.1
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13734SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13735openSUSE Leap 15.1
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
ModerateCVE-2019-13735SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13736openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-13736SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13737openSUSE Leap 15.1
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-13737SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13738openSUSE Leap 15.1
Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
ModerateCVE-2019-13738SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13739openSUSE Leap 15.1
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13739SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13740openSUSE Leap 15.1
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-13740SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13741openSUSE Leap 15.1
Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
ModerateCVE-2019-13741SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13742openSUSE Leap 15.1
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
ModerateCVE-2019-13742SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13743openSUSE Leap 15.1
Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2019-13743SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13744openSUSE Leap 15.1
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13744SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13745openSUSE Leap 15.1
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13745SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13746openSUSE Leap 15.1
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13746SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13747openSUSE Leap 15.1
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13747SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13748openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-13748SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13749openSUSE Leap 15.1
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2019-13749SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13750openSUSE Leap 15.1
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.
ModerateCVE-2019-13750SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13751openSUSE Leap 15.1
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-13751SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13752openSUSE Leap 15.1
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-13752SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13753openSUSE Leap 15.1
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-13753SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13754openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2019-13754SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13755openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
ModerateCVE-2019-13755SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13756openSUSE Leap 15.1
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-13756SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13757openSUSE Leap 15.1
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13757SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13758openSUSE Leap 15.1
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2019-13758SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13759openSUSE Leap 15.1
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-13759SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13761openSUSE Leap 15.1
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2019-13761SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13762openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
ModerateCVE-2019-13762SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13763openSUSE Leap 15.1
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-13763SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13764openSUSE Leap 15.1
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13764SUSE bug 1158982cpe:/o:opensuse:leap:15.1CVE-2019-13767openSUSE Leap 15.1
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-13767SUSE bug 1159498cpe:/o:opensuse:leap:15.1CVE-2019-1387openSUSE Leap 15.1
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
ModerateCVE-2019-1387SUSE bug 1158785SUSE bug 1158793cpe:/o:opensuse:leap:15.1CVE-2019-13917openSUSE Leap 15.1
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
ImportantCVE-2019-13917SUSE bug 1142207cpe:/o:opensuse:leap:15.1CVE-2019-13962openSUSE Leap 15.1
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
ImportantCVE-2019-13962SUSE bug 1142161SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14192openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.
ModerateCVE-2019-14192SUSE bug 1143777cpe:/o:opensuse:leap:15.1CVE-2019-14193openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
ModerateCVE-2019-14193SUSE bug 1143817cpe:/o:opensuse:leap:15.1CVE-2019-14194openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.
ImportantCVE-2019-14194SUSE bug 1143818cpe:/o:opensuse:leap:15.1CVE-2019-14195openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.
ModerateCVE-2019-14195SUSE bug 1143819cpe:/o:opensuse:leap:15.1CVE-2019-14196openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.
ModerateCVE-2019-14196SUSE bug 1143820cpe:/o:opensuse:leap:15.1CVE-2019-14197openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.
ModerateCVE-2019-14197SUSE bug 1143821cpe:/o:opensuse:leap:15.1CVE-2019-14198openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
ModerateCVE-2019-14198SUSE bug 1143823cpe:/o:opensuse:leap:15.1CVE-2019-14199openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.
ModerateCVE-2019-14199SUSE bug 1143824cpe:/o:opensuse:leap:15.1CVE-2019-14200openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.
ImportantCVE-2019-14200SUSE bug 1143825cpe:/o:opensuse:leap:15.1CVE-2019-14201openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.
ImportantCVE-2019-14201SUSE bug 1143827cpe:/o:opensuse:leap:15.1CVE-2019-14202openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.
ImportantCVE-2019-14202SUSE bug 1143828cpe:/o:opensuse:leap:15.1CVE-2019-14203openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.
ImportantCVE-2019-14203SUSE bug 1143830cpe:/o:opensuse:leap:15.1CVE-2019-14204openSUSE Leap 15.1
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.
ImportantCVE-2019-14204SUSE bug 1143831cpe:/o:opensuse:leap:15.1CVE-2019-14232openSUSE Leap 15.1
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.
ImportantCVE-2019-14232SUSE bug 1142880cpe:/o:opensuse:leap:15.1CVE-2019-14233openSUSE Leap 15.1
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.
ImportantCVE-2019-14233SUSE bug 1142882cpe:/o:opensuse:leap:15.1CVE-2019-14234openSUSE Leap 15.1
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.
ImportantCVE-2019-14234SUSE bug 1142883cpe:/o:opensuse:leap:15.1CVE-2019-14235openSUSE Leap 15.1
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.
ModerateCVE-2019-14235SUSE bug 1142885cpe:/o:opensuse:leap:15.1CVE-2019-14241openSUSE Leap 15.1
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.
ImportantCVE-2019-14241SUSE bug 1142529cpe:/o:opensuse:leap:15.1CVE-2019-14250openSUSE Leap 15.1
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
ModerateCVE-2019-14250SUSE bug 1142649cpe:/o:opensuse:leap:15.1CVE-2019-14271openSUSE Leap 15.1
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
ImportantCVE-2019-14271SUSE bug 1143409cpe:/o:opensuse:leap:15.1CVE-2019-14274openSUSE Leap 15.1
MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.
ModerateCVE-2019-14274SUSE bug 1143032cpe:/o:opensuse:leap:15.1CVE-2019-14275openSUSE Leap 15.1
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.
ModerateCVE-2019-14275SUSE bug 1143650cpe:/o:opensuse:leap:15.1CVE-2019-14283openSUSE Leap 15.1
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.
ModerateCVE-2019-14283SUSE bug 1143191cpe:/o:opensuse:leap:15.1CVE-2019-14284openSUSE Leap 15.1
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.
ModerateCVE-2019-14284SUSE bug 1143189SUSE bug 1143191cpe:/o:opensuse:leap:15.1CVE-2019-14287openSUSE Leap 15.1
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
ImportantCVE-2019-14287SUSE bug 1153674SUSE bug 1156093cpe:/o:opensuse:leap:15.1CVE-2019-14296openSUSE Leap 15.1
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.
LowCVE-2019-14296SUSE bug 1143839cpe:/o:opensuse:leap:15.1CVE-2019-14318openSUSE Leap 15.1
Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because scalar multiplication in ecp.cpp (prime field curves, small leakage) and algebra.cpp (binary field curves, large leakage) is not constant time and leaks the bit length of the scalar among other information.
ModerateCVE-2019-14318SUSE bug 1143532SUSE bug 1145187cpe:/o:opensuse:leap:15.1CVE-2019-14378openSUSE Leap 15.1
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
ImportantCVE-2019-14378SUSE bug 1143794SUSE bug 1143797SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-14382openSUSE Leap 15.1
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
ModerateCVE-2019-14382SUSE bug 1143582cpe:/o:opensuse:leap:15.1CVE-2019-14383openSUSE Leap 15.1
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs.
ModerateCVE-2019-14383SUSE bug 1143584cpe:/o:opensuse:leap:15.1CVE-2019-14437openSUSE Leap 15.1
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.
ModerateCVE-2019-14437SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14438openSUSE Leap 15.1
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.
ModerateCVE-2019-14438SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14444openSUSE Leap 15.1
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.
ModerateCVE-2019-14444SUSE bug 1143609cpe:/o:opensuse:leap:15.1CVE-2019-14491openSUSE Leap 15.1
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
ModerateCVE-2019-14491SUSE bug 1144348SUSE bug 1144352cpe:/o:opensuse:leap:15.1CVE-2019-14492openSUSE Leap 15.1
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
ModerateCVE-2019-14492SUSE bug 1144348SUSE bug 1144352cpe:/o:opensuse:leap:15.1CVE-2019-14498openSUSE Leap 15.1
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
ModerateCVE-2019-14498SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14523openSUSE Leap 15.1
An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.
ModerateCVE-2019-14523SUSE bug 1144266cpe:/o:opensuse:leap:15.1CVE-2019-14524openSUSE Leap 15.1
An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.
ModerateCVE-2019-14524SUSE bug 1144261cpe:/o:opensuse:leap:15.1CVE-2019-14533openSUSE Leap 15.1
The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
ModerateCVE-2019-14533SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14534openSUSE Leap 15.1
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
ModerateCVE-2019-14534SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14535openSUSE Leap 15.1
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
ModerateCVE-2019-14535SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14553openSUSE Leap 15.1
Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.
ImportantCVE-2019-14553SUSE bug 1153072cpe:/o:opensuse:leap:15.1CVE-2019-14559openSUSE Leap 15.1
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
ModerateCVE-2019-14559SUSE bug 1163927cpe:/o:opensuse:leap:15.1CVE-2019-14562openSUSE Leap 15.1
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
LowCVE-2019-14562SUSE bug 1175476cpe:/o:opensuse:leap:15.1CVE-2019-14563openSUSE Leap 15.1
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
ModerateCVE-2019-14563SUSE bug 1163959cpe:/o:opensuse:leap:15.1CVE-2019-14575openSUSE Leap 15.1
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2019-14575SUSE bug 1163969cpe:/o:opensuse:leap:15.1CVE-2019-14584openSUSE Leap 15.1
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
ModerateCVE-2019-14584SUSE bug 1177789cpe:/o:opensuse:leap:15.1CVE-2019-14615openSUSE Leap 15.1
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
ModerateCVE-2019-14615SUSE bug 1160195SUSE bug 1165881cpe:/o:opensuse:leap:15.1CVE-2019-14744openSUSE Leap 15.1
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.
ModerateCVE-2019-14744SUSE bug 1144600cpe:/o:opensuse:leap:15.1CVE-2019-14751openSUSE Leap 15.1
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.
ModerateCVE-2019-14751SUSE bug 1146427cpe:/o:opensuse:leap:15.1CVE-2019-14776openSUSE Leap 15.1
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
ModerateCVE-2019-14776SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14777openSUSE Leap 15.1
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
ModerateCVE-2019-14777SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14778openSUSE Leap 15.1
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
ModerateCVE-2019-14778SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14806openSUSE Leap 15.1
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
ModerateCVE-2019-14806SUSE bug 1145383cpe:/o:opensuse:leap:15.1CVE-2019-14809openSUSE Leap 15.1
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.
ImportantCVE-2019-14809SUSE bug 1146123cpe:/o:opensuse:leap:15.1CVE-2019-14811openSUSE Leap 15.1
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14811SUSE bug 1146882cpe:/o:opensuse:leap:15.1CVE-2019-14812openSUSE Leap 15.1
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14812SUSE bug 1146882cpe:/o:opensuse:leap:15.1CVE-2019-14813openSUSE Leap 15.1
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14813SUSE bug 1146882cpe:/o:opensuse:leap:15.1CVE-2019-14814openSUSE Leap 15.1
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14814SUSE bug 1146512SUSE bug 1173664SUSE bug 1173665cpe:/o:opensuse:leap:15.1CVE-2019-14815openSUSE Leap 15.1
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
ImportantCVE-2019-14815SUSE bug 1146514SUSE bug 1173665cpe:/o:opensuse:leap:15.1CVE-2019-14816openSUSE Leap 15.1
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14816SUSE bug 1146516SUSE bug 1173666cpe:/o:opensuse:leap:15.1CVE-2019-14817openSUSE Leap 15.1
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
ImportantCVE-2019-14817SUSE bug 1146882SUSE bug 1146884cpe:/o:opensuse:leap:15.1CVE-2019-14821openSUSE Leap 15.1
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
ModerateCVE-2019-14821SUSE bug 1151350cpe:/o:opensuse:leap:15.1CVE-2019-14822openSUSE Leap 15.1
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
ImportantCVE-2019-14822SUSE bug 1150011cpe:/o:opensuse:leap:15.1CVE-2019-14833openSUSE Leap 15.1
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.
ModerateCVE-2019-14833SUSE bug 1154289cpe:/o:opensuse:leap:15.1CVE-2019-14834openSUSE Leap 15.1
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
ModerateCVE-2019-14834SUSE bug 1154849cpe:/o:opensuse:leap:15.1CVE-2019-14835openSUSE Leap 15.1
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
ImportantCVE-2019-14835SUSE bug 1150112SUSE bug 1151021cpe:/o:opensuse:leap:15.1CVE-2019-14846openSUSE Leap 15.1
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
ModerateCVE-2019-14846SUSE bug 1153452cpe:/o:opensuse:leap:15.1CVE-2019-14847openSUSE Leap 15.1
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
ModerateCVE-2019-14847SUSE bug 1154598cpe:/o:opensuse:leap:15.1CVE-2019-14853openSUSE Leap 15.1
An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions (or no exceptions at all), which could lead to a denial of service.
ModerateCVE-2019-14853SUSE bug 1153165cpe:/o:opensuse:leap:15.1CVE-2019-14856openSUSE Leap 15.1
ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
ModerateCVE-2019-14856SUSE bug 1154232cpe:/o:opensuse:leap:15.1CVE-2019-14857openSUSE Leap 15.1
A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.
ImportantCVE-2019-14857SUSE bug 1153666cpe:/o:opensuse:leap:15.1CVE-2019-14858openSUSE Leap 15.1
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
ModerateCVE-2019-14858SUSE bug 1154231cpe:/o:opensuse:leap:15.1CVE-2019-14859openSUSE Leap 15.1
A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions.
ModerateCVE-2019-14859SUSE bug 1154217cpe:/o:opensuse:leap:15.1CVE-2019-14861openSUSE Leap 15.1
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.
ModerateCVE-2019-14861SUSE bug 1158108cpe:/o:opensuse:leap:15.1CVE-2019-14864openSUSE Leap 15.1
Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.
ModerateCVE-2019-14864SUSE bug 1154830cpe:/o:opensuse:leap:15.1CVE-2019-14866openSUSE Leap 15.1
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
ModerateCVE-2019-14866SUSE bug 1155199cpe:/o:opensuse:leap:15.1CVE-2019-14869openSUSE Leap 15.1
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands.
ImportantCVE-2019-14869SUSE bug 1156275cpe:/o:opensuse:leap:15.1CVE-2019-14870openSUSE Leap 15.1
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.
ModerateCVE-2019-14870SUSE bug 1158109cpe:/o:opensuse:leap:15.1CVE-2019-14889openSUSE Leap 15.1
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
ImportantCVE-2019-14889SUSE bug 1158095cpe:/o:opensuse:leap:15.1CVE-2019-14895openSUSE Leap 15.1
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.
ImportantCVE-2019-14895SUSE bug 1157042SUSE bug 1157158SUSE bug 1173100SUSE bug 1173660cpe:/o:opensuse:leap:15.1CVE-2019-14896openSUSE Leap 15.1
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.
ImportantCVE-2019-14896SUSE bug 1157157SUSE bug 1160468cpe:/o:opensuse:leap:15.1CVE-2019-14897openSUSE Leap 15.1
A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.
ImportantCVE-2019-14897SUSE bug 1157155SUSE bug 1160467SUSE bug 1160468cpe:/o:opensuse:leap:15.1CVE-2019-14901openSUSE Leap 15.1
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.
ImportantCVE-2019-14901SUSE bug 1157042SUSE bug 1173661cpe:/o:opensuse:leap:15.1CVE-2019-14902openSUSE Leap 15.1
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
ModerateCVE-2019-14902SUSE bug 1160850cpe:/o:opensuse:leap:15.1CVE-2019-14904openSUSE Leap 15.1
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.
ImportantCVE-2019-14904SUSE bug 1157968cpe:/o:opensuse:leap:15.1CVE-2019-14905openSUSE Leap 15.1
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues.
ImportantCVE-2019-14905SUSE bug 1157969cpe:/o:opensuse:leap:15.1CVE-2019-14907openSUSE Leap 15.1
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).
ModerateCVE-2019-14907SUSE bug 1160888cpe:/o:opensuse:leap:15.1CVE-2019-14970openSUSE Leap 15.1
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
ModerateCVE-2019-14970SUSE bug 1146428cpe:/o:opensuse:leap:15.1CVE-2019-14973openSUSE Leap 15.1
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
ModerateCVE-2019-14973SUSE bug 1146608cpe:/o:opensuse:leap:15.1CVE-2019-14980openSUSE Leap 15.1
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
ModerateCVE-2019-14980SUSE bug 1146068cpe:/o:opensuse:leap:15.1CVE-2019-14981openSUSE Leap 15.1
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
ModerateCVE-2019-14981SUSE bug 1146065cpe:/o:opensuse:leap:15.1CVE-2019-15026openSUSE Leap 15.1
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
ModerateCVE-2019-15026SUSE bug 1149110cpe:/o:opensuse:leap:15.1CVE-2019-15030openSUSE Leap 15.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
ModerateCVE-2019-15030SUSE bug 1149713cpe:/o:opensuse:leap:15.1CVE-2019-15031openSUSE Leap 15.1
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
ModerateCVE-2019-15031SUSE bug 1149713cpe:/o:opensuse:leap:15.1CVE-2019-15034openSUSE Leap 15.1
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
ImportantCVE-2019-15034SUSE bug 1166379cpe:/o:opensuse:leap:15.1CVE-2019-15090openSUSE Leap 15.1
An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.
ModerateCVE-2019-15090SUSE bug 1146399cpe:/o:opensuse:leap:15.1CVE-2019-15098openSUSE Leap 15.1
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
ModerateCVE-2019-15098SUSE bug 1146378SUSE bug 1146543cpe:/o:opensuse:leap:15.1CVE-2019-15099openSUSE Leap 15.1
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
ModerateCVE-2019-15099SUSE bug 1146368cpe:/o:opensuse:leap:15.1CVE-2019-15117openSUSE Leap 15.1
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.
ImportantCVE-2019-15117SUSE bug 1145920SUSE bug 1173934cpe:/o:opensuse:leap:15.1CVE-2019-15118openSUSE Leap 15.1
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
ModerateCVE-2019-15118SUSE bug 1145922cpe:/o:opensuse:leap:15.1CVE-2019-15139openSUSE Leap 15.1
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
LowCVE-2019-15139SUSE bug 1146213cpe:/o:opensuse:leap:15.1CVE-2019-15140openSUSE Leap 15.1
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
LowCVE-2019-15140SUSE bug 1146212cpe:/o:opensuse:leap:15.1CVE-2019-15141openSUSE Leap 15.1
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
LowCVE-2019-15141SUSE bug 1146211cpe:/o:opensuse:leap:15.1CVE-2019-15142openSUSE Leap 15.1
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
ModerateCVE-2019-15142SUSE bug 1146702cpe:/o:opensuse:leap:15.1CVE-2019-15143openSUSE Leap 15.1
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
ModerateCVE-2019-15143SUSE bug 1146569cpe:/o:opensuse:leap:15.1CVE-2019-15144openSUSE Leap 15.1
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.
ModerateCVE-2019-15144SUSE bug 1146571cpe:/o:opensuse:leap:15.1CVE-2019-15145openSUSE Leap 15.1
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
ModerateCVE-2019-15145SUSE bug 1146572cpe:/o:opensuse:leap:15.1CVE-2019-15165openSUSE Leap 15.1
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
ModerateCVE-2019-15165SUSE bug 1153332cpe:/o:opensuse:leap:15.1CVE-2019-15166openSUSE Leap 15.1
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
ModerateCVE-2019-15166SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2019-15167openSUSE Leap 15.1
Unknown.
ModerateCVE-2019-15167SUSE bug 1153098cpe:/o:opensuse:leap:15.1CVE-2019-15211openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
ModerateCVE-2019-15211SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15212openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
ModerateCVE-2019-15212SUSE bug 1146391SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15213openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
ModerateCVE-2019-15213SUSE bug 1146519SUSE bug 1146544SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15214openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
ModerateCVE-2019-15214SUSE bug 1146519SUSE bug 1146550SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15215openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
ModerateCVE-2019-15215SUSE bug 1146425SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15216openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
ModerateCVE-2019-15216SUSE bug 1146361SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15217openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
ModerateCVE-2019-15217SUSE bug 1146519SUSE bug 1146547SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15218openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
ModerateCVE-2019-15218SUSE bug 1146413SUSE bug 1146519SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15219openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
ModerateCVE-2019-15219SUSE bug 1146519SUSE bug 1146524SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15220openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
ModerateCVE-2019-15220SUSE bug 1146519SUSE bug 1146526SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15221openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
ModerateCVE-2019-15221SUSE bug 1146519SUSE bug 1146529SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15222openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
ModerateCVE-2019-15222SUSE bug 1146519SUSE bug 1146531SUSE bug 1158381SUSE bug 1158398SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15239openSUSE Leap 15.1
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.
ImportantCVE-2019-15239SUSE bug 1146589SUSE bug 1156317cpe:/o:opensuse:leap:15.1CVE-2019-15290openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15098. Reason: This candidate is a duplicate of CVE-2019-15098. Notes: All CVE users should reference CVE-2019-15098 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
ModerateCVE-2019-15290SUSE bug 1146378SUSE bug 1146519SUSE bug 1146543SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15291openSUSE Leap 15.1
An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.
ModerateCVE-2019-15291SUSE bug 1146519SUSE bug 1146540SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-15292openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
ImportantCVE-2019-15292SUSE bug 1146678SUSE bug 1173939cpe:/o:opensuse:leap:15.1CVE-2019-1543openSUSE Leap 15.1
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).
LowCVE-2019-1543SUSE bug 1128189SUSE bug 1141801SUSE bug 1154162cpe:/o:opensuse:leap:15.1CVE-2019-1547openSUSE Leap 15.1
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
ModerateCVE-2019-1547SUSE bug 1150003SUSE bug 1154162SUSE bug 1154166SUSE bug 1161085cpe:/o:opensuse:leap:15.1CVE-2019-1551openSUSE Leap 15.1
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
ModerateCVE-2019-1551SUSE bug 1158809cpe:/o:opensuse:leap:15.1CVE-2019-15538openSUSE Leap 15.1
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
ModerateCVE-2019-15538SUSE bug 1148093cpe:/o:opensuse:leap:15.1CVE-2019-15540openSUSE Leap 15.1
filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.
ImportantCVE-2019-15540SUSE bug 1148087cpe:/o:opensuse:leap:15.1CVE-2019-1559openSUSE Leap 15.1
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
ModerateCVE-2019-1559SUSE bug 1127080SUSE bug 1141798cpe:/o:opensuse:leap:15.1CVE-2019-15604openSUSE Leap 15.1
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
ModerateCVE-2019-15604SUSE bug 1163104cpe:/o:opensuse:leap:15.1CVE-2019-15605openSUSE Leap 15.1
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
ImportantCVE-2019-15605SUSE bug 1163102cpe:/o:opensuse:leap:15.1CVE-2019-15606openSUSE Leap 15.1
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
ImportantCVE-2019-15606SUSE bug 1163103cpe:/o:opensuse:leap:15.1CVE-2019-15613openSUSE Leap 15.1
A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.
ModerateCVE-2019-15613SUSE bug 1162766cpe:/o:opensuse:leap:15.1CVE-2019-15621openSUSE Leap 15.1
Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.
ModerateCVE-2019-15621SUSE bug 1162784cpe:/o:opensuse:leap:15.1CVE-2019-15623openSUSE Leap 15.1
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
ModerateCVE-2019-15623SUSE bug 1162775cpe:/o:opensuse:leap:15.1CVE-2019-15624openSUSE Leap 15.1
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
ModerateCVE-2019-15624SUSE bug 1162776cpe:/o:opensuse:leap:15.1CVE-2019-1563openSUSE Leap 15.1
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
ModerateCVE-2019-1563SUSE bug 1150250SUSE bug 1154162cpe:/o:opensuse:leap:15.1CVE-2019-15666openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.
ImportantCVE-2019-15666SUSE bug 1148394SUSE bug 1172140cpe:/o:opensuse:leap:15.1CVE-2019-15681openSUSE Leap 15.1
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.
ModerateCVE-2019-15681SUSE bug 1155419cpe:/o:opensuse:leap:15.1CVE-2019-15690openSUSE Leap 15.1
Unknown.
ImportantCVE-2019-15690SUSE bug 1160471SUSE bug 1170441cpe:/o:opensuse:leap:15.1CVE-2019-15691openSUSE Leap 15.1
TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack unwinding. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
ImportantCVE-2019-15691SUSE bug 1159856cpe:/o:opensuse:leap:15.1CVE-2019-15692openSUSE Leap 15.1
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
ImportantCVE-2019-15692SUSE bug 1160250cpe:/o:opensuse:leap:15.1CVE-2019-15693openSUSE Leap 15.1
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which occurs in TightDecoder::FilterGradient. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
ImportantCVE-2019-15693SUSE bug 1159858cpe:/o:opensuse:leap:15.1CVE-2019-15694openSUSE Leap 15.1
TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
ImportantCVE-2019-15694SUSE bug 1160251cpe:/o:opensuse:leap:15.1CVE-2019-15695openSUSE Leap 15.1
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values, exploitation of this vulnerability could potentially result into remote code execution. This attack appear to be exploitable via network connectivity.
ImportantCVE-2019-15695SUSE bug 1159860cpe:/o:opensuse:leap:15.1CVE-2019-15757openSUSE Leap 15.1
libMirage 3.2.2 in CDemu has a NULL pointer dereference in the NRG parser in parser.c.
LowCVE-2019-15757SUSE bug 1148728cpe:/o:opensuse:leap:15.1CVE-2019-15784openSUSE Leap 15.1
Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections.
ImportantCVE-2019-15784SUSE bug 1148844cpe:/o:opensuse:leap:15.1CVE-2019-15845openSUSE Leap 15.1
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.
ModerateCVE-2019-15845SUSE bug 1152994cpe:/o:opensuse:leap:15.1CVE-2019-15846openSUSE Leap 15.1
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
CriticalCVE-2019-15846SUSE bug 1149182cpe:/o:opensuse:leap:15.1CVE-2019-15847openSUSE Leap 15.1
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.
ModerateCVE-2019-15847SUSE bug 1149145cpe:/o:opensuse:leap:15.1CVE-2019-15890openSUSE Leap 15.1
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
ModerateCVE-2019-15890SUSE bug 1149811SUSE bug 1149813SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-15892openSUSE Leap 15.1
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
ImportantCVE-2019-15892SUSE bug 1149382cpe:/o:opensuse:leap:15.1CVE-2019-15902openSUSE Leap 15.1
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
ModerateCVE-2019-15902SUSE bug 1149376SUSE bug 1155131cpe:/o:opensuse:leap:15.1CVE-2019-15903openSUSE Leap 15.1
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
ModerateCVE-2019-15903SUSE bug 1149429SUSE bug 1154738SUSE bug 1154806cpe:/o:opensuse:leap:15.1CVE-2019-15916openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
LowCVE-2019-15916SUSE bug 1149448cpe:/o:opensuse:leap:15.1CVE-2019-15917openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
ImportantCVE-2019-15917SUSE bug 1149539SUSE bug 1156334cpe:/o:opensuse:leap:15.1CVE-2019-15919openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
ImportantCVE-2019-15919SUSE bug 1149552SUSE bug 1172957cpe:/o:opensuse:leap:15.1CVE-2019-15920openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
ImportantCVE-2019-15920SUSE bug 1149626SUSE bug 1156335cpe:/o:opensuse:leap:15.1CVE-2019-15921openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
LowCVE-2019-15921SUSE bug 1149602cpe:/o:opensuse:leap:15.1CVE-2019-15924openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.
LowCVE-2019-15924SUSE bug 1149612cpe:/o:opensuse:leap:15.1CVE-2019-15926openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.
ModerateCVE-2019-15926SUSE bug 1149527cpe:/o:opensuse:leap:15.1CVE-2019-15927openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.
ModerateCVE-2019-15927SUSE bug 1149522cpe:/o:opensuse:leap:15.1CVE-2019-15939openSUSE Leap 15.1
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
LowCVE-2019-15939SUSE bug 1149742cpe:/o:opensuse:leap:15.1CVE-2019-15942openSUSE Leap 15.1
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.
ModerateCVE-2019-15942SUSE bug 1149839cpe:/o:opensuse:leap:15.1CVE-2019-15961openSUSE Leap 15.1
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.
ImportantCVE-2019-15961SUSE bug 1157763SUSE bug 1180082cpe:/o:opensuse:leap:15.1CVE-2019-16056openSUSE Leap 15.1
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
ModerateCVE-2019-16056SUSE bug 1149955cpe:/o:opensuse:leap:15.1CVE-2019-16159openSUSE Leap 15.1
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed.
ModerateCVE-2019-16159SUSE bug 1150108cpe:/o:opensuse:leap:15.1CVE-2019-16167openSUSE Leap 15.1
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
ModerateCVE-2019-16167SUSE bug 1150114cpe:/o:opensuse:leap:15.1CVE-2019-16168openSUSE Leap 15.1
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
ModerateCVE-2019-16168SUSE bug 1150137SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2019-16201openSUSE Leap 15.1
WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.
ModerateCVE-2019-16201SUSE bug 1152995cpe:/o:opensuse:leap:15.1CVE-2019-16231openSUSE Leap 15.1
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16231SUSE bug 1150466cpe:/o:opensuse:leap:15.1CVE-2019-16232openSUSE Leap 15.1
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16232SUSE bug 1150465cpe:/o:opensuse:leap:15.1CVE-2019-16233openSUSE Leap 15.1
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16233SUSE bug 1150457cpe:/o:opensuse:leap:15.1CVE-2019-16234openSUSE Leap 15.1
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
ModerateCVE-2019-16234SUSE bug 1150452cpe:/o:opensuse:leap:15.1CVE-2019-16239openSUSE Leap 15.1
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
ModerateCVE-2019-16239SUSE bug 1151178cpe:/o:opensuse:leap:15.1CVE-2019-16254openSUSE Leap 15.1
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.
ModerateCVE-2019-16254SUSE bug 1152992SUSE bug 1165402cpe:/o:opensuse:leap:15.1CVE-2019-16255openSUSE Leap 15.1
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.
ImportantCVE-2019-16255SUSE bug 1152990cpe:/o:opensuse:leap:15.1CVE-2019-16275openSUSE Leap 15.1
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
ModerateCVE-2019-16275SUSE bug 1150934cpe:/o:opensuse:leap:15.1CVE-2019-16276openSUSE Leap 15.1
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
ModerateCVE-2019-16276SUSE bug 1152082cpe:/o:opensuse:leap:15.1CVE-2019-16319openSUSE Leap 15.1
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.
ModerateCVE-2019-16319SUSE bug 1150690cpe:/o:opensuse:leap:15.1CVE-2019-16328openSUSE Leap 15.1
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings.
ModerateCVE-2019-16328SUSE bug 1152987cpe:/o:opensuse:leap:15.1CVE-2019-16375openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious JavaScript code as an article body. This malicious code is executed when an agent composes an answer to the original article.
LowCVE-2019-16375SUSE bug 1153324SUSE bug 1156431cpe:/o:opensuse:leap:15.1CVE-2019-16680openSUSE Leap 15.1
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
LowCVE-2019-16680SUSE bug 1151585cpe:/o:opensuse:leap:15.1CVE-2019-16707openSUSE Leap 15.1
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.
ModerateCVE-2019-16707SUSE bug 1151867cpe:/o:opensuse:leap:15.1CVE-2019-16708openSUSE Leap 15.1
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
ModerateCVE-2019-16708SUSE bug 1151781cpe:/o:opensuse:leap:15.1CVE-2019-16709openSUSE Leap 15.1
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
ModerateCVE-2019-16709SUSE bug 1151782cpe:/o:opensuse:leap:15.1CVE-2019-16710openSUSE Leap 15.1
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
ModerateCVE-2019-16710SUSE bug 1151783cpe:/o:opensuse:leap:15.1CVE-2019-16711openSUSE Leap 15.1
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
ModerateCVE-2019-16711SUSE bug 1151784cpe:/o:opensuse:leap:15.1CVE-2019-16712openSUSE Leap 15.1
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
ModerateCVE-2019-16712SUSE bug 1151785cpe:/o:opensuse:leap:15.1CVE-2019-16713openSUSE Leap 15.1
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
ModerateCVE-2019-16713SUSE bug 1151786cpe:/o:opensuse:leap:15.1CVE-2019-16723openSUSE Leap 15.1
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
ModerateCVE-2019-16723SUSE bug 1151788cpe:/o:opensuse:leap:15.1CVE-2019-16746openSUSE Leap 15.1
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
ImportantCVE-2019-16746SUSE bug 1152107SUSE bug 1173659cpe:/o:opensuse:leap:15.1CVE-2019-16770openSUSE Leap 15.1
In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.
ImportantCVE-2019-16770SUSE bug 1158675SUSE bug 1188527cpe:/o:opensuse:leap:15.1CVE-2019-16775openSUSE Leap 15.1
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
ImportantCVE-2019-16775SUSE bug 1159352cpe:/o:opensuse:leap:15.1CVE-2019-16776openSUSE Leap 15.1
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
ImportantCVE-2019-16776SUSE bug 1159352cpe:/o:opensuse:leap:15.1CVE-2019-16777openSUSE Leap 15.1
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
ImportantCVE-2019-16777SUSE bug 1159352cpe:/o:opensuse:leap:15.1CVE-2019-16779openSUSE Leap 15.1
In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.
ModerateCVE-2019-16779SUSE bug 1159342cpe:/o:opensuse:leap:15.1CVE-2019-16782openSUSE Leap 15.1
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
ModerateCVE-2019-16782SUSE bug 1159548SUSE bug 1183174cpe:/o:opensuse:leap:15.1CVE-2019-16785openSUSE Leap 15.1
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.
ImportantCVE-2019-16785SUSE bug 1161088cpe:/o:opensuse:leap:15.1CVE-2019-16786openSUSE Leap 15.1
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.
ImportantCVE-2019-16786SUSE bug 1161089cpe:/o:opensuse:leap:15.1CVE-2019-16789openSUSE Leap 15.1
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.
ImportantCVE-2019-16789SUSE bug 1160790cpe:/o:opensuse:leap:15.1CVE-2019-16792openSUSE Leap 15.1
Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.
ModerateCVE-2019-16792SUSE bug 1161670cpe:/o:opensuse:leap:15.1CVE-2019-16884openSUSE Leap 15.1
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
ModerateCVE-2019-16884SUSE bug 1152308cpe:/o:opensuse:leap:15.1CVE-2019-16935openSUSE Leap 15.1
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
ModerateCVE-2019-16935SUSE bug 1153238cpe:/o:opensuse:leap:15.1CVE-2019-16994openSUSE Leap 15.1
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
ModerateCVE-2019-16994SUSE bug 1161523cpe:/o:opensuse:leap:15.1CVE-2019-16995openSUSE Leap 15.1
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
ModerateCVE-2019-16995SUSE bug 1152685cpe:/o:opensuse:leap:15.1CVE-2019-17005openSUSE Leap 15.1
The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17005SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17006openSUSE Leap 15.1
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
ModerateCVE-2019-17006SUSE bug 1159819cpe:/o:opensuse:leap:15.1CVE-2019-17008openSUSE Leap 15.1
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17008SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17009openSUSE Leap 15.1
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17009SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17010openSUSE Leap 15.1
Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17010SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17011openSUSE Leap 15.1
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17011SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17012openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
ModerateCVE-2019-17012SUSE bug 1158328cpe:/o:opensuse:leap:15.1CVE-2019-17015openSUSE Leap 15.1
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17015SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17016openSUSE Leap 15.1
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17016SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17017openSUSE Leap 15.1
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ImportantCVE-2019-17017SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17021openSUSE Leap 15.1
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17021SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17022openSUSE Leap 15.1
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17022SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17024openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
ModerateCVE-2019-17024SUSE bug 1160305cpe:/o:opensuse:leap:15.1CVE-2019-17026openSUSE Leap 15.1
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
ModerateCVE-2019-17026SUSE bug 1160498cpe:/o:opensuse:leap:15.1CVE-2019-17041openSUSE Leap 15.1
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
ModerateCVE-2019-17041SUSE bug 1153451SUSE bug 1198831cpe:/o:opensuse:leap:15.1CVE-2019-17042openSUSE Leap 15.1
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
ModerateCVE-2019-17042SUSE bug 1153459SUSE bug 1198831cpe:/o:opensuse:leap:15.1CVE-2019-17055openSUSE Leap 15.1
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
ModerateCVE-2019-17055SUSE bug 1152782cpe:/o:opensuse:leap:15.1CVE-2019-17056openSUSE Leap 15.1
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
ModerateCVE-2019-17056SUSE bug 1152788cpe:/o:opensuse:leap:15.1CVE-2019-17068openSUSE Leap 15.1
PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content.
ModerateCVE-2019-17068SUSE bug 1152753cpe:/o:opensuse:leap:15.1CVE-2019-17069openSUSE Leap 15.1
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
ModerateCVE-2019-17069SUSE bug 1152753cpe:/o:opensuse:leap:15.1CVE-2019-17113openSUSE Leap 15.1
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
ImportantCVE-2019-17113SUSE bug 1153102cpe:/o:opensuse:leap:15.1CVE-2019-17133openSUSE Leap 15.1
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
ImportantCVE-2019-17133SUSE bug 1153158SUSE bug 1153161cpe:/o:opensuse:leap:15.1CVE-2019-17177openSUSE Leap 15.1
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
ModerateCVE-2019-17177SUSE bug 1153163cpe:/o:opensuse:leap:15.1CVE-2019-17178openSUSE Leap 15.1
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
ModerateCVE-2019-17178SUSE bug 1153164cpe:/o:opensuse:leap:15.1CVE-2019-17185openSUSE Leap 15.1
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.
ImportantCVE-2019-17185SUSE bug 1166847cpe:/o:opensuse:leap:15.1CVE-2019-17349openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
ModerateCVE-2019-17349SUSE bug 1138294cpe:/o:opensuse:leap:15.1CVE-2019-17350openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
ModerateCVE-2019-17350SUSE bug 1138294cpe:/o:opensuse:leap:15.1CVE-2019-17357openSUSE Leap 15.1
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.
ImportantCVE-2019-17357SUSE bug 1158990cpe:/o:opensuse:leap:15.1CVE-2019-17358openSUSE Leap 15.1
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.
ModerateCVE-2019-17358SUSE bug 1158992cpe:/o:opensuse:leap:15.1CVE-2019-17361openSUSE Leap 15.1
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
ImportantCVE-2019-17361SUSE bug 1162504cpe:/o:opensuse:leap:15.1CVE-2019-17362openSUSE Leap 15.1
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
ModerateCVE-2019-17362SUSE bug 1153433cpe:/o:opensuse:leap:15.1CVE-2019-17450openSUSE Leap 15.1
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
ModerateCVE-2019-17450SUSE bug 1153770cpe:/o:opensuse:leap:15.1CVE-2019-17451openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.
ModerateCVE-2019-17451SUSE bug 1153768cpe:/o:opensuse:leap:15.1CVE-2019-17455openSUSE Leap 15.1
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
ImportantCVE-2019-17455SUSE bug 1153669cpe:/o:opensuse:leap:15.1CVE-2019-17498openSUSE Leap 15.1
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
ModerateCVE-2019-17498SUSE bug 1154862SUSE bug 1171566cpe:/o:opensuse:leap:15.1CVE-2019-17543openSUSE Leap 15.1
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."
ImportantCVE-2019-17543SUSE bug 1153936SUSE bug 1188549cpe:/o:opensuse:leap:15.1CVE-2019-17545openSUSE Leap 15.1
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
ImportantCVE-2019-17545SUSE bug 1153918cpe:/o:opensuse:leap:15.1CVE-2019-17563openSUSE Leap 15.1
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.
LowCVE-2019-17563SUSE bug 1159729cpe:/o:opensuse:leap:15.1CVE-2019-17566openSUSE Leap 15.1
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
ModerateCVE-2019-17566SUSE bug 1172961cpe:/o:opensuse:leap:15.1CVE-2019-17569openSUSE Leap 15.1
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
ModerateCVE-2019-17569SUSE bug 1164825cpe:/o:opensuse:leap:15.1CVE-2019-17571openSUSE Leap 15.1
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
CriticalCVE-2019-17571SUSE bug 1159646cpe:/o:opensuse:leap:15.1CVE-2019-17594openSUSE Leap 15.1
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
ModerateCVE-2019-17594SUSE bug 1154036cpe:/o:opensuse:leap:15.1CVE-2019-17595openSUSE Leap 15.1
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
ModerateCVE-2019-17595SUSE bug 1154037cpe:/o:opensuse:leap:15.1CVE-2019-17596openSUSE Leap 15.1
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
ModerateCVE-2019-17596SUSE bug 1154402cpe:/o:opensuse:leap:15.1CVE-2019-17626openSUSE Leap 15.1
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
ImportantCVE-2019-17626SUSE bug 1154370cpe:/o:opensuse:leap:15.1CVE-2019-17666openSUSE Leap 15.1
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
ModerateCVE-2019-17666SUSE bug 1154372cpe:/o:opensuse:leap:15.1CVE-2019-1785openSUSE Leap 15.1
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
ModerateCVE-2019-1785SUSE bug 1130721SUSE bug 1137508cpe:/o:opensuse:leap:15.1CVE-2019-1786openSUSE Leap 15.1
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1786SUSE bug 1130721SUSE bug 1137510cpe:/o:opensuse:leap:15.1CVE-2019-1787openSUSE Leap 15.1
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1787SUSE bug 1130721cpe:/o:opensuse:leap:15.1CVE-2019-1788openSUSE Leap 15.1
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.
ModerateCVE-2019-1788SUSE bug 1130721cpe:/o:opensuse:leap:15.1CVE-2019-1789openSUSE Leap 15.1
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
ModerateCVE-2019-1789SUSE bug 1130721cpe:/o:opensuse:leap:15.1CVE-2019-1798openSUSE Leap 15.1
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
ImportantCVE-2019-1798SUSE bug 1130721SUSE bug 1137513cpe:/o:opensuse:leap:15.1CVE-2019-18179openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.
ModerateCVE-2019-18179SUSE bug 1157001SUSE bug 1157523cpe:/o:opensuse:leap:15.1CVE-2019-18180openSUSE Leap 15.1
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions.
ModerateCVE-2019-18180SUSE bug 1157001SUSE bug 1157524cpe:/o:opensuse:leap:15.1CVE-2019-18197openSUSE Leap 15.1
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
ImportantCVE-2019-18197SUSE bug 1154609SUSE bug 1157028SUSE bug 1162833SUSE bug 1169511SUSE bug 1190108cpe:/o:opensuse:leap:15.1CVE-2019-18217openSUSE Leap 15.1
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
ModerateCVE-2019-18217SUSE bug 1154600cpe:/o:opensuse:leap:15.1CVE-2019-18218openSUSE Leap 15.1
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
CriticalCVE-2019-18218SUSE bug 1154661SUSE bug 1190368SUSE bug 1191838cpe:/o:opensuse:leap:15.1CVE-2019-18224openSUSE Leap 15.1
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
ModerateCVE-2019-18224SUSE bug 1154887cpe:/o:opensuse:leap:15.1CVE-2019-18277openSUSE Leap 15.1
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
ModerateCVE-2019-18277SUSE bug 1154980cpe:/o:opensuse:leap:15.1CVE-2019-18348openSUSE Leap 15.1
An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.
ModerateCVE-2019-18348SUSE bug 1155094cpe:/o:opensuse:leap:15.1CVE-2019-18359openSUSE Leap 15.1
A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service.
ModerateCVE-2019-18359SUSE bug 1154971cpe:/o:opensuse:leap:15.1CVE-2019-18388openSUSE Leap 15.1
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.
ModerateCVE-2019-18388SUSE bug 1159479cpe:/o:opensuse:leap:15.1CVE-2019-18389openSUSE Leap 15.1
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
ImportantCVE-2019-18389SUSE bug 1159482cpe:/o:opensuse:leap:15.1CVE-2019-18390openSUSE Leap 15.1
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
ModerateCVE-2019-18390SUSE bug 1159478cpe:/o:opensuse:leap:15.1CVE-2019-18391openSUSE Leap 15.1
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
ImportantCVE-2019-18391SUSE bug 1159486cpe:/o:opensuse:leap:15.1CVE-2019-18408openSUSE Leap 15.1
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
ModerateCVE-2019-18408SUSE bug 1155079cpe:/o:opensuse:leap:15.1CVE-2019-18420openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format character was done using BUG(), which crashes Xen. One path, via the VCPUOP_initialise hypercall, has a bad format character. The BUG() can be hit if VCPUOP_initialise executes for a sufficiently long period of time for a continuation to be created. Malicious guests may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen versions 4.6 and newer are vulnerable. Xen versions 4.5 and earlier are not vulnerable. Only x86 PV guests can exploit the vulnerability. HVM and PVH guests, and guests on ARM systems, cannot exploit the vulnerability.
ImportantCVE-2019-18420SUSE bug 1154448cpe:/o:opensuse:leap:15.1CVE-2019-18421openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen exposes the actual hardware pagetables to the guest. In order to prevent the guest from modifying these page tables directly, Xen keeps track of how pages are used using a type system; pages must be "promoted" before being used as a pagetable, and "demoted" before being used for any other type. Xen also allows for "recursive" promotions: i.e., an operating system promoting a page to an L4 pagetable may end up causing pages to be promoted to L3s, which may in turn cause pages to be promoted to L2s, and so on. These operations may take an arbitrarily large amount of time, and so must be re-startable. Unfortunately, making recursive pagetable promotion and demotion operations restartable is incredibly complicated, and the code contains several races which, if triggered, can cause Xen to drop or retain extra type counts, potentially allowing guests to get write access to in-use pagetables. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All x86 systems with untrusted PV guests are vulnerable. HVM and PVH guests cannot exercise this vulnerability.
ImportantCVE-2019-18421SUSE bug 1154458SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-18422openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled without changing processor level, some interrupts are unconditionally enabled during exception entry. So exceptions which occur when interrupts are masked will effectively unmask the interrupts. A malicious guest might contrive to arrange for critical Xen code to run with interrupts erroneously enabled. This could lead to data corruption, denial of service, or possibly even privilege escalation. However a precise attack technique has not been identified.
ImportantCVE-2019-18422SUSE bug 1154464cpe:/o:opensuse:leap:15.1CVE-2019-18423openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity check guest physical frame. The rest of the code in the two functions will assume that there is a valid root table and check that with BUG_ON(). The function p2m_get_root_pointer() will ignore the unused top bits of a guest physical frame. This means that the function p2m_set_entry() will alias the frame. However, p2m->max_mapped_gfn will be updated using the original frame. It would be possible to set p2m->max_mapped_gfn high enough to cover a frame that would lead p2m_get_root_pointer() to return NULL in p2m_get_entry() and p2m_resolve_translation_fault(). Additionally, the sanity check on p2m->max_mapped_gfn is off-by-one allowing "highest mapped + 1" to be considered valid. However, p2m_get_root_pointer() will return NULL. The problem could be triggered with a specially crafted hypercall XENMEM_add_to_physmap{, _batch} followed by an access to an address (via hypercall or direct access) that passes the sanity check but cause p2m_get_root_pointer() to return NULL. A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). Xen version 4.8 and newer are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected.
ImportantCVE-2019-18423SUSE bug 1154460cpe:/o:opensuse:leap:15.1CVE-2019-18424openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only target memory assigned to the guest. However, when the guest domain is torn down, or the device is deassigned, the device is assigned back to dom0, thus allowing any in-flight DMA to potentially target critical host data. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
ImportantCVE-2019-18424SUSE bug 1154461cpe:/o:opensuse:leap:15.1CVE-2019-18425openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performed by the emulating code. Such accesses should respect the guest specified limits, unless otherwise guaranteed to fail in such a case. Without this, emulation of 32-bit guest user mode calls through call gates would allow guest user mode to install and then use descriptors of their choice, as long as the guest kernel did not itself install an LDT. (Most OSes don't install any LDT by default). 32-bit PV guest user mode can elevate its privileges to that of the guest kernel. Xen versions from at least 3.2 onwards are affected. Only 32-bit PV guest user mode can leverage this vulnerability. HVM, PVH, as well as 64-bit PV guests cannot leverage this vulnerability. Arm systems are unaffected.
ImportantCVE-2019-18425SUSE bug 1154456SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-18466openSUSE Leap 15.1
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host.
ModerateCVE-2019-18466SUSE bug 1155217cpe:/o:opensuse:leap:15.1CVE-2019-18622openSUSE Leap 15.1
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
ModerateCVE-2019-18622SUSE bug 1157614SUSE bug 1158801cpe:/o:opensuse:leap:15.1CVE-2019-18634openSUSE Leap 15.1
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
CriticalCVE-2019-18634SUSE bug 1162202cpe:/o:opensuse:leap:15.1CVE-2019-18660openSUSE Leap 15.1
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
ModerateCVE-2019-18660SUSE bug 1157038SUSE bug 1157923cpe:/o:opensuse:leap:15.1CVE-2019-18676openSUSE Leap 15.1
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
ImportantCVE-2019-18676SUSE bug 1156329SUSE bug 1165586cpe:/o:opensuse:leap:15.1CVE-2019-18677openSUSE Leap 15.1
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
ImportantCVE-2019-18677SUSE bug 1156328cpe:/o:opensuse:leap:15.1CVE-2019-18678openSUSE Leap 15.1
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
ModerateCVE-2019-18678SUSE bug 1156323cpe:/o:opensuse:leap:15.1CVE-2019-18679openSUSE Leap 15.1
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
ModerateCVE-2019-18679SUSE bug 1156324cpe:/o:opensuse:leap:15.1CVE-2019-18683openSUSE Leap 15.1
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.
ImportantCVE-2019-18683SUSE bug 1155897SUSE bug 1173868cpe:/o:opensuse:leap:15.1CVE-2019-18802openSUSE Leap 15.1
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "example.com" matchers.
ImportantCVE-2019-18802SUSE bug 1159003cpe:/o:opensuse:leap:15.1CVE-2019-18804openSUSE Leap 15.1
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.
LowCVE-2019-18804SUSE bug 1156188cpe:/o:opensuse:leap:15.1CVE-2019-18805openSUSE Leap 15.1
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
LowCVE-2019-18805SUSE bug 1156187cpe:/o:opensuse:leap:15.1CVE-2019-18808openSUSE Leap 15.1
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
ModerateCVE-2019-18808SUSE bug 1156259SUSE bug 1189884SUSE bug 1190534cpe:/o:opensuse:leap:15.1CVE-2019-18809openSUSE Leap 15.1
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
ModerateCVE-2019-18809SUSE bug 1156258cpe:/o:opensuse:leap:15.1CVE-2019-18860openSUSE Leap 15.1
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
ModerateCVE-2019-18860SUSE bug 1167373cpe:/o:opensuse:leap:15.1CVE-2019-18897openSUSE Leap 15.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions.
ModerateCVE-2019-18897SUSE bug 1157465cpe:/o:opensuse:leap:15.1CVE-2019-18898openSUSE Leap 15.1
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.
ModerateCVE-2019-18898SUSE bug 1154062SUSE bug 1157651cpe:/o:opensuse:leap:15.1CVE-2019-18899openSUSE Leap 15.1
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.
ModerateCVE-2019-18899SUSE bug 1157703cpe:/o:opensuse:leap:15.1CVE-2019-18900openSUSE Leap 15.1
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.
ModerateCVE-2019-18900SUSE bug 1158763cpe:/o:opensuse:leap:15.1CVE-2019-18901openSUSE Leap 15.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.
ImportantCVE-2019-18901SUSE bug 1160285SUSE bug 1160895cpe:/o:opensuse:leap:15.1CVE-2019-18902openSUSE Leap 15.1
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.
ModerateCVE-2019-18902SUSE bug 1160903cpe:/o:opensuse:leap:15.1CVE-2019-18903openSUSE Leap 15.1
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.
ModerateCVE-2019-18903SUSE bug 1160904cpe:/o:opensuse:leap:15.1CVE-2019-18904openSUSE Leap 15.1
A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.
ImportantCVE-2019-18904SUSE bug 1160922cpe:/o:opensuse:leap:15.1CVE-2019-18905openSUSE Leap 15.1
A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux Enterprise Server 12 autoyast2 version 4.1.9-3.9.1 and prior versions. SUSE Linux Enterprise Server 15 autoyast2 version 4.0.70-3.20.1 and prior versions.
ModerateCVE-2019-18905SUSE bug 1140711cpe:/o:opensuse:leap:15.1CVE-2019-18932openSUSE Leap 15.1
log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations.
ModerateCVE-2019-18932SUSE bug 1150554SUSE bug 1156643cpe:/o:opensuse:leap:15.1CVE-2019-18934openSUSE Leap 15.1
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.
ImportantCVE-2019-18934SUSE bug 1157268cpe:/o:opensuse:leap:15.1CVE-2019-19036openSUSE Leap 15.1
btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
ModerateCVE-2019-19036SUSE bug 1157692cpe:/o:opensuse:leap:15.1CVE-2019-19045openSUSE Leap 15.1
A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.
ModerateCVE-2019-19045SUSE bug 1161522cpe:/o:opensuse:leap:15.1CVE-2019-19046openSUSE Leap 15.1
** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time.
ModerateCVE-2019-19046SUSE bug 1157304cpe:/o:opensuse:leap:15.1CVE-2019-19049openSUSE Leap 15.1
** DISPUTED ** A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot.
ModerateCVE-2019-19049SUSE bug 1157173cpe:/o:opensuse:leap:15.1CVE-2019-19051openSUSE Leap 15.1
A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.
ModerateCVE-2019-19051SUSE bug 1159024cpe:/o:opensuse:leap:15.1CVE-2019-19052openSUSE Leap 15.1
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
ModerateCVE-2019-19052SUSE bug 1157324cpe:/o:opensuse:leap:15.1CVE-2019-19054openSUSE Leap 15.1
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
ModerateCVE-2019-19054SUSE bug 1161518cpe:/o:opensuse:leap:15.1CVE-2019-19056openSUSE Leap 15.1
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.
ModerateCVE-2019-19056SUSE bug 1157197cpe:/o:opensuse:leap:15.1CVE-2019-19057openSUSE Leap 15.1
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
ModerateCVE-2019-19057SUSE bug 1157193SUSE bug 1157197cpe:/o:opensuse:leap:15.1CVE-2019-19058openSUSE Leap 15.1
A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.
ModerateCVE-2019-19058SUSE bug 1157145cpe:/o:opensuse:leap:15.1CVE-2019-19060openSUSE Leap 15.1
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
ModerateCVE-2019-19060SUSE bug 1157178cpe:/o:opensuse:leap:15.1CVE-2019-19062openSUSE Leap 15.1
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
ModerateCVE-2019-19062SUSE bug 1157333cpe:/o:opensuse:leap:15.1CVE-2019-19063openSUSE Leap 15.1
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
ModerateCVE-2019-19063SUSE bug 1157298cpe:/o:opensuse:leap:15.1CVE-2019-19065openSUSE Leap 15.1
** DISPUTED ** A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because "rhashtable_init() can only fail if it is passed invalid values in the second parameter's struct, but when invoked from sdma_init() that is a pointer to a static const struct, so an attacker could only trigger failure if they could corrupt kernel memory (in which case a small memory leak is not a significant problem)."
ImportantCVE-2019-19065SUSE bug 1157191SUSE bug 1173961cpe:/o:opensuse:leap:15.1CVE-2019-19066openSUSE Leap 15.1
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.
ModerateCVE-2019-19066SUSE bug 1157303cpe:/o:opensuse:leap:15.1CVE-2019-19067openSUSE Leap 15.1
** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.
ModerateCVE-2019-19067SUSE bug 1157180cpe:/o:opensuse:leap:15.1CVE-2019-19068openSUSE Leap 15.1
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.
ModerateCVE-2019-19068SUSE bug 1157307cpe:/o:opensuse:leap:15.1CVE-2019-19073openSUSE Leap 15.1
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.
ModerateCVE-2019-19073SUSE bug 1157070cpe:/o:opensuse:leap:15.1CVE-2019-19074openSUSE Leap 15.1
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
ModerateCVE-2019-19074SUSE bug 1157143cpe:/o:opensuse:leap:15.1CVE-2019-19075openSUSE Leap 15.1
A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.
LowCVE-2019-19075SUSE bug 1157162SUSE bug 1173958cpe:/o:opensuse:leap:15.1CVE-2019-19077openSUSE Leap 15.1
A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.
ModerateCVE-2019-19077SUSE bug 1157171cpe:/o:opensuse:leap:15.1CVE-2019-19078openSUSE Leap 15.1
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.
ModerateCVE-2019-19078SUSE bug 1157032cpe:/o:opensuse:leap:15.1CVE-2019-19080openSUSE Leap 15.1
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.
ModerateCVE-2019-19080SUSE bug 1157044cpe:/o:opensuse:leap:15.1CVE-2019-19081openSUSE Leap 15.1
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.
ModerateCVE-2019-19081SUSE bug 1157045cpe:/o:opensuse:leap:15.1CVE-2019-19082openSUSE Leap 15.1
Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.
ModerateCVE-2019-19082SUSE bug 1157046cpe:/o:opensuse:leap:15.1CVE-2019-19083openSUSE Leap 15.1
Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.
ModerateCVE-2019-19083SUSE bug 1157049cpe:/o:opensuse:leap:15.1CVE-2019-19118openSUSE Leap 15.1
Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)
ModerateCVE-2019-19118SUSE bug 1157705cpe:/o:opensuse:leap:15.1CVE-2019-19191openSUSE Leap 15.1
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
ModerateCVE-2019-19191SUSE bug 1154062SUSE bug 1157471cpe:/o:opensuse:leap:15.1CVE-2019-19227openSUSE Leap 15.1
In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.
ModerateCVE-2019-19227SUSE bug 1157678cpe:/o:opensuse:leap:15.1CVE-2019-19269openSUSE Leap 15.1
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
ModerateCVE-2019-19269SUSE bug 1157803cpe:/o:opensuse:leap:15.1CVE-2019-19270openSUSE Leap 15.1
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
ModerateCVE-2019-19270SUSE bug 1157798cpe:/o:opensuse:leap:15.1CVE-2019-19274openSUSE Leap 15.1
typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)
ModerateCVE-2019-19274SUSE bug 1161562cpe:/o:opensuse:leap:15.1CVE-2019-19275openSUSE Leap 15.1
typed_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that parses (but does not execute) Python code. (This issue also affected certain Python 3.8.0-alpha prereleases.)
ModerateCVE-2019-19275SUSE bug 1161563cpe:/o:opensuse:leap:15.1CVE-2019-19318openSUSE Leap 15.1
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,
ModerateCVE-2019-19318SUSE bug 1158026cpe:/o:opensuse:leap:15.1CVE-2019-19319openSUSE Leap 15.1
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.
ModerateCVE-2019-19319SUSE bug 1158021cpe:/o:opensuse:leap:15.1CVE-2019-19332openSUSE Leap 15.1
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
ModerateCVE-2019-19332SUSE bug 1158827cpe:/o:opensuse:leap:15.1CVE-2019-19338openSUSE Leap 15.1
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.
ModerateCVE-2019-19338SUSE bug 1158954cpe:/o:opensuse:leap:15.1CVE-2019-19344openSUSE Leap 15.1
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
ModerateCVE-2019-19344SUSE bug 1160852cpe:/o:opensuse:leap:15.1CVE-2019-19447openSUSE Leap 15.1
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
ImportantCVE-2019-19447SUSE bug 1158819SUSE bug 1173869cpe:/o:opensuse:leap:15.1CVE-2019-19451openSUSE Leap 15.1
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3.
LowCVE-2019-19451SUSE bug 1158194cpe:/o:opensuse:leap:15.1CVE-2019-19462openSUSE Leap 15.1
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
LowCVE-2019-19462SUSE bug 1158265cpe:/o:opensuse:leap:15.1CVE-2019-19523openSUSE Leap 15.1
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.
ModerateCVE-2019-19523SUSE bug 1158381SUSE bug 1158823SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19524openSUSE Leap 15.1
In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.
LowCVE-2019-19524SUSE bug 1158381SUSE bug 1158413SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19525openSUSE Leap 15.1
In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.
ModerateCVE-2019-19525SUSE bug 1158381SUSE bug 1158417SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19526openSUSE Leap 15.1
In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.
ModerateCVE-2019-19526SUSE bug 1158381SUSE bug 1158834SUSE bug 1158893cpe:/o:opensuse:leap:15.1CVE-2019-19527openSUSE Leap 15.1
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
ModerateCVE-2019-19527SUSE bug 1158381SUSE bug 1158834SUSE bug 1158900cpe:/o:opensuse:leap:15.1CVE-2019-19528openSUSE Leap 15.1
In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d.
ModerateCVE-2019-19528SUSE bug 1158381SUSE bug 1158407SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19529openSUSE Leap 15.1
In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41.
ModerateCVE-2019-19529SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19530openSUSE Leap 15.1
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.
ModerateCVE-2019-19530SUSE bug 1158381SUSE bug 1158410SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19531openSUSE Leap 15.1
In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.
LowCVE-2019-19531SUSE bug 1158381SUSE bug 1158427SUSE bug 1158445SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19532openSUSE Leap 15.1
In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.
ModerateCVE-2019-19532SUSE bug 1158381SUSE bug 1158823SUSE bug 1158824SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19533openSUSE Leap 15.1
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
ModerateCVE-2019-19533SUSE bug 1158381SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19534openSUSE Leap 15.1
In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.
LowCVE-2019-19534SUSE bug 1158381SUSE bug 1158398SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19535openSUSE Leap 15.1
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.
ModerateCVE-2019-19535SUSE bug 1158381SUSE bug 1158834SUSE bug 1158903cpe:/o:opensuse:leap:15.1CVE-2019-19536openSUSE Leap 15.1
In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0.
LowCVE-2019-19536SUSE bug 1158381SUSE bug 1158394SUSE bug 1158834cpe:/o:opensuse:leap:15.1CVE-2019-19537openSUSE Leap 15.1
In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c.
ModerateCVE-2019-19537SUSE bug 1158381SUSE bug 1158834SUSE bug 1158904cpe:/o:opensuse:leap:15.1CVE-2019-19543openSUSE Leap 15.1
In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
LowCVE-2019-19543SUSE bug 1158427cpe:/o:opensuse:leap:15.1CVE-2019-19553openSUSE Leap 15.1
In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.
ImportantCVE-2019-19553SUSE bug 1158505cpe:/o:opensuse:leap:15.1CVE-2019-19577openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number of levels of pagetables (the pagetable height) in the IOMMU according to the guest's address space size. The code to select and update the height had several bugs. Notably, the update was done without taking a lock which is necessary for safe operation. A malicious guest administrator can cause Xen to access data structures while they are being modified, causing Xen to crash. Privilege escalation is thought to be very difficult but cannot be ruled out. Additionally, there is a potential memory leak of 4kb per guest boot, under memory pressure. Only Xen on AMD CPUs is vulnerable. Xen running on Intel CPUs is not vulnerable. ARM systems are not vulnerable. Only systems where guests are given direct access to physical devices are vulnerable. Systems which do not use PCI pass-through are not vulnerable. Only HVM guests can exploit the vulnerability. PV and PVH guests cannot. All versions of Xen with IOMMU support are vulnerable.
ImportantCVE-2019-19577SUSE bug 1158007cpe:/o:opensuse:leap:15.1CVE-2019-19578openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either *point to* other pages of the same level, or *be pointed to* by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.
ImportantCVE-2019-19578SUSE bug 1158005SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-19579openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies on the use of libxl's "assignable-add" feature to prepare devices to be assigned to untrusted guests. Unfortunately, this is not considered a strictly required step for device assignment. The PCI passthrough documentation on the wiki describes alternate ways of preparing devices for assignment, and libvirt uses its own ways as well. Hosts where these "alternate" methods are used will still leave the system in a vulnerable state after the device comes back from a guest. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.
ModerateCVE-2019-19579SUSE bug 1157888cpe:/o:opensuse:leap:15.1CVE-2019-19580openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice.
ModerateCVE-2019-19580SUSE bug 1158006SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-19581openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On 32-bit Arm accesses to bitmaps with bit a count which is a multiple of 32, an out of bounds access may occur. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. 32-bit Arm systems are vulnerable. 64-bit Arm systems are not vulnerable.
ModerateCVE-2019-19581SUSE bug 1158003cpe:/o:opensuse:leap:15.1CVE-2019-19582openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which may misbehave in certain corner cases: On x86 accesses to bitmaps with a compile time known size of 64 may incur undefined behavior, which may in particular result in infinite loops. A malicious guest may cause a hypervisor crash or hang, resulting in a Denial of Service (DoS). All versions of Xen are vulnerable. x86 systems with 64 or more nodes are vulnerable (there might not be any such systems that Xen would run on). x86 systems with less than 64 nodes are not vulnerable.
ModerateCVE-2019-19582SUSE bug 1158003cpe:/o:opensuse:leap:15.1CVE-2019-19583openSUSE Leap 15.1
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for #DB interception. The VMX VMEntry checks do not like the exact combination of state which occurs when #DB in intercepted, Single Stepping is active, and blocked by STI/MovSS is active, despite this being a legitimate state to be in. The resulting VMEntry failure is fatal to the guest. HVM/PVH guest userspace code may be able to crash the guest, resulting in a guest Denial of Service. All versions of Xen are affected. Only systems supporting VMX hardware virtual extensions (Intel, Cyrix, or Zhaoxin CPUs) are affected. Arm and AMD systems are unaffected. Only HVM/PVH guests are affected. PV guests cannot leverage the vulnerability.
ModerateCVE-2019-19583SUSE bug 1158004SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-19604openSUSE Leap 15.1
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.
CriticalCVE-2019-19604SUSE bug 1158785SUSE bug 1158795cpe:/o:opensuse:leap:15.1CVE-2019-19724openSUSE Leap 15.1
Insecure permissions (777) are set on $HOME/.singularity when it is newly created by Singularity (version from 3.3.0 to 3.5.1), which could lead to an information leak, and malicious redirection of operations performed against Sylabs cloud services.
ModerateCVE-2019-19724SUSE bug 1159550cpe:/o:opensuse:leap:15.1CVE-2019-19725openSUSE Leap 15.1
sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.
LowCVE-2019-19725SUSE bug 1159104cpe:/o:opensuse:leap:15.1CVE-2019-19727openSUSE Leap 15.1
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions.
ModerateCVE-2019-19727SUSE bug 1155784cpe:/o:opensuse:leap:15.1CVE-2019-19728openSUSE Leap 15.1
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges.
ModerateCVE-2019-19728SUSE bug 1155784SUSE bug 1159692cpe:/o:opensuse:leap:15.1CVE-2019-19767openSUSE Leap 15.1
The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.
ModerateCVE-2019-19767SUSE bug 1159297cpe:/o:opensuse:leap:15.1CVE-2019-19768openSUSE Leap 15.1
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
ModerateCVE-2019-19768SUSE bug 1159285cpe:/o:opensuse:leap:15.1CVE-2019-19770openSUSE Leap 15.1
** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.
ModerateCVE-2019-19770SUSE bug 1159198SUSE bug 1171295cpe:/o:opensuse:leap:15.1CVE-2019-19880openSUSE Leap 15.1
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
ModerateCVE-2019-19880SUSE bug 1159491SUSE bug 1159715SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2019-19917openSUSE Leap 15.1
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
ModerateCVE-2019-19917SUSE bug 1159714cpe:/o:opensuse:leap:15.1CVE-2019-19918openSUSE Leap 15.1
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
ModerateCVE-2019-19918SUSE bug 1159713cpe:/o:opensuse:leap:15.1CVE-2019-19921openSUSE Leap 15.1
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
ModerateCVE-2019-19921SUSE bug 1160452cpe:/o:opensuse:leap:15.1CVE-2019-19923openSUSE Leap 15.1
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
ModerateCVE-2019-19923SUSE bug 1160309SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2019-19925openSUSE Leap 15.1
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
LowCVE-2019-19925SUSE bug 1159847SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2019-19926openSUSE Leap 15.1
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
ImportantCVE-2019-19926SUSE bug 1159491SUSE bug 1159715SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2019-19927openSUSE Leap 15.1
In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.
ModerateCVE-2019-19927SUSE bug 1160147cpe:/o:opensuse:leap:15.1CVE-2019-19948openSUSE Leap 15.1
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
ImportantCVE-2019-19948SUSE bug 1159861cpe:/o:opensuse:leap:15.1CVE-2019-19949openSUSE Leap 15.1
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
ModerateCVE-2019-19949SUSE bug 1160369cpe:/o:opensuse:leap:15.1CVE-2019-19950openSUSE Leap 15.1
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
ModerateCVE-2019-19950SUSE bug 1159852cpe:/o:opensuse:leap:15.1CVE-2019-19951openSUSE Leap 15.1
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
ModerateCVE-2019-19951SUSE bug 1160321cpe:/o:opensuse:leap:15.1CVE-2019-19953openSUSE Leap 15.1
In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
ModerateCVE-2019-19953SUSE bug 1160364cpe:/o:opensuse:leap:15.1CVE-2019-19956openSUSE Leap 15.1
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
ModerateCVE-2019-19956SUSE bug 1159928SUSE bug 1191860cpe:/o:opensuse:leap:15.1CVE-2019-19965openSUSE Leap 15.1
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
ModerateCVE-2019-19965SUSE bug 1159911cpe:/o:opensuse:leap:15.1CVE-2019-19966openSUSE Leap 15.1
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
LowCVE-2019-19966SUSE bug 1159841cpe:/o:opensuse:leap:15.1CVE-2019-20009openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
ModerateCVE-2019-20009SUSE bug 1159824cpe:/o:opensuse:leap:15.1CVE-2019-20010openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
ModerateCVE-2019-20010SUSE bug 1159825cpe:/o:opensuse:leap:15.1CVE-2019-20011openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
ModerateCVE-2019-20011SUSE bug 1159826SUSE bug 1174236cpe:/o:opensuse:leap:15.1CVE-2019-20012openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
ModerateCVE-2019-20012SUSE bug 1159827cpe:/o:opensuse:leap:15.1CVE-2019-20013openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
ModerateCVE-2019-20013SUSE bug 1159828cpe:/o:opensuse:leap:15.1CVE-2019-20014openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
ModerateCVE-2019-20014SUSE bug 1159831cpe:/o:opensuse:leap:15.1CVE-2019-20015openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
ModerateCVE-2019-20015SUSE bug 1159832cpe:/o:opensuse:leap:15.1CVE-2019-20021openSUSE Leap 15.1
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
ModerateCVE-2019-20021SUSE bug 1159833cpe:/o:opensuse:leap:15.1CVE-2019-20053openSUSE Leap 15.1
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
ModerateCVE-2019-20053SUSE bug 1159920cpe:/o:opensuse:leap:15.1CVE-2019-20054openSUSE Leap 15.1
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
ModerateCVE-2019-20054SUSE bug 1159910cpe:/o:opensuse:leap:15.1CVE-2019-20095openSUSE Leap 15.1
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.
ImportantCVE-2019-20095SUSE bug 1159909SUSE bug 1159914cpe:/o:opensuse:leap:15.1CVE-2019-20096openSUSE Leap 15.1
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
ModerateCVE-2019-20096SUSE bug 1159908cpe:/o:opensuse:leap:15.1CVE-2019-20367openSUSE Leap 15.1
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
ModerateCVE-2019-20367SUSE bug 1160551cpe:/o:opensuse:leap:15.1CVE-2019-20372openSUSE Leap 15.1
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
ModerateCVE-2019-20372SUSE bug 1160682cpe:/o:opensuse:leap:15.1CVE-2019-20382openSUSE Leap 15.1
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
ModerateCVE-2019-20382SUSE bug 1165776cpe:/o:opensuse:leap:15.1CVE-2019-20386openSUSE Leap 15.1
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
LowCVE-2019-20386SUSE bug 1161436cpe:/o:opensuse:leap:15.1CVE-2019-20388openSUSE Leap 15.1
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
LowCVE-2019-20388SUSE bug 1161521SUSE bug 1191860cpe:/o:opensuse:leap:15.1CVE-2019-20446openSUSE Leap 15.1
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
ModerateCVE-2019-20446SUSE bug 1162501cpe:/o:opensuse:leap:15.1CVE-2019-20479openSUSE Leap 15.1
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
ModerateCVE-2019-20479SUSE bug 1164459cpe:/o:opensuse:leap:15.1CVE-2019-20503openSUSE Leap 15.1
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
ImportantCVE-2019-20503SUSE bug 1166238SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2019-20637openSUSE Leap 15.1
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connection workspace, such as data structures associated with previous requests within this connection or VCL-related temporary headers.
ModerateCVE-2019-20637SUSE bug 1169040cpe:/o:opensuse:leap:15.1CVE-2019-20787openSUSE Leap 15.1
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
CriticalCVE-2019-20787SUSE bug 1170253cpe:/o:opensuse:leap:15.1CVE-2019-20788openSUSE Leap 15.1
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
ImportantCVE-2019-20788SUSE bug 1170441SUSE bug 1173698cpe:/o:opensuse:leap:15.1CVE-2019-20797openSUSE Leap 15.1
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
ModerateCVE-2019-20797SUSE bug 1171974cpe:/o:opensuse:leap:15.1CVE-2019-20806openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.
LowCVE-2019-20806SUSE bug 1172199cpe:/o:opensuse:leap:15.1CVE-2019-20807openSUSE Leap 15.1
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
ModerateCVE-2019-20807SUSE bug 1172225cpe:/o:opensuse:leap:15.1CVE-2019-20810openSUSE Leap 15.1
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
LowCVE-2019-20810SUSE bug 1172458cpe:/o:opensuse:leap:15.1CVE-2019-20812openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in net/packet/af_packet.c can result in a denial of service (CPU consumption and soft lockup) in a certain failure case involving TPACKET_V3, aka CID-b43d1f9f7067.
ModerateCVE-2019-20812SUSE bug 1172453cpe:/o:opensuse:leap:15.1CVE-2019-20839openSUSE Leap 15.1
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
ImportantCVE-2019-20839SUSE bug 1173477SUSE bug 1173875cpe:/o:opensuse:leap:15.1CVE-2019-20840openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
ImportantCVE-2019-20840SUSE bug 1173477SUSE bug 1173876cpe:/o:opensuse:leap:15.1CVE-2019-20907openSUSE Leap 15.1
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
ModerateCVE-2019-20907SUSE bug 1174091cpe:/o:opensuse:leap:15.1CVE-2019-20908openSUSE Leap 15.1
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
ImportantCVE-2019-20908SUSE bug 1173567SUSE bug 1174187cpe:/o:opensuse:leap:15.1CVE-2019-20916openSUSE Leap 15.1
The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.
ModerateCVE-2019-20916SUSE bug 1176262cpe:/o:opensuse:leap:15.1CVE-2019-20919openSUSE Leap 15.1
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
ImportantCVE-2019-20919SUSE bug 1176764cpe:/o:opensuse:leap:15.1CVE-2019-20934openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
ImportantCVE-2019-20934SUSE bug 1179663SUSE bug 1179666cpe:/o:opensuse:leap:15.1CVE-2019-2126openSUSE Leap 15.1
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-127702368.
ImportantCVE-2019-2126SUSE bug 1160611cpe:/o:opensuse:leap:15.1CVE-2019-2201openSUSE Leap 15.1
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338
ImportantCVE-2019-2201SUSE bug 1156402cpe:/o:opensuse:leap:15.1CVE-2019-2435openSUSE Leap 15.1
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).
ImportantCVE-2019-2435SUSE bug 1122198SUSE bug 1122204cpe:/o:opensuse:leap:15.1CVE-2019-2446openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2019-2446SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2448openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2019-2448SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2450openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2450SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2451openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2451SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2508openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2019-2508SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2509openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2019-2509SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2511openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SOAP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2019-2511SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2525openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2525SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2527openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.26 and prior to 6.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2019-2527SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2554openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2554SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2555openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2555SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2556openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2556SUSE bug 1122212cpe:/o:opensuse:leap:15.1CVE-2019-2574openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2574SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2614openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2614SUSE bug 1132826SUSE bug 1136035SUSE bug 1141798cpe:/o:opensuse:leap:15.1CVE-2019-2627openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2627SUSE bug 1132826SUSE bug 1136035SUSE bug 1141798cpe:/o:opensuse:leap:15.1CVE-2019-2628openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2628SUSE bug 1136035cpe:/o:opensuse:leap:15.1CVE-2019-2656openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2656SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2657openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
ImportantCVE-2019-2657SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2678openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2678SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2679openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H).
ImportantCVE-2019-2679SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2680openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2680SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2690openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2690SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2696openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2696SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2703openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2703SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2721openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2721SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2722openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2722SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2723openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2019-2723SUSE bug 1132827cpe:/o:opensuse:leap:15.1CVE-2019-2737openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2737SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2739openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2019-2739SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2740openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2740SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2745openSUSE Leap 15.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
ModerateCVE-2019-2745SUSE bug 1141784cpe:/o:opensuse:leap:15.1CVE-2019-2758openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2019-2758SUSE bug 1141798SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2762openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2762SUSE bug 1141782SUSE bug 1147021cpe:/o:opensuse:leap:15.1CVE-2019-2766openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2766SUSE bug 1141789SUSE bug 1147021cpe:/o:opensuse:leap:15.1CVE-2019-2769openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2769SUSE bug 1141783SUSE bug 1147021cpe:/o:opensuse:leap:15.1CVE-2019-2786openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).
ModerateCVE-2019-2786SUSE bug 1141787SUSE bug 1147021cpe:/o:opensuse:leap:15.1CVE-2019-2805openSUSE Leap 15.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2805SUSE bug 1132826SUSE bug 1141798SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2816openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2019-2816SUSE bug 1141785SUSE bug 1147021cpe:/o:opensuse:leap:15.1CVE-2019-2818openSUSE Leap 15.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2818SUSE bug 1141788cpe:/o:opensuse:leap:15.1CVE-2019-2821openSUSE Leap 15.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).
ModerateCVE-2019-2821SUSE bug 1141781cpe:/o:opensuse:leap:15.1CVE-2019-2842openSUSE Leap 15.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2842SUSE bug 1141786cpe:/o:opensuse:leap:15.1CVE-2019-2848openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2019-2848SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2850openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).
LowCVE-2019-2850SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2859openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2859SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2863openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2863SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2864openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2864SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2865openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2865SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2866openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2866SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2867openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2019-2867SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2873openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2019-2873SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2874openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2019-2874SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2875openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2019-2875SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2876openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
LowCVE-2019-2876SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2877openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2019-2877SUSE bug 1141801cpe:/o:opensuse:leap:15.1CVE-2019-2894openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2894SUSE bug 1152856SUSE bug 1154212cpe:/o:opensuse:leap:15.1CVE-2019-2933openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2019-2933SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2938openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2019-2938SUSE bug 1154162SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2945openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2945SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2949openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2019-2949SUSE bug 1154212SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2019-2958openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
ModerateCVE-2019-2958SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2962openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2962SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2964openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2964SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2973openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2973SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2974openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ImportantCVE-2019-2974SUSE bug 1154162SUSE bug 1156669cpe:/o:opensuse:leap:15.1CVE-2019-2975openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
ModerateCVE-2019-2975SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2977openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.8 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L).
ModerateCVE-2019-2977SUSE bug 1154212cpe:/o:opensuse:leap:15.1CVE-2019-2978openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2978SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2981openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2981SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2983openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2983SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2987openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2987SUSE bug 1154212cpe:/o:opensuse:leap:15.1CVE-2019-2988openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2988SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2989openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N).
ModerateCVE-2019-2989SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2992openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2019-2992SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-2999openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).
ModerateCVE-2019-2999SUSE bug 1154212SUSE bug 1158442cpe:/o:opensuse:leap:15.1CVE-2019-3681openSUSE Leap 15.1
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .
ModerateCVE-2019-3681SUSE bug 1122675cpe:/o:opensuse:leap:15.1CVE-2019-3685openSUSE Leap 15.1
Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary
ImportantCVE-2019-3685SUSE bug 1142518SUSE bug 1142662cpe:/o:opensuse:leap:15.1CVE-2019-3687openSUSE Leap 15.1
The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.
ModerateCVE-2019-3687SUSE bug 1148788SUSE bug 1180102cpe:/o:opensuse:leap:15.1CVE-2019-3688openSUSE Leap 15.1
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
ModerateCVE-2019-3688SUSE bug 1093414SUSE bug 1149108cpe:/o:opensuse:leap:15.1CVE-2019-3689openSUSE Leap 15.1
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.
ImportantCVE-2019-3689SUSE bug 1150733cpe:/o:opensuse:leap:15.1CVE-2019-3690openSUSE Leap 15.1
The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.
ModerateCVE-2019-3690SUSE bug 1148336SUSE bug 1150734SUSE bug 1157880SUSE bug 1157883SUSE bug 1160594SUSE bug 1160764SUSE bug 1163922cpe:/o:opensuse:leap:15.1CVE-2019-3691openSUSE Leap 15.1
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.
ImportantCVE-2019-3691SUSE bug 1154062SUSE bug 1155075cpe:/o:opensuse:leap:15.1CVE-2019-3692openSUSE Leap 15.1
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.
ImportantCVE-2019-3692SUSE bug 1154062SUSE bug 1154302cpe:/o:opensuse:leap:15.1CVE-2019-3693openSUSE Leap 15.1
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.
ImportantCVE-2019-3693SUSE bug 1154328cpe:/o:opensuse:leap:15.1CVE-2019-3695openSUSE Leap 15.1
A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.
ModerateCVE-2019-3695SUSE bug 1152533SUSE bug 1152763SUSE bug 1154062cpe:/o:opensuse:leap:15.1CVE-2019-3696openSUSE Leap 15.1
A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.
ModerateCVE-2019-3696SUSE bug 1152533SUSE bug 1153921SUSE bug 1154062cpe:/o:opensuse:leap:15.1CVE-2019-3698openSUSE Leap 15.1
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.
ModerateCVE-2019-3698SUSE bug 1150550SUSE bug 1156309cpe:/o:opensuse:leap:15.1CVE-2019-3701openSUSE Leap 15.1
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames.
ModerateCVE-2019-3701SUSE bug 1120386cpe:/o:opensuse:leap:15.1CVE-2019-3820openSUSE Leap 15.1
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
ModerateCVE-2019-3820SUSE bug 1124493cpe:/o:opensuse:leap:15.1CVE-2019-3828openSUSE Leap 15.1
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.
ModerateCVE-2019-3828SUSE bug 1126503SUSE bug 1164137cpe:/o:opensuse:leap:15.1CVE-2019-3835openSUSE Leap 15.1
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
ImportantCVE-2019-3835SUSE bug 1129180cpe:/o:opensuse:leap:15.1CVE-2019-3839openSUSE Leap 15.1
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
ImportantCVE-2019-3839SUSE bug 1134156cpe:/o:opensuse:leap:15.1CVE-2019-3846openSUSE Leap 15.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
ImportantCVE-2019-3846SUSE bug 1136424SUSE bug 1136446SUSE bug 1156330cpe:/o:opensuse:leap:15.1CVE-2019-3855openSUSE Leap 15.1
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3855SUSE bug 1128471SUSE bug 1134329SUSE bug 1135434SUSE bug 1141850cpe:/o:opensuse:leap:15.1CVE-2019-3856openSUSE Leap 15.1
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3856SUSE bug 1128472SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3857openSUSE Leap 15.1
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
ModerateCVE-2019-3857SUSE bug 1128474SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3858openSUSE Leap 15.1
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3858SUSE bug 1128476SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3859openSUSE Leap 15.1
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3859SUSE bug 1128480SUSE bug 1130103SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3860openSUSE Leap 15.1
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3860SUSE bug 1128481SUSE bug 1135434SUSE bug 1136570cpe:/o:opensuse:leap:15.1CVE-2019-3861openSUSE Leap 15.1
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3861SUSE bug 1128490SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3862openSUSE Leap 15.1
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
ModerateCVE-2019-3862SUSE bug 1128492SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3863openSUSE Leap 15.1
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
ModerateCVE-2019-3863SUSE bug 1128493SUSE bug 1130103SUSE bug 1135434cpe:/o:opensuse:leap:15.1CVE-2019-3881openSUSE Leap 15.1
Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed.
ModerateCVE-2019-3881SUSE bug 1143436cpe:/o:opensuse:leap:15.1CVE-2019-3882openSUSE Leap 15.1
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
ModerateCVE-2019-3882SUSE bug 1131416SUSE bug 1131427SUSE bug 1133319cpe:/o:opensuse:leap:15.1CVE-2019-3902openSUSE Leap 15.1
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
ModerateCVE-2019-3902SUSE bug 1133035cpe:/o:opensuse:leap:15.1CVE-2019-5008openSUSE Leap 15.1
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.
ModerateCVE-2019-5008SUSE bug 1133031cpe:/o:opensuse:leap:15.1CVE-2019-5010openSUSE Leap 15.1
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.
ImportantCVE-2019-5010SUSE bug 1122191SUSE bug 1126909cpe:/o:opensuse:leap:15.1CVE-2019-5021openSUSE Leap 15.1
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechanism which uses the system shadow file as an authentication database, may accept a NULL password for the `root` user.
CriticalCVE-2019-5021SUSE bug 1134524SUSE bug 1137143SUSE bug 1193577cpe:/o:opensuse:leap:15.1CVE-2019-5051openSUSE Leap 15.1
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
ModerateCVE-2019-5051SUSE bug 1140419cpe:/o:opensuse:leap:15.1CVE-2019-5052openSUSE Leap 15.1
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
ModerateCVE-2019-5052SUSE bug 1140421cpe:/o:opensuse:leap:15.1CVE-2019-5057openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
ModerateCVE-2019-5057SUSE bug 1143763cpe:/o:opensuse:leap:15.1CVE-2019-5058openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
ModerateCVE-2019-5058SUSE bug 1143764cpe:/o:opensuse:leap:15.1CVE-2019-5059openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
ModerateCVE-2019-5059SUSE bug 1143766cpe:/o:opensuse:leap:15.1CVE-2019-5060openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
ImportantCVE-2019-5060SUSE bug 1143768cpe:/o:opensuse:leap:15.1CVE-2019-5068openSUSE Leap 15.1
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
ModerateCVE-2019-5068SUSE bug 1156015cpe:/o:opensuse:leap:15.1CVE-2019-5094openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
ModerateCVE-2019-5094SUSE bug 1152101cpe:/o:opensuse:leap:15.1CVE-2019-5163openSUSE Leap 15.1
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
ModerateCVE-2019-5163SUSE bug 1158251cpe:/o:opensuse:leap:15.1CVE-2019-5164openSUSE Leap 15.1
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.
ModerateCVE-2019-5164SUSE bug 1158365cpe:/o:opensuse:leap:15.1CVE-2019-5188openSUSE Leap 15.1
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
ModerateCVE-2019-5188SUSE bug 1160571cpe:/o:opensuse:leap:15.1CVE-2019-5418openSUSE Leap 15.1
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
ModerateCVE-2019-5418SUSE bug 1129272cpe:/o:opensuse:leap:15.1CVE-2019-5419openSUSE Leap 15.1
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
ModerateCVE-2019-5419SUSE bug 1129271cpe:/o:opensuse:leap:15.1CVE-2019-5420openSUSE Leap 15.1
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
ImportantCVE-2019-5420SUSE bug 1129268cpe:/o:opensuse:leap:15.1CVE-2019-5436openSUSE Leap 15.1
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
ImportantCVE-2019-5436SUSE bug 1135170SUSE bug 1149496SUSE bug 1154162cpe:/o:opensuse:leap:15.1CVE-2019-5439openSUSE Leap 15.1
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
ModerateCVE-2019-5439SUSE bug 1138354cpe:/o:opensuse:leap:15.1CVE-2019-5459openSUSE Leap 15.1
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
ModerateCVE-2019-5459SUSE bug 1143549cpe:/o:opensuse:leap:15.1CVE-2019-5460openSUSE Leap 15.1
Double Free in VLC versions <= 3.0.6 leads to a crash.
ModerateCVE-2019-5460SUSE bug 1143547cpe:/o:opensuse:leap:15.1CVE-2019-5481openSUSE Leap 15.1
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
ModerateCVE-2019-5481SUSE bug 1149495cpe:/o:opensuse:leap:15.1CVE-2019-5482openSUSE Leap 15.1
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
ImportantCVE-2019-5482SUSE bug 1149496cpe:/o:opensuse:leap:15.1CVE-2019-5489openSUSE Leap 15.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
ModerateCVE-2019-5489SUSE bug 1120843SUSE bug 1120885cpe:/o:opensuse:leap:15.1CVE-2019-5716openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.
ModerateCVE-2019-5716SUSE bug 1121231cpe:/o:opensuse:leap:15.1CVE-2019-5717openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.
ModerateCVE-2019-5717SUSE bug 1121232cpe:/o:opensuse:leap:15.1CVE-2019-5718openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.
ModerateCVE-2019-5718SUSE bug 1121233cpe:/o:opensuse:leap:15.1CVE-2019-5719openSUSE Leap 15.1
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.
ModerateCVE-2019-5719SUSE bug 1121234cpe:/o:opensuse:leap:15.1CVE-2019-5721openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.
ModerateCVE-2019-5721SUSE bug 1121235cpe:/o:opensuse:leap:15.1CVE-2019-5736openSUSE Leap 15.1
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
ImportantCVE-2019-5736SUSE bug 1121967SUSE bug 1122185SUSE bug 1173421cpe:/o:opensuse:leap:15.1CVE-2019-5787openSUSE Leap 15.1
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5787SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5788openSUSE Leap 15.1
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
ImportantCVE-2019-5788SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5789openSUSE Leap 15.1
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
ImportantCVE-2019-5789SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5790openSUSE Leap 15.1
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
ImportantCVE-2019-5790SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5791openSUSE Leap 15.1
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ImportantCVE-2019-5791SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5792openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
ImportantCVE-2019-5792SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5793openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.
ModerateCVE-2019-5793SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5794openSUSE Leap 15.1
Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-5794SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5795openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
ModerateCVE-2019-5795SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5796openSUSE Leap 15.1
Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5796SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5797openSUSE Leap 15.1
Double free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5797SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5798openSUSE Leap 15.1
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
ModerateCVE-2019-5798SUSE bug 1129059SUSE bug 1135824cpe:/o:opensuse:leap:15.1CVE-2019-5799openSUSE Leap 15.1
Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-5799SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5800openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-5800SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5801openSUSE Leap 15.1
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-5801SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5802openSUSE Leap 15.1
Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-5802SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5803openSUSE Leap 15.1
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2019-5803SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5804openSUSE Leap 15.1
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.
ModerateCVE-2019-5804SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5805openSUSE Leap 15.1
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5805SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5806openSUSE Leap 15.1
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5806SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5807openSUSE Leap 15.1
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5807SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5808openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5808SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5809openSUSE Leap 15.1
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
ImportantCVE-2019-5809SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5810openSUSE Leap 15.1
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-5810SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5811openSUSE Leap 15.1
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
ModerateCVE-2019-5811SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5812openSUSE Leap 15.1
Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-5812SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5813openSUSE Leap 15.1
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5813SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5814openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-5814SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5815openSUSE Leap 15.1
Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.
ModerateCVE-2019-5815SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5816openSUSE Leap 15.1
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
ModerateCVE-2019-5816SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5817openSUSE Leap 15.1
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5817SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5818openSUSE Leap 15.1
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
ModerateCVE-2019-5818SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5819openSUSE Leap 15.1
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
ModerateCVE-2019-5819SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5820openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-5820SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5821openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-5821SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5822openSUSE Leap 15.1
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
ModerateCVE-2019-5822SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5823openSUSE Leap 15.1
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2019-5823SUSE bug 1133313cpe:/o:opensuse:leap:15.1CVE-2019-5824openSUSE Leap 15.1
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5824SUSE bug 1134218cpe:/o:opensuse:leap:15.1CVE-2019-5827openSUSE Leap 15.1
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5827SUSE bug 1134218cpe:/o:opensuse:leap:15.1CVE-2019-5828openSUSE Leap 15.1
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ImportantCVE-2019-5828SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5829openSUSE Leap 15.1
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ImportantCVE-2019-5829SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5830openSUSE Leap 15.1
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-5830SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5831openSUSE Leap 15.1
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5831SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5832openSUSE Leap 15.1
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-5832SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5833openSUSE Leap 15.1
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
ModerateCVE-2019-5833SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5834openSUSE Leap 15.1
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2019-5834SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5835openSUSE Leap 15.1
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ModerateCVE-2019-5835SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5836openSUSE Leap 15.1
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5836SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5837openSUSE Leap 15.1
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-5837SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5838openSUSE Leap 15.1
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
ModerateCVE-2019-5838SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5839openSUSE Leap 15.1
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
ModerateCVE-2019-5839SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5840openSUSE Leap 15.1
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2019-5840SUSE bug 1137332cpe:/o:opensuse:leap:15.1CVE-2019-5842openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5842SUSE bug 1137332SUSE bug 1138287cpe:/o:opensuse:leap:15.1CVE-2019-5844openSUSE Leap 15.1
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5844SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5845openSUSE Leap 15.1
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5845SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5846openSUSE Leap 15.1
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5846SUSE bug 1129059cpe:/o:opensuse:leap:15.1CVE-2019-5847openSUSE Leap 15.1
Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5847SUSE bug 1141649cpe:/o:opensuse:leap:15.1CVE-2019-5848openSUSE Leap 15.1
Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-5848SUSE bug 1141649cpe:/o:opensuse:leap:15.1CVE-2019-5850openSUSE Leap 15.1
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2019-5850SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5851openSUSE Leap 15.1
Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5851SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5852openSUSE Leap 15.1
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2019-5852SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5853openSUSE Leap 15.1
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5853SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5854openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-5854SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5855openSUSE Leap 15.1
Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-5855SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5856openSUSE Leap 15.1
Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
ModerateCVE-2019-5856SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5857openSUSE Leap 15.1
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
ModerateCVE-2019-5857SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5858openSUSE Leap 15.1
Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.
ModerateCVE-2019-5858SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5859openSUSE Leap 15.1
Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2019-5859SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5860openSUSE Leap 15.1
Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2019-5860SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5861openSUSE Leap 15.1
Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page.
ModerateCVE-2019-5861SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5862openSUSE Leap 15.1
Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
ModerateCVE-2019-5862SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5863openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
ModerateCVE-2019-5863SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5864openSUSE Leap 15.1
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
ModerateCVE-2019-5864SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5865openSUSE Leap 15.1
Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
ModerateCVE-2019-5865SUSE bug 1143492cpe:/o:opensuse:leap:15.1CVE-2019-5867openSUSE Leap 15.1
Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5867SUSE bug 1143492SUSE bug 1145242cpe:/o:opensuse:leap:15.1CVE-2019-5868openSUSE Leap 15.1
Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2019-5868SUSE bug 1143492SUSE bug 1145242cpe:/o:opensuse:leap:15.1CVE-2019-5869openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2019-5869SUSE bug 1149143cpe:/o:opensuse:leap:15.1CVE-2019-5870openSUSE Leap 15.1
Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CriticalCVE-2019-5870SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5871openSUSE Leap 15.1
Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5871SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5872openSUSE Leap 15.1
Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5872SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5874openSUSE Leap 15.1
Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2019-5874SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5875openSUSE Leap 15.1
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2019-5875SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5876openSUSE Leap 15.1
Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5876SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5877openSUSE Leap 15.1
Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5877SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5878openSUSE Leap 15.1
Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2019-5878SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5879openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
ModerateCVE-2019-5879SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5880openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2019-5880SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-5881openSUSE Leap 15.1
Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2019-5881SUSE bug 1150425cpe:/o:opensuse:leap:15.1CVE-2019-6133openSUSE Leap 15.1
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
ModerateCVE-2019-6133SUSE bug 1070943SUSE bug 1121826SUSE bug 1121872cpe:/o:opensuse:leap:15.1CVE-2019-6237openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-6237SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-6283openSUSE Leap 15.1
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
LowCVE-2019-6283SUSE bug 1121943cpe:/o:opensuse:leap:15.1CVE-2019-6284openSUSE Leap 15.1
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
LowCVE-2019-6284SUSE bug 1121944cpe:/o:opensuse:leap:15.1CVE-2019-6286openSUSE Leap 15.1
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
LowCVE-2019-6286SUSE bug 1121945cpe:/o:opensuse:leap:15.1CVE-2019-6446openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources.
ImportantCVE-2019-6446SUSE bug 1122208cpe:/o:opensuse:leap:15.1CVE-2019-6465openSUSE Leap 15.1
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
ModerateCVE-2019-6465SUSE bug 1126069SUSE bug 1148887cpe:/o:opensuse:leap:15.1CVE-2019-6470openSUSE Leap 15.1
There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.
ModerateCVE-2019-6470SUSE bug 1134078cpe:/o:opensuse:leap:15.1CVE-2019-6471openSUSE Leap 15.1
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.
ModerateCVE-2019-6471SUSE bug 1138687cpe:/o:opensuse:leap:15.1CVE-2019-6477openSUSE Leap 15.1
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).
ModerateCVE-2019-6477SUSE bug 1157051SUSE bug 1197136cpe:/o:opensuse:leap:15.1CVE-2019-6486openSUSE Leap 15.1
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
ImportantCVE-2019-6486SUSE bug 1123013cpe:/o:opensuse:leap:15.1CVE-2019-6778openSUSE Leap 15.1
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
ImportantCVE-2019-6778SUSE bug 1123156SUSE bug 1123157SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2019-7150openSUSE Leap 15.1
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
LowCVE-2019-7150SUSE bug 1123685cpe:/o:opensuse:leap:15.1CVE-2019-7164openSUSE Leap 15.1
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
ImportantCVE-2019-7164SUSE bug 1124593cpe:/o:opensuse:leap:15.1CVE-2019-7165openSUSE Leap 15.1
A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code.
CriticalCVE-2019-7165SUSE bug 1140254cpe:/o:opensuse:leap:15.1CVE-2019-7314openSUSE Leap 15.1
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.
ImportantCVE-2019-7314SUSE bug 1124159cpe:/o:opensuse:leap:15.1CVE-2019-7317openSUSE Leap 15.1
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
ModerateCVE-2019-7317SUSE bug 1124211SUSE bug 1135824SUSE bug 1141780SUSE bug 1147021SUSE bug 1165297cpe:/o:opensuse:leap:15.1CVE-2019-7548openSUSE Leap 15.1
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
ImportantCVE-2019-7548SUSE bug 1124593cpe:/o:opensuse:leap:15.1CVE-2019-7635openSUSE Leap 15.1
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
ModerateCVE-2019-7635SUSE bug 1124827cpe:/o:opensuse:leap:15.1CVE-2019-7637openSUSE Leap 15.1
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
ModerateCVE-2019-7637SUSE bug 1124825SUSE bug 1134135cpe:/o:opensuse:leap:15.1CVE-2019-7665openSUSE Leap 15.1
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
LowCVE-2019-7665SUSE bug 1125007cpe:/o:opensuse:leap:15.1CVE-2019-8075openSUSE Leap 15.1
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
ImportantCVE-2019-8075SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2019-8320openSUSE Leap 15.1
A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files (which now include path-checking code for symlinks), it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could delete arbitrary files on the user's machine, presuming the attacker could guess at paths. Given how frequently gem is run as sudo, and how predictable paths are on modern systems (/tmp, /usr, etc.), this could likely lead to data loss or an unusable system.
ImportantCVE-2019-8320SUSE bug 1130627cpe:/o:opensuse:leap:15.1CVE-2019-8321openSUSE Leap 15.1
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.
ImportantCVE-2019-8321SUSE bug 1130623cpe:/o:opensuse:leap:15.1CVE-2019-8322openSUSE Leap 15.1
An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.
ImportantCVE-2019-8322SUSE bug 1130622cpe:/o:opensuse:leap:15.1CVE-2019-8323openSUSE Leap 15.1
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.
ImportantCVE-2019-8323SUSE bug 1130620cpe:/o:opensuse:leap:15.1CVE-2019-8324openSUSE Leap 15.1
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.
ImportantCVE-2019-8324SUSE bug 1130617cpe:/o:opensuse:leap:15.1CVE-2019-8325openSUSE Leap 15.1
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
ImportantCVE-2019-8325SUSE bug 1130611cpe:/o:opensuse:leap:15.1CVE-2019-8551openSUSE Leap 15.1
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8551SUSE bug 1132256cpe:/o:opensuse:leap:15.1CVE-2019-8558openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8558SUSE bug 1132256cpe:/o:opensuse:leap:15.1CVE-2019-8559openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8559SUSE bug 1132256cpe:/o:opensuse:leap:15.1CVE-2019-8563openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8563SUSE bug 1132256cpe:/o:opensuse:leap:15.1CVE-2019-8571openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8571SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8583openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8583SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8584openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8584SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8586openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8586SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8587openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8587SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8594openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8594SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8595openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8595SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8596openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8596SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8597openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8597SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8601openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8601SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8607openSUSE Leap 15.1
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.
ModerateCVE-2019-8607SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8608openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8608SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8609openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8609SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8610openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8610SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8611openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8611SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8615openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8615SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8619openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8619SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8622openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8622SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8623openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8623SUSE bug 1135715cpe:/o:opensuse:leap:15.1CVE-2019-8625openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8625SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8644openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8644SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8649openSUSE Leap 15.1
A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8649SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8658openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8658SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8666openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8666SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8669openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8669SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8671openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8671SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8672openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8672SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8673openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8673SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8674openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8674SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8675openSUSE Leap 15.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
ImportantCVE-2019-8675SUSE bug 1146358SUSE bug 1168422cpe:/o:opensuse:leap:15.1CVE-2019-8676openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8676SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8677openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8677SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8678openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8678SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8679openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8679SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8680openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8680SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8681openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8681SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8683openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8683SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8684openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8684SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8686openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8686SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8687openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8687SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8688openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8688SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8689openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8689SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8690openSUSE Leap 15.1
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8690SUSE bug 1148931cpe:/o:opensuse:leap:15.1CVE-2019-8696openSUSE Leap 15.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
ImportantCVE-2019-8696SUSE bug 1146358SUSE bug 1146359cpe:/o:opensuse:leap:15.1CVE-2019-8707openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8707SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8710openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8710SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8719openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2019-8719SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8720openSUSE Leap 15.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ModerateCVE-2019-8720SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8726openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8726SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8733openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8733SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8735openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8735SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8743openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8743SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8763openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2019-8763SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8764openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.
ImportantCVE-2019-8764SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8765openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8765SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8766openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8766SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8768openSUSE Leap 15.1
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.
ModerateCVE-2019-8768SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8769openSUSE Leap 15.1
An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.
ModerateCVE-2019-8769SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8771openSUSE Leap 15.1
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy.
ModerateCVE-2019-8771SUSE bug 1155321cpe:/o:opensuse:leap:15.1CVE-2019-8782openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8782SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8783openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8783SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8808openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8808SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8811openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8811SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8812openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8812SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8813openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.
ImportantCVE-2019-8813SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8814openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8814SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8815openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8815SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8816openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8816SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8819openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8819SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8820openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8820SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8821openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8821SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8822openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8822SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8823openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8823SUSE bug 1156318cpe:/o:opensuse:leap:15.1CVE-2019-8835openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8835SUSE bug 1161719cpe:/o:opensuse:leap:15.1CVE-2019-8844openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8844SUSE bug 1161719cpe:/o:opensuse:leap:15.1CVE-2019-8846openSUSE Leap 15.1
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2019-8846SUSE bug 1161719cpe:/o:opensuse:leap:15.1CVE-2019-9020openSUSE Leap 15.1
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
ModerateCVE-2019-9020SUSE bug 1126711cpe:/o:opensuse:leap:15.1CVE-2019-9021openSUSE Leap 15.1
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
LowCVE-2019-9021SUSE bug 1126713cpe:/o:opensuse:leap:15.1CVE-2019-9022openSUSE Leap 15.1
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries.
ModerateCVE-2019-9022SUSE bug 1126827cpe:/o:opensuse:leap:15.1CVE-2019-9023openSUSE Leap 15.1
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
ModerateCVE-2019-9023SUSE bug 1126823cpe:/o:opensuse:leap:15.1CVE-2019-9024openSUSE Leap 15.1
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
ModerateCVE-2019-9024SUSE bug 1126821cpe:/o:opensuse:leap:15.1CVE-2019-9074openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.
ModerateCVE-2019-9074SUSE bug 1126831cpe:/o:opensuse:leap:15.1CVE-2019-9075openSUSE Leap 15.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
ImportantCVE-2019-9075SUSE bug 1071544SUSE bug 1126829SUSE bug 1193110cpe:/o:opensuse:leap:15.1CVE-2019-9077openSUSE Leap 15.1
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
ModerateCVE-2019-9077SUSE bug 1126826cpe:/o:opensuse:leap:15.1CVE-2019-9208openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.
ModerateCVE-2019-9208SUSE bug 1127370cpe:/o:opensuse:leap:15.1CVE-2019-9209openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.
ModerateCVE-2019-9209SUSE bug 1127369cpe:/o:opensuse:leap:15.1CVE-2019-9214openSUSE Leap 15.1
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.
ModerateCVE-2019-9214SUSE bug 1127367cpe:/o:opensuse:leap:15.1CVE-2019-9215openSUSE Leap 15.1
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
ImportantCVE-2019-9215SUSE bug 1127341cpe:/o:opensuse:leap:15.1CVE-2019-9232openSUSE Leap 15.1
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483
ModerateCVE-2019-9232SUSE bug 1160613cpe:/o:opensuse:leap:15.1CVE-2019-9278openSUSE Leap 15.1
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774
ImportantCVE-2019-9278SUSE bug 1160770cpe:/o:opensuse:leap:15.1CVE-2019-9325openSUSE Leap 15.1
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302
ModerateCVE-2019-9325SUSE bug 1160612cpe:/o:opensuse:leap:15.1CVE-2019-9371openSUSE Leap 15.1
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254
ModerateCVE-2019-9371SUSE bug 1160615cpe:/o:opensuse:leap:15.1CVE-2019-9433openSUSE Leap 15.1
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354
ModerateCVE-2019-9433SUSE bug 1160614cpe:/o:opensuse:leap:15.1CVE-2019-9455openSUSE Leap 15.1
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
ModerateCVE-2019-9455SUSE bug 1170345cpe:/o:opensuse:leap:15.1CVE-2019-9456openSUSE Leap 15.1
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
ModerateCVE-2019-9456SUSE bug 1150025cpe:/o:opensuse:leap:15.1CVE-2019-9458openSUSE Leap 15.1
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ImportantCVE-2019-9458SUSE bug 1168295SUSE bug 1173963cpe:/o:opensuse:leap:15.1CVE-2019-9494openSUSE Leap 15.1
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
ImportantCVE-2019-9494SUSE bug 1131291SUSE bug 1131868SUSE bug 1194732cpe:/o:opensuse:leap:15.1CVE-2019-9495openSUSE Leap 15.1
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
ModerateCVE-2019-9495SUSE bug 1131291SUSE bug 1131870SUSE bug 1194733cpe:/o:opensuse:leap:15.1CVE-2019-9496openSUSE Leap 15.1
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
ModerateCVE-2019-9496SUSE bug 1131869cpe:/o:opensuse:leap:15.1CVE-2019-9497openSUSE Leap 15.1
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
ModerateCVE-2019-9497SUSE bug 1131871SUSE bug 1131872SUSE bug 1131874cpe:/o:opensuse:leap:15.1CVE-2019-9498openSUSE Leap 15.1
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
ImportantCVE-2019-9498SUSE bug 1131871SUSE bug 1131872SUSE bug 1131874cpe:/o:opensuse:leap:15.1CVE-2019-9499openSUSE Leap 15.1
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
ImportantCVE-2019-9499SUSE bug 1131871SUSE bug 1131872SUSE bug 1131874cpe:/o:opensuse:leap:15.1CVE-2019-9500openSUSE Leap 15.1
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
ModerateCVE-2019-9500SUSE bug 1132681cpe:/o:opensuse:leap:15.1CVE-2019-9503openSUSE Leap 15.1
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
ModerateCVE-2019-9503SUSE bug 1132673SUSE bug 1132828SUSE bug 1133319SUSE bug 1156653cpe:/o:opensuse:leap:15.1CVE-2019-9506openSUSE Leap 15.1
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
ModerateCVE-2019-9506SUSE bug 1137865SUSE bug 1146042cpe:/o:opensuse:leap:15.1CVE-2019-9511openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
ImportantCVE-2019-9511SUSE bug 1145579SUSE bug 1146091SUSE bug 1146182SUSE bug 1193427cpe:/o:opensuse:leap:15.1CVE-2019-9512openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
ImportantCVE-2019-9512SUSE bug 1145663SUSE bug 1146099SUSE bug 1146111SUSE bug 1147142cpe:/o:opensuse:leap:15.1CVE-2019-9513openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
ImportantCVE-2019-9513SUSE bug 1145580SUSE bug 1146094SUSE bug 1146184SUSE bug 1193427cpe:/o:opensuse:leap:15.1CVE-2019-9514openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
ImportantCVE-2019-9514SUSE bug 1145662SUSE bug 1145663SUSE bug 1146095SUSE bug 1146115SUSE bug 1147142cpe:/o:opensuse:leap:15.1CVE-2019-9515openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
ImportantCVE-2019-9515SUSE bug 1145663SUSE bug 1146100cpe:/o:opensuse:leap:15.1CVE-2019-9516openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
ImportantCVE-2019-9516SUSE bug 1145582SUSE bug 1146090SUSE bug 1193427cpe:/o:opensuse:leap:15.1CVE-2019-9517openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
ImportantCVE-2019-9517SUSE bug 1145575SUSE bug 1146097cpe:/o:opensuse:leap:15.1CVE-2019-9518openSUSE Leap 15.1
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.
ImportantCVE-2019-9518SUSE bug 1145662SUSE bug 1145663SUSE bug 1146093cpe:/o:opensuse:leap:15.1CVE-2019-9578openSUSE Leap 15.1
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
LowCVE-2019-9578SUSE bug 1128140cpe:/o:opensuse:leap:15.1CVE-2019-9636openSUSE Leap 15.1
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ImportantCVE-2019-9636SUSE bug 1129346SUSE bug 1135433SUSE bug 1138459cpe:/o:opensuse:leap:15.1CVE-2019-9637openSUSE Leap 15.1
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
LowCVE-2019-9637SUSE bug 1128892cpe:/o:opensuse:leap:15.1CVE-2019-9638openSUSE Leap 15.1
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
ModerateCVE-2019-9638SUSE bug 1128889cpe:/o:opensuse:leap:15.1CVE-2019-9639openSUSE Leap 15.1
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
LowCVE-2019-9639SUSE bug 1128887cpe:/o:opensuse:leap:15.1CVE-2019-9640openSUSE Leap 15.1
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
LowCVE-2019-9640SUSE bug 1128883cpe:/o:opensuse:leap:15.1CVE-2019-9641openSUSE Leap 15.1
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
ModerateCVE-2019-9641SUSE bug 1128722cpe:/o:opensuse:leap:15.1CVE-2019-9674openSUSE Leap 15.1
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
ModerateCVE-2019-9674SUSE bug 1162825cpe:/o:opensuse:leap:15.1CVE-2019-9675openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible."
ModerateCVE-2019-9675SUSE bug 1128886cpe:/o:opensuse:leap:15.1CVE-2019-9704openSUSE Leap 15.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
LowCVE-2019-9704SUSE bug 1128937SUSE bug 1187508cpe:/o:opensuse:leap:15.1CVE-2019-9705openSUSE Leap 15.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
LowCVE-2019-9705SUSE bug 1128935SUSE bug 1187508cpe:/o:opensuse:leap:15.1CVE-2019-9740openSUSE Leap 15.1
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ModerateCVE-2019-9740SUSE bug 1129071SUSE bug 1130840SUSE bug 1132663cpe:/o:opensuse:leap:15.1CVE-2019-9752openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.
ModerateCVE-2019-9752SUSE bug 1122560SUSE bug 1129756cpe:/o:opensuse:leap:15.1CVE-2019-9770openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
CriticalCVE-2019-9770SUSE bug 1129881cpe:/o:opensuse:leap:15.1CVE-2019-9771openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
ModerateCVE-2019-9771SUSE bug 1129876cpe:/o:opensuse:leap:15.1CVE-2019-9772openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
ModerateCVE-2019-9772SUSE bug 1129875cpe:/o:opensuse:leap:15.1CVE-2019-9773openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
ModerateCVE-2019-9773SUSE bug 1129874cpe:/o:opensuse:leap:15.1CVE-2019-9774openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
ImportantCVE-2019-9774SUSE bug 1129879cpe:/o:opensuse:leap:15.1CVE-2019-9775openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
ImportantCVE-2019-9775SUSE bug 1129878cpe:/o:opensuse:leap:15.1CVE-2019-9776openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
ModerateCVE-2019-9776SUSE bug 1129868SUSE bug 1129873cpe:/o:opensuse:leap:15.1CVE-2019-9777openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
ModerateCVE-2019-9777SUSE bug 1129870cpe:/o:opensuse:leap:15.1CVE-2019-9778openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
ModerateCVE-2019-9778SUSE bug 1129869cpe:/o:opensuse:leap:15.1CVE-2019-9779openSUSE Leap 15.1
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
ModerateCVE-2019-9779SUSE bug 1129868SUSE bug 1129873cpe:/o:opensuse:leap:15.1CVE-2019-9811openSUSE Leap 15.1
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
ImportantCVE-2019-9811SUSE bug 1140868cpe:/o:opensuse:leap:15.1CVE-2019-9812openSUSE Leap 15.1
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
ImportantCVE-2019-9812SUSE bug 1149294SUSE bug 1149323SUSE bug 1149324cpe:/o:opensuse:leap:15.1CVE-2019-9836openSUSE Leap 15.1
Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.
ModerateCVE-2019-9836SUSE bug 1139383cpe:/o:opensuse:leap:15.1CVE-2019-9848openSUSE Leap 15.1
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
ModerateCVE-2019-9848SUSE bug 1141862SUSE bug 1146098SUSE bug 1146105cpe:/o:opensuse:leap:15.1CVE-2019-9849openSUSE Leap 15.1
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
ModerateCVE-2019-9849SUSE bug 1141861cpe:/o:opensuse:leap:15.1CVE-2019-9850openSUSE Leap 15.1
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ModerateCVE-2019-9850SUSE bug 1146098cpe:/o:opensuse:leap:15.1CVE-2019-9851openSUSE Leap 15.1
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ModerateCVE-2019-9851SUSE bug 1146105cpe:/o:opensuse:leap:15.1CVE-2019-9852openSUSE Leap 15.1
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
ImportantCVE-2019-9852SUSE bug 1146107SUSE bug 1149944cpe:/o:opensuse:leap:15.1CVE-2019-9853openSUSE Leap 15.1
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
ModerateCVE-2019-9853SUSE bug 1152684cpe:/o:opensuse:leap:15.1CVE-2019-9854openSUSE Leap 15.1
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
ImportantCVE-2019-9854SUSE bug 1149944cpe:/o:opensuse:leap:15.1CVE-2019-9855openSUSE Leap 15.1
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
ImportantCVE-2019-9855SUSE bug 1149943cpe:/o:opensuse:leap:15.1CVE-2019-9892openSUSE Leap 15.1
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.
ModerateCVE-2019-9892SUSE bug 1133755SUSE bug 1139406cpe:/o:opensuse:leap:15.1CVE-2019-9893openSUSE Leap 15.1
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
ModerateCVE-2019-9893SUSE bug 1128828cpe:/o:opensuse:leap:15.1CVE-2019-9917openSUSE Leap 15.1
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
ImportantCVE-2019-9917SUSE bug 1130360cpe:/o:opensuse:leap:15.1CVE-2019-9928openSUSE Leap 15.1
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
ImportantCVE-2019-9928SUSE bug 1133375cpe:/o:opensuse:leap:15.1CVE-2019-9947openSUSE Leap 15.1
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
ModerateCVE-2019-9947SUSE bug 1130840SUSE bug 1136184SUSE bug 1155094cpe:/o:opensuse:leap:15.1CVE-2020-0034openSUSE Leap 15.1
In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770
ModerateCVE-2020-0034SUSE bug 1166066cpe:/o:opensuse:leap:15.1CVE-2020-0093openSUSE Leap 15.1
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132
ModerateCVE-2020-0093SUSE bug 1171847SUSE bug 1172116cpe:/o:opensuse:leap:15.1CVE-2020-0305openSUSE Leap 15.1
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744
ModerateCVE-2020-0305SUSE bug 1174462cpe:/o:opensuse:leap:15.1CVE-2020-0404openSUSE Leap 15.1
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel
ModerateCVE-2020-0404SUSE bug 1176423cpe:/o:opensuse:leap:15.1CVE-2020-0427openSUSE Leap 15.1
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171
ModerateCVE-2020-0427SUSE bug 1176725cpe:/o:opensuse:leap:15.1CVE-2020-0430openSUSE Leap 15.1
In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153881554
ImportantCVE-2020-0430SUSE bug 1176723SUSE bug 1178003cpe:/o:opensuse:leap:15.1CVE-2020-0431openSUSE Leap 15.1
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459
ImportantCVE-2020-0431SUSE bug 1176722SUSE bug 1176896cpe:/o:opensuse:leap:15.1CVE-2020-0432openSUSE Leap 15.1
In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807
ImportantCVE-2020-0432SUSE bug 1176721SUSE bug 1177165cpe:/o:opensuse:leap:15.1CVE-2020-0444openSUSE Leap 15.1
In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel
ModerateCVE-2020-0444SUSE bug 1180027SUSE bug 1180028cpe:/o:opensuse:leap:15.1CVE-2020-0465openSUSE Leap 15.1
In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel
ImportantCVE-2020-0465SUSE bug 1180029SUSE bug 1180030cpe:/o:opensuse:leap:15.1CVE-2020-0466openSUSE Leap 15.1
In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel
ImportantCVE-2020-0466SUSE bug 1180031SUSE bug 1180032cpe:/o:opensuse:leap:15.1CVE-2020-0487openSUSE Leap 15.1
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
ImportantCVE-2020-0487SUSE bug 1180112cpe:/o:opensuse:leap:15.1CVE-2020-0499openSUSE Leap 15.1
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156076070
ModerateCVE-2020-0499SUSE bug 1180099cpe:/o:opensuse:leap:15.1CVE-2020-0543openSUSE Leap 15.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-0543SUSE bug 1154824SUSE bug 1172205SUSE bug 1172206SUSE bug 1172207SUSE bug 1172770SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-0548openSUSE Leap 15.1
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-0548SUSE bug 1156353cpe:/o:opensuse:leap:15.1CVE-2020-0549openSUSE Leap 15.1
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-0549SUSE bug 1156353cpe:/o:opensuse:leap:15.1CVE-2020-0556openSUSE Leap 15.1
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
ModerateCVE-2020-0556SUSE bug 1166751cpe:/o:opensuse:leap:15.1CVE-2020-0561openSUSE Leap 15.1
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
ImportantCVE-2020-0561cpe:/o:opensuse:leap:15.1CVE-2020-0569openSUSE Leap 15.1
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
ImportantCVE-2020-0569SUSE bug 1161167SUSE bug 1162191cpe:/o:opensuse:leap:15.1CVE-2020-10018openSUSE Leap 15.1
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
ModerateCVE-2020-10018SUSE bug 1165528cpe:/o:opensuse:leap:15.1CVE-2020-10029openSUSE Leap 15.1
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
LowCVE-2020-10029SUSE bug 1165784cpe:/o:opensuse:leap:15.1CVE-2020-10030openSUSE Leap 15.1
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have '\0' termination of the returned string if the hostname is larger than the supplied buffer. (Linux systems are not affected because the buffer is always large enough. OpenBSD systems are not affected because the returned hostname always has '\0' termination.) Under some conditions, this issue can lead to the writing of one '\0' byte out-of-bounds on the stack, causing a denial of service or possibly arbitrary code execution.
ModerateCVE-2020-10030SUSE bug 1171553cpe:/o:opensuse:leap:15.1CVE-2020-10135openSUSE Leap 15.1
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.
ModerateCVE-2020-10135SUSE bug 1171988cpe:/o:opensuse:leap:15.1CVE-2020-10531openSUSE Leap 15.1
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
ImportantCVE-2020-10531SUSE bug 1166844SUSE bug 1175778cpe:/o:opensuse:leap:15.1CVE-2020-10543openSUSE Leap 15.1
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
ModerateCVE-2020-10543SUSE bug 1171863cpe:/o:opensuse:leap:15.1CVE-2020-10592openSUSE Leap 15.1
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.
ModerateCVE-2020-10592SUSE bug 1167013cpe:/o:opensuse:leap:15.1CVE-2020-10593openSUSE Leap 15.1
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_circ because a circuit-padding machine can be negotiated twice on the same circuit.
ModerateCVE-2020-10593SUSE bug 1167014cpe:/o:opensuse:leap:15.1CVE-2020-10648openSUSE Leap 15.1
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.
ModerateCVE-2020-10648SUSE bug 1167209cpe:/o:opensuse:leap:15.1CVE-2020-10663openSUSE Leap 15.1
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.
ImportantCVE-2020-10663SUSE bug 1167244SUSE bug 1171517cpe:/o:opensuse:leap:15.1CVE-2020-10683openSUSE Leap 15.1
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.
ImportantCVE-2020-10683SUSE bug 1169760cpe:/o:opensuse:leap:15.1CVE-2020-10690openSUSE Leap 15.1
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.
ModerateCVE-2020-10690SUSE bug 1170056cpe:/o:opensuse:leap:15.1CVE-2020-10696openSUSE Leap 15.1
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
ImportantCVE-2020-10696SUSE bug 1167864cpe:/o:opensuse:leap:15.1CVE-2020-10704openSUSE Leap 15.1
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
ImportantCVE-2020-10704SUSE bug 1169851SUSE bug 1170771cpe:/o:opensuse:leap:15.1CVE-2020-10711openSUSE Leap 15.1
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.
ModerateCVE-2020-10711SUSE bug 1171191cpe:/o:opensuse:leap:15.1CVE-2020-10713openSUSE Leap 15.1
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-10713SUSE bug 1168994SUSE bug 1173456SUSE bug 1173812cpe:/o:opensuse:leap:15.1CVE-2020-10720openSUSE Leap 15.1
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
ModerateCVE-2020-10720SUSE bug 1170778cpe:/o:opensuse:leap:15.1CVE-2020-10722openSUSE Leap 15.1
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
ModerateCVE-2020-10722SUSE bug 1171477SUSE bug 1171930cpe:/o:opensuse:leap:15.1CVE-2020-10723openSUSE Leap 15.1
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.
ModerateCVE-2020-10723SUSE bug 1171477SUSE bug 1171925cpe:/o:opensuse:leap:15.1CVE-2020-10724openSUSE Leap 15.1
A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.
ModerateCVE-2020-10724SUSE bug 1171477SUSE bug 1171926cpe:/o:opensuse:leap:15.1CVE-2020-10725openSUSE Leap 15.1
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.
ImportantCVE-2020-10725SUSE bug 1171477SUSE bug 1171927cpe:/o:opensuse:leap:15.1CVE-2020-10726openSUSE Leap 15.1
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
ModerateCVE-2020-10726SUSE bug 1171477SUSE bug 1171929cpe:/o:opensuse:leap:15.1CVE-2020-10730openSUSE Leap 15.1
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.
ModerateCVE-2020-10730SUSE bug 1173159cpe:/o:opensuse:leap:15.1CVE-2020-10732openSUSE Leap 15.1
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
LowCVE-2020-10732SUSE bug 1171220cpe:/o:opensuse:leap:15.1CVE-2020-10745openSUSE Leap 15.1
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.
ImportantCVE-2020-10745SUSE bug 1173160cpe:/o:opensuse:leap:15.1CVE-2020-10749openSUSE Leap 15.1
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
ModerateCVE-2020-10749SUSE bug 1172375SUSE bug 1172410cpe:/o:opensuse:leap:15.1CVE-2020-10751openSUSE Leap 15.1
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing.
ModerateCVE-2020-10751SUSE bug 1171189SUSE bug 1174963cpe:/o:opensuse:leap:15.1CVE-2020-10753openSUSE Leap 15.1
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
ModerateCVE-2020-10753SUSE bug 1171921cpe:/o:opensuse:leap:15.1CVE-2020-10756openSUSE Leap 15.1
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.
ModerateCVE-2020-10756SUSE bug 1172380SUSE bug 1184743cpe:/o:opensuse:leap:15.1CVE-2020-10757openSUSE Leap 15.1
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
ImportantCVE-2020-10757SUSE bug 1172317SUSE bug 1172437cpe:/o:opensuse:leap:15.1CVE-2020-10759openSUSE Leap 15.1
A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.
ImportantCVE-2020-10759SUSE bug 1172643cpe:/o:opensuse:leap:15.1CVE-2020-10760openSUSE Leap 15.1
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.
ModerateCVE-2020-10760SUSE bug 1173161cpe:/o:opensuse:leap:15.1CVE-2020-10766openSUSE Leap 15.1
A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.
ModerateCVE-2020-10766SUSE bug 1172781cpe:/o:opensuse:leap:15.1CVE-2020-10767openSUSE Leap 15.1
A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.
ModerateCVE-2020-10767SUSE bug 1172782cpe:/o:opensuse:leap:15.1CVE-2020-10768openSUSE Leap 15.1
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.
ModerateCVE-2020-10768SUSE bug 1172783cpe:/o:opensuse:leap:15.1CVE-2020-10769openSUSE Leap 15.1
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
ModerateCVE-2020-10769SUSE bug 1173265cpe:/o:opensuse:leap:15.1CVE-2020-10773openSUSE Leap 15.1
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.
LowCVE-2020-10773SUSE bug 1172999cpe:/o:opensuse:leap:15.1CVE-2020-10781openSUSE Leap 15.1
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device. With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.
ModerateCVE-2020-10781SUSE bug 1173074cpe:/o:opensuse:leap:15.1CVE-2020-10802openSUSE Leap 15.1
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.
ModerateCVE-2020-10802SUSE bug 1167336cpe:/o:opensuse:leap:15.1CVE-2020-10803openSUSE Leap 15.1
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.
ModerateCVE-2020-10803SUSE bug 1167337cpe:/o:opensuse:leap:15.1CVE-2020-10804openSUSE Leap 15.1
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).
ModerateCVE-2020-10804SUSE bug 1167335cpe:/o:opensuse:leap:15.1CVE-2020-10878openSUSE Leap 15.1
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
ModerateCVE-2020-10878SUSE bug 1171864cpe:/o:opensuse:leap:15.1CVE-2020-10933openSUSE Leap 15.1
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
ModerateCVE-2020-10933SUSE bug 1168938cpe:/o:opensuse:leap:15.1CVE-2020-10938openSUSE Leap 15.1
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
ImportantCVE-2020-10938SUSE bug 1167623cpe:/o:opensuse:leap:15.1CVE-2020-10942openSUSE Leap 15.1
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
ModerateCVE-2020-10942SUSE bug 1167629cpe:/o:opensuse:leap:15.1CVE-2020-10957openSUSE Leap 15.1
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
ImportantCVE-2020-10957SUSE bug 1171457cpe:/o:opensuse:leap:15.1CVE-2020-10958openSUSE Leap 15.1
In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
ModerateCVE-2020-10958SUSE bug 1171458cpe:/o:opensuse:leap:15.1CVE-2020-10967openSUSE Leap 15.1
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
ModerateCVE-2020-10967SUSE bug 1171456cpe:/o:opensuse:leap:15.1CVE-2020-10995openSUSE Leap 15.1
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is triggered by random subdomains in the NSDNAME in NS records. PowerDNS Recursor 4.1.16, 4.2.2 and 4.3.1 contain a mitigation to limit the impact of this DNS protocol issue.
ModerateCVE-2020-10995SUSE bug 1171553cpe:/o:opensuse:leap:15.1CVE-2020-11008openSUSE Leap 15.1
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.
ModerateCVE-2020-11008SUSE bug 1169936SUSE bug 1170741cpe:/o:opensuse:leap:15.1CVE-2020-11017openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
ModerateCVE-2020-11017SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11018openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
ModerateCVE-2020-11018SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11019openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.
ModerateCVE-2020-11019SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11022openSUSE Leap 15.1
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
ModerateCVE-2020-11022SUSE bug 1173090SUSE bug 1178434SUSE bug 1190663cpe:/o:opensuse:leap:15.1CVE-2020-11023openSUSE Leap 15.1
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
ModerateCVE-2020-11023SUSE bug 1173090SUSE bug 1178434SUSE bug 1190660cpe:/o:opensuse:leap:15.1CVE-2020-11038openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0.
ModerateCVE-2020-11038SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11039openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.
ModerateCVE-2020-11039SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11040openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.
ModerateCVE-2020-11040SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11041openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.
ModerateCVE-2020-11041SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11043openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
ModerateCVE-2020-11043SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11076openSUSE Leap 15.1
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
ModerateCVE-2020-11076SUSE bug 1172175SUSE bug 1172176cpe:/o:opensuse:leap:15.1CVE-2020-11077openSUSE Leap 15.1
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
ModerateCVE-2020-11077SUSE bug 1172175SUSE bug 1172176cpe:/o:opensuse:leap:15.1CVE-2020-11080openSUSE Leap 15.1
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection.
ImportantCVE-2020-11080SUSE bug 1172441SUSE bug 1172442SUSE bug 1181358cpe:/o:opensuse:leap:15.1CVE-2020-11085openSUSE Leap 15.1
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
ModerateCVE-2020-11085SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11086openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.
ModerateCVE-2020-11086SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11087openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
ModerateCVE-2020-11087SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11088openSUSE Leap 15.1
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
ModerateCVE-2020-11088SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11089openSUSE Leap 15.1
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.
ModerateCVE-2020-11089SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-11095openSUSE Leap 15.1
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
ModerateCVE-2020-11095SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-11096openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
ModerateCVE-2020-11096SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-11097openSUSE Leap 15.1
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
ModerateCVE-2020-11097SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-11098openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
ModerateCVE-2020-11098SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-11099openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
ModerateCVE-2020-11099SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-11100openSUSE Leap 15.1
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
ImportantCVE-2020-11100SUSE bug 1168023cpe:/o:opensuse:leap:15.1CVE-2020-11494openSUSE Leap 15.1
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.
ModerateCVE-2020-11494SUSE bug 1168424cpe:/o:opensuse:leap:15.1CVE-2020-11501openSUSE Leap 15.1
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.
ImportantCVE-2020-11501SUSE bug 1168345cpe:/o:opensuse:leap:15.1CVE-2020-11521openSUSE Leap 15.1
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
ModerateCVE-2020-11521SUSE bug 1169413SUSE bug 1171443cpe:/o:opensuse:leap:15.1CVE-2020-11522openSUSE Leap 15.1
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
ModerateCVE-2020-11522SUSE bug 1169413SUSE bug 1171444cpe:/o:opensuse:leap:15.1CVE-2020-11523openSUSE Leap 15.1
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
ModerateCVE-2020-11523SUSE bug 1169413SUSE bug 1171445cpe:/o:opensuse:leap:15.1CVE-2020-11524openSUSE Leap 15.1
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
ModerateCVE-2020-11524SUSE bug 1169413SUSE bug 1171446cpe:/o:opensuse:leap:15.1CVE-2020-11525openSUSE Leap 15.1
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
LowCVE-2020-11525SUSE bug 1169413SUSE bug 1171447cpe:/o:opensuse:leap:15.1CVE-2020-11526openSUSE Leap 15.1
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
LowCVE-2020-11526SUSE bug 1169413SUSE bug 1171674cpe:/o:opensuse:leap:15.1CVE-2020-11608openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
ModerateCVE-2020-11608SUSE bug 1168829cpe:/o:opensuse:leap:15.1CVE-2020-11609openSUSE Leap 15.1
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
ModerateCVE-2020-11609SUSE bug 1168854cpe:/o:opensuse:leap:15.1CVE-2020-11647openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
ModerateCVE-2020-11647SUSE bug 1169063cpe:/o:opensuse:leap:15.1CVE-2020-11651openSUSE Leap 15.1
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
CriticalCVE-2020-11651SUSE bug 1170595cpe:/o:opensuse:leap:15.1CVE-2020-11652openSUSE Leap 15.1
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
CriticalCVE-2020-11652SUSE bug 1170595cpe:/o:opensuse:leap:15.1CVE-2020-11653openSUSE Leap 15.1
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.
ModerateCVE-2020-11653SUSE bug 1169039cpe:/o:opensuse:leap:15.1CVE-2020-11668openSUSE Leap 15.1
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
ImportantCVE-2020-11668SUSE bug 1168952SUSE bug 1173942cpe:/o:opensuse:leap:15.1CVE-2020-11669openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.
ModerateCVE-2020-11669SUSE bug 1169390cpe:/o:opensuse:leap:15.1CVE-2020-11722openSUSE Leap 15.1
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
ImportantCVE-2020-11722SUSE bug 1169381cpe:/o:opensuse:leap:15.1CVE-2020-11736openSUSE Leap 15.1
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
ModerateCVE-2020-11736SUSE bug 1169428SUSE bug 1189131cpe:/o:opensuse:leap:15.1CVE-2020-11739openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to re-order the memory access with the preceding ones. In other words, the unlock may be seen by another processor before all the memory accesses within the "critical" section. As a consequence, it may be possible to have a writer executing a critical section at the same time as readers or another writer. In other words, many of the assumptions (e.g., a variable cannot be modified after a check) in the critical sections are not safe anymore. The read-write locks are used in hypercalls (such as grant-table ones), so a malicious guest could exploit the race. For instance, there is a small window where Xen can leak memory if XENMAPSPACE_grant_table is used concurrently. A malicious guest may be able to leak memory, or cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded.
ImportantCVE-2020-11739SUSE bug 1168142cpe:/o:opensuse:leap:15.1CVE-2020-11740openSUSE Leap 15.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.
ModerateCVE-2020-11740SUSE bug 1168140SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-11741openSUSE Leap 15.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.
ModerateCVE-2020-11741SUSE bug 1168140SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-11742openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path through grant copy handling where success may be returned to the caller without any action taken. In particular, the status fields of individual operations are left uninitialised, and may result in errant behaviour in the caller of GNTTABOP_copy. A buggy or malicious guest can construct its grant table in such a way that, when a backend domain tries to copy a grant, it hits the incorrect exit path. This returns success to the caller without doing anything, which may cause crashes or other incorrect behaviour.
ModerateCVE-2020-11742SUSE bug 1169392SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-11743openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to return 1 instead of a negative value. The grant table code in Linux treats this condition as success, and proceeds with incorrectly initialised state. A buggy or malicious guest can construct its grant table in such a way that, when a backend domain tries to map a grant, it hits the incorrect error path. This will crash a Linux based dom0 or backend domain.
ModerateCVE-2020-11743SUSE bug 1168143cpe:/o:opensuse:leap:15.1CVE-2020-11758openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.
LowCVE-2020-11758SUSE bug 1169549SUSE bug 1169573SUSE bug 1169574cpe:/o:opensuse:leap:15.1CVE-2020-11760openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
LowCVE-2020-11760SUSE bug 1169580cpe:/o:opensuse:leap:15.1CVE-2020-11761openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
LowCVE-2020-11761SUSE bug 1169578cpe:/o:opensuse:leap:15.1CVE-2020-11762openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
ModerateCVE-2020-11762SUSE bug 1169549SUSE bug 1169573SUSE bug 1169574SUSE bug 1169575SUSE bug 1169576SUSE bug 1169578SUSE bug 1169579SUSE bug 1169580cpe:/o:opensuse:leap:15.1CVE-2020-11763openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
LowCVE-2020-11763SUSE bug 1169576cpe:/o:opensuse:leap:15.1CVE-2020-11764openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.
LowCVE-2020-11764SUSE bug 1169574cpe:/o:opensuse:leap:15.1CVE-2020-11765openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
LowCVE-2020-11765SUSE bug 1169575cpe:/o:opensuse:leap:15.1CVE-2020-11793openSUSE Leap 15.1
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).
ModerateCVE-2020-11793SUSE bug 1169658cpe:/o:opensuse:leap:15.1CVE-2020-11800openSUSE Leap 15.1
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
ModerateCVE-2020-11800SUSE bug 1177467cpe:/o:opensuse:leap:15.1CVE-2020-11863openSUSE Leap 15.1
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).
ModerateCVE-2020-11863SUSE bug 1171496cpe:/o:opensuse:leap:15.1CVE-2020-11864openSUSE Leap 15.1
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).
ModerateCVE-2020-11864SUSE bug 1171499cpe:/o:opensuse:leap:15.1CVE-2020-11865openSUSE Leap 15.1
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access.
ImportantCVE-2020-11865SUSE bug 1171497cpe:/o:opensuse:leap:15.1CVE-2020-11866openSUSE Leap 15.1
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.
ImportantCVE-2020-11866SUSE bug 1171498cpe:/o:opensuse:leap:15.1CVE-2020-11867openSUSE Leap 15.1
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
LowCVE-2020-11867SUSE bug 1179449cpe:/o:opensuse:leap:15.1CVE-2020-11868openSUSE Leap 15.1
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
ModerateCVE-2020-11868SUSE bug 1169740cpe:/o:opensuse:leap:15.1CVE-2020-11888openSUSE Leap 15.1
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
ModerateCVE-2020-11888SUSE bug 1171379cpe:/o:opensuse:leap:15.1CVE-2020-11945openSUSE Leap 15.1
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
ImportantCVE-2020-11945SUSE bug 1170313cpe:/o:opensuse:leap:15.1CVE-2020-11984openSUSE Leap 15.1
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
ImportantCVE-2020-11984SUSE bug 1175074cpe:/o:opensuse:leap:15.1CVE-2020-11993openSUSE Leap 15.1
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.
ModerateCVE-2020-11993SUSE bug 1175070SUSE bug 1178074SUSE bug 1180830cpe:/o:opensuse:leap:15.1CVE-2020-11996openSUSE Leap 15.1
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
ModerateCVE-2020-11996SUSE bug 1173389cpe:/o:opensuse:leap:15.1CVE-2020-12050openSUSE Leap 15.1
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.
ModerateCVE-2020-12050SUSE bug 1171041cpe:/o:opensuse:leap:15.1CVE-2020-12066openSUSE Leap 15.1
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.
ImportantCVE-2020-12066SUSE bug 1170252cpe:/o:opensuse:leap:15.1CVE-2020-12100openSUSE Leap 15.1
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
ImportantCVE-2020-12100SUSE bug 1174920SUSE bug 1180406cpe:/o:opensuse:leap:15.1CVE-2020-12105openSUSE Leap 15.1
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
ModerateCVE-2020-12105SUSE bug 1170452cpe:/o:opensuse:leap:15.1CVE-2020-12108openSUSE Leap 15.1
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
ModerateCVE-2020-12108SUSE bug 1171363cpe:/o:opensuse:leap:15.1CVE-2020-12114openSUSE Leap 15.1
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.
ModerateCVE-2020-12114SUSE bug 1171098cpe:/o:opensuse:leap:15.1CVE-2020-12243openSUSE Leap 15.1
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
ImportantCVE-2020-12243SUSE bug 1170771cpe:/o:opensuse:leap:15.1CVE-2020-12244openSUSE Leap 15.1
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.
ModerateCVE-2020-12244SUSE bug 1171553cpe:/o:opensuse:leap:15.1CVE-2020-12268openSUSE Leap 15.1
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
ImportantCVE-2020-12268SUSE bug 1170603cpe:/o:opensuse:leap:15.1CVE-2020-12321openSUSE Leap 15.1
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CriticalCVE-2020-12321SUSE bug 1178671cpe:/o:opensuse:leap:15.1CVE-2020-12351openSUSE Leap 15.1
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
ImportantCVE-2020-12351SUSE bug 1177724SUSE bug 1177729SUSE bug 1178397cpe:/o:opensuse:leap:15.1CVE-2020-12352openSUSE Leap 15.1
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
ModerateCVE-2020-12352SUSE bug 1177725SUSE bug 1178398cpe:/o:opensuse:leap:15.1CVE-2020-12387openSUSE Leap 15.1
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
ImportantCVE-2020-12387SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12388openSUSE Leap 15.1
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
ImportantCVE-2020-12388SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12389openSUSE Leap 15.1
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
ImportantCVE-2020-12389SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12392openSUSE Leap 15.1
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
ImportantCVE-2020-12392SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12393openSUSE Leap 15.1
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
ImportantCVE-2020-12393SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12395openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
ImportantCVE-2020-12395SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12397openSUSE Leap 15.1
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.
ModerateCVE-2020-12397SUSE bug 1171186cpe:/o:opensuse:leap:15.1CVE-2020-12398openSUSE Leap 15.1
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.
ImportantCVE-2020-12398SUSE bug 1172402cpe:/o:opensuse:leap:15.1CVE-2020-12399openSUSE Leap 15.1
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
ModerateCVE-2020-12399SUSE bug 1171978SUSE bug 1172402cpe:/o:opensuse:leap:15.1CVE-2020-12402openSUSE Leap 15.1
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.
ModerateCVE-2020-12402SUSE bug 1173032SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12405openSUSE Leap 15.1
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
ImportantCVE-2020-12405SUSE bug 1172402cpe:/o:opensuse:leap:15.1CVE-2020-12406openSUSE Leap 15.1
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
ImportantCVE-2020-12406SUSE bug 1172402cpe:/o:opensuse:leap:15.1CVE-2020-12410openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
ImportantCVE-2020-12410SUSE bug 1172402cpe:/o:opensuse:leap:15.1CVE-2020-12415openSUSE Leap 15.1
When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12415SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12416openSUSE Leap 15.1
A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12416SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12417openSUSE Leap 15.1
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
ImportantCVE-2020-12417SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12418openSUSE Leap 15.1
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
ImportantCVE-2020-12418SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12419openSUSE Leap 15.1
When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
ImportantCVE-2020-12419SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12420openSUSE Leap 15.1
When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
ImportantCVE-2020-12420SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12421openSUSE Leap 15.1
When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
ImportantCVE-2020-12421SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12422openSUSE Leap 15.1
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12422SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12423openSUSE Leap 15.1
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.
ImportantCVE-2020-12423SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12424openSUSE Leap 15.1
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12424SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12425openSUSE Leap 15.1
Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12425SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12426openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78.
ImportantCVE-2020-12426SUSE bug 1173576SUSE bug 1174230cpe:/o:opensuse:leap:15.1CVE-2020-12464openSUSE Leap 15.1
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
LowCVE-2020-12464SUSE bug 1170901cpe:/o:opensuse:leap:15.1CVE-2020-12625openSUSE Leap 15.1
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.
ModerateCVE-2020-12625SUSE bug 1171040SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2020-12640openSUSE Leap 15.1
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.
ImportantCVE-2020-12640SUSE bug 1171149SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2020-12641openSUSE Leap 15.1
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
ImportantCVE-2020-12641SUSE bug 1171148SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2020-12652openSUSE Leap 15.1
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power."
ModerateCVE-2020-12652SUSE bug 1171218cpe:/o:opensuse:leap:15.1CVE-2020-12653openSUSE Leap 15.1
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
ImportantCVE-2020-12653SUSE bug 1171195SUSE bug 1171254cpe:/o:opensuse:leap:15.1CVE-2020-12654openSUSE Leap 15.1
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
ImportantCVE-2020-12654SUSE bug 1171202SUSE bug 1171252cpe:/o:opensuse:leap:15.1CVE-2020-12655openSUSE Leap 15.1
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.
ModerateCVE-2020-12655SUSE bug 1171217cpe:/o:opensuse:leap:15.1CVE-2020-12656openSUSE Leap 15.1
** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug.
LowCVE-2020-12656SUSE bug 1171219cpe:/o:opensuse:leap:15.1CVE-2020-12657openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
ModerateCVE-2020-12657SUSE bug 1171205cpe:/o:opensuse:leap:15.1CVE-2020-12659openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
ModerateCVE-2020-12659SUSE bug 1171214cpe:/o:opensuse:leap:15.1CVE-2020-12662openSUSE Leap 15.1
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
ImportantCVE-2020-12662SUSE bug 1171889cpe:/o:opensuse:leap:15.1CVE-2020-12663openSUSE Leap 15.1
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
ImportantCVE-2020-12663SUSE bug 1171889cpe:/o:opensuse:leap:15.1CVE-2020-12672openSUSE Leap 15.1
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
ImportantCVE-2020-12672SUSE bug 1171271cpe:/o:opensuse:leap:15.1CVE-2020-12673openSUSE Leap 15.1
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
ImportantCVE-2020-12673SUSE bug 1174920SUSE bug 1174922cpe:/o:opensuse:leap:15.1CVE-2020-12674openSUSE Leap 15.1
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
ImportantCVE-2020-12674SUSE bug 1174920SUSE bug 1174923cpe:/o:opensuse:leap:15.1CVE-2020-12693openSUSE Leap 15.1
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
ModerateCVE-2020-12693SUSE bug 1172004SUSE bug 1173804cpe:/o:opensuse:leap:15.1CVE-2020-12695openSUSE Leap 15.1
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
ImportantCVE-2020-12695SUSE bug 1172700SUSE bug 1179447cpe:/o:opensuse:leap:15.1CVE-2020-12723openSUSE Leap 15.1
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
ModerateCVE-2020-12723SUSE bug 1171866cpe:/o:opensuse:leap:15.1CVE-2020-12767openSUSE Leap 15.1
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
ModerateCVE-2020-12767SUSE bug 1171475cpe:/o:opensuse:leap:15.1CVE-2020-12769openSUSE Leap 15.1
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
ModerateCVE-2020-12769SUSE bug 1171983cpe:/o:opensuse:leap:15.1CVE-2020-12771openSUSE Leap 15.1
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
ModerateCVE-2020-12771SUSE bug 1171732cpe:/o:opensuse:leap:15.1CVE-2020-12801openSUSE Leap 15.1
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.
ModerateCVE-2020-12801SUSE bug 1171997cpe:/o:opensuse:leap:15.1CVE-2020-12802openSUSE Leap 15.1
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
LowCVE-2020-12802SUSE bug 1172796cpe:/o:opensuse:leap:15.1CVE-2020-12803openSUSE Leap 15.1
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
ModerateCVE-2020-12803SUSE bug 1172795cpe:/o:opensuse:leap:15.1CVE-2020-12823openSUSE Leap 15.1
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
ModerateCVE-2020-12823SUSE bug 1171862cpe:/o:opensuse:leap:15.1CVE-2020-12861openSUSE Leap 15.1
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
ModerateCVE-2020-12861SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12862openSUSE Leap 15.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
ModerateCVE-2020-12862SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12863openSUSE Leap 15.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
ModerateCVE-2020-12863SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12864openSUSE Leap 15.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
ModerateCVE-2020-12864SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12865openSUSE Leap 15.1
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
ModerateCVE-2020-12865SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12866openSUSE Leap 15.1
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
ModerateCVE-2020-12866SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12867openSUSE Leap 15.1
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
ModerateCVE-2020-12867SUSE bug 1172524cpe:/o:opensuse:leap:15.1CVE-2020-12888openSUSE Leap 15.1
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
ModerateCVE-2020-12888SUSE bug 1171868SUSE bug 1176979SUSE bug 1179612cpe:/o:opensuse:leap:15.1CVE-2020-13112openSUSE Leap 15.1
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
CriticalCVE-2020-13112SUSE bug 1172116cpe:/o:opensuse:leap:15.1CVE-2020-13113openSUSE Leap 15.1
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
ImportantCVE-2020-13113SUSE bug 1172105cpe:/o:opensuse:leap:15.1CVE-2020-13114openSUSE Leap 15.1
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
ModerateCVE-2020-13114SUSE bug 1172121cpe:/o:opensuse:leap:15.1CVE-2020-13143openSUSE Leap 15.1
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
ModerateCVE-2020-13143SUSE bug 1171982cpe:/o:opensuse:leap:15.1CVE-2020-13164openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
ModerateCVE-2020-13164SUSE bug 1171899cpe:/o:opensuse:leap:15.1CVE-2020-13249openSUSE Leap 15.1
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.
ModerateCVE-2020-13249cpe:/o:opensuse:leap:15.1CVE-2020-13396openSUSE Leap 15.1
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
ModerateCVE-2020-13396SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-13397openSUSE Leap 15.1
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
ModerateCVE-2020-13397SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-13398openSUSE Leap 15.1
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
ModerateCVE-2020-13398SUSE bug 1171441cpe:/o:opensuse:leap:15.1CVE-2020-13401openSUSE Leap 15.1
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
ModerateCVE-2020-13401SUSE bug 1172375SUSE bug 1172377cpe:/o:opensuse:leap:15.1CVE-2020-13428openSUSE Leap 15.1
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
ModerateCVE-2020-13428SUSE bug 1172727cpe:/o:opensuse:leap:15.1CVE-2020-13543openSUSE Leap 15.1
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.
ImportantCVE-2020-13543SUSE bug 1179451cpe:/o:opensuse:leap:15.1CVE-2020-13584openSUSE Leap 15.1
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.
ImportantCVE-2020-13584SUSE bug 1179122SUSE bug 1179910SUSE bug 1179911SUSE bug 1179912cpe:/o:opensuse:leap:15.1CVE-2020-13614openSUSE Leap 15.1
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
ModerateCVE-2020-13614SUSE bug 1172159cpe:/o:opensuse:leap:15.1CVE-2020-13625openSUSE Leap 15.1
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
ImportantCVE-2020-13625SUSE bug 1173090cpe:/o:opensuse:leap:15.1CVE-2020-13696openSUSE Leap 15.1
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.
ModerateCVE-2020-13696SUSE bug 1171655cpe:/o:opensuse:leap:15.1CVE-2020-13753openSUSE Leap 15.1
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.
ModerateCVE-2020-13753SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-13777openSUSE Leap 15.1
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
ImportantCVE-2020-13777SUSE bug 1172461SUSE bug 1172506cpe:/o:opensuse:leap:15.1CVE-2020-13790openSUSE Leap 15.1
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
ModerateCVE-2020-13790SUSE bug 1172491cpe:/o:opensuse:leap:15.1CVE-2020-13817openSUSE Leap 15.1
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
ModerateCVE-2020-13817SUSE bug 1172651cpe:/o:opensuse:leap:15.1CVE-2020-13844openSUSE Leap 15.1
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
ModerateCVE-2020-13844SUSE bug 1172798cpe:/o:opensuse:leap:15.1CVE-2020-13845openSUSE Leap 15.1
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptor(s) in the SIF file, rather than to a cryptographically validated signature.
ModerateCVE-2020-13845SUSE bug 1174150cpe:/o:opensuse:leap:15.1CVE-2020-13846openSUSE Leap 15.1
Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code.
ModerateCVE-2020-13846SUSE bug 1174148cpe:/o:opensuse:leap:15.1CVE-2020-13847openSUSE Leap 15.1
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity's sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file.
ModerateCVE-2020-13847SUSE bug 1174152cpe:/o:opensuse:leap:15.1CVE-2020-13848openSUSE Leap 15.1
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
ModerateCVE-2020-13848SUSE bug 1172625cpe:/o:opensuse:leap:15.1CVE-2020-13867openSUSE Leap 15.1
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
ModerateCVE-2020-13867SUSE bug 1172743cpe:/o:opensuse:leap:15.1CVE-2020-13934openSUSE Leap 15.1
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
ModerateCVE-2020-13934SUSE bug 1174121cpe:/o:opensuse:leap:15.1CVE-2020-13935openSUSE Leap 15.1
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
ImportantCVE-2020-13935SUSE bug 1174117cpe:/o:opensuse:leap:15.1CVE-2020-13943openSUSE Leap 15.1
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.
ModerateCVE-2020-13943SUSE bug 1177582cpe:/o:opensuse:leap:15.1CVE-2020-13974openSUSE Leap 15.1
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.
ModerateCVE-2020-13974SUSE bug 1172775cpe:/o:opensuse:leap:15.1CVE-2020-14004openSUSE Leap 15.1
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user.
ModerateCVE-2020-14004SUSE bug 1172171cpe:/o:opensuse:leap:15.1CVE-2020-14039openSUSE Leap 15.1
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.
ModerateCVE-2020-14039SUSE bug 1174191cpe:/o:opensuse:leap:15.1CVE-2020-14059openSUSE Leap 15.1
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
ModerateCVE-2020-14059SUSE bug 1173303SUSE bug 1173304cpe:/o:opensuse:leap:15.1CVE-2020-14093openSUSE Leap 15.1
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.
ImportantCVE-2020-14093SUSE bug 1172906SUSE bug 1172935cpe:/o:opensuse:leap:15.1CVE-2020-14145openSUSE Leap 15.1
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
ModerateCVE-2020-14145SUSE bug 1173513SUSE bug 1177569SUSE bug 1189078cpe:/o:opensuse:leap:15.1CVE-2020-14147openSUSE Leap 15.1
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.
ImportantCVE-2020-14147SUSE bug 1173018cpe:/o:opensuse:leap:15.1CVE-2020-14149openSUSE Leap 15.1
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.
ModerateCVE-2020-14149SUSE bug 1172959cpe:/o:opensuse:leap:15.1CVE-2020-14154openSUSE Leap 15.1
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
ImportantCVE-2020-14154SUSE bug 1172906SUSE bug 1172935cpe:/o:opensuse:leap:15.1CVE-2020-14196openSUSE Leap 15.1
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
ModerateCVE-2020-14196SUSE bug 1173302cpe:/o:opensuse:leap:15.1CVE-2020-14295openSUSE Leap 15.1
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
ImportantCVE-2020-14295SUSE bug 1173090cpe:/o:opensuse:leap:15.1CVE-2020-14303openSUSE Leap 15.1
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
ImportantCVE-2020-14303SUSE bug 1173359cpe:/o:opensuse:leap:15.1CVE-2020-14308openSUSE Leap 15.1
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.
ModerateCVE-2020-14308SUSE bug 1168994SUSE bug 1173812cpe:/o:opensuse:leap:15.1CVE-2020-14309openSUSE Leap 15.1
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
ModerateCVE-2020-14309SUSE bug 1168994SUSE bug 1173812cpe:/o:opensuse:leap:15.1CVE-2020-14310openSUSE Leap 15.1
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.
ModerateCVE-2020-14310SUSE bug 1168994SUSE bug 1173812cpe:/o:opensuse:leap:15.1CVE-2020-14311openSUSE Leap 15.1
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.
ModerateCVE-2020-14311SUSE bug 1168994SUSE bug 1173812cpe:/o:opensuse:leap:15.1CVE-2020-14314openSUSE Leap 15.1
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.
ModerateCVE-2020-14314SUSE bug 1173798cpe:/o:opensuse:leap:15.1CVE-2020-14318openSUSE Leap 15.1
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
ModerateCVE-2020-14318SUSE bug 1173902cpe:/o:opensuse:leap:15.1CVE-2020-14323openSUSE Leap 15.1
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
ModerateCVE-2020-14323SUSE bug 1173994cpe:/o:opensuse:leap:15.1CVE-2020-14331openSUSE Leap 15.1
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14331SUSE bug 1174205SUSE bug 1174247cpe:/o:opensuse:leap:15.1CVE-2020-14342openSUSE Leap 15.1
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges.
ModerateCVE-2020-14342SUSE bug 1174477cpe:/o:opensuse:leap:15.1CVE-2020-14344openSUSE Leap 15.1
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.
ModerateCVE-2020-14344SUSE bug 1174628SUSE bug 1174638SUSE bug 1175880cpe:/o:opensuse:leap:15.1CVE-2020-14345openSUSE Leap 15.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14345SUSE bug 1174635SUSE bug 1174638SUSE bug 1174908SUSE bug 1174910SUSE bug 1174913SUSE bug 1177596SUSE bug 1181067cpe:/o:opensuse:leap:15.1CVE-2020-14346openSUSE Leap 15.1
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14346SUSE bug 1174635SUSE bug 1174638SUSE bug 1174910SUSE bug 1174913cpe:/o:opensuse:leap:15.1CVE-2020-14347openSUSE Leap 15.1
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
ModerateCVE-2020-14347SUSE bug 1174633cpe:/o:opensuse:leap:15.1CVE-2020-14349openSUSE Leap 15.1
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.
ImportantCVE-2020-14349SUSE bug 1175193SUSE bug 1176151SUSE bug 1179499SUSE bug 1179870cpe:/o:opensuse:leap:15.1CVE-2020-14350openSUSE Leap 15.1
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.
ImportantCVE-2020-14350SUSE bug 1175194SUSE bug 1176151SUSE bug 1179115SUSE bug 1179499SUSE bug 1179870cpe:/o:opensuse:leap:15.1CVE-2020-14351openSUSE Leap 15.1
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ModerateCVE-2020-14351SUSE bug 1177086cpe:/o:opensuse:leap:15.1CVE-2020-14356openSUSE Leap 15.1
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
ModerateCVE-2020-14356SUSE bug 1175213SUSE bug 1176392cpe:/o:opensuse:leap:15.1CVE-2020-14360openSUSE Leap 15.1
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14360SUSE bug 1174908SUSE bug 1177596cpe:/o:opensuse:leap:15.1CVE-2020-14361openSUSE Leap 15.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14361SUSE bug 1174635SUSE bug 1174638SUSE bug 1174910SUSE bug 1174913cpe:/o:opensuse:leap:15.1CVE-2020-14362openSUSE Leap 15.1
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-14362SUSE bug 1174635SUSE bug 1174638SUSE bug 1174910SUSE bug 1174913cpe:/o:opensuse:leap:15.1CVE-2020-14363openSUSE Leap 15.1
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.
ImportantCVE-2020-14363SUSE bug 1175239cpe:/o:opensuse:leap:15.1CVE-2020-14370openSUSE Leap 15.1
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
ModerateCVE-2020-14370SUSE bug 1176804cpe:/o:opensuse:leap:15.1CVE-2020-14374openSUSE Leap 15.1
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CriticalCVE-2020-14374SUSE bug 1176590cpe:/o:opensuse:leap:15.1CVE-2020-14375openSUSE Leap 15.1
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CriticalCVE-2020-14375SUSE bug 1176590cpe:/o:opensuse:leap:15.1CVE-2020-14376openSUSE Leap 15.1
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CriticalCVE-2020-14376SUSE bug 1176590cpe:/o:opensuse:leap:15.1CVE-2020-14377openSUSE Leap 15.1
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attacker in a virtual machine to read significant amounts of host memory. The highest threat from this vulnerability is to data confidentiality and system availability.
CriticalCVE-2020-14377SUSE bug 1176590cpe:/o:opensuse:leap:15.1CVE-2020-14378openSUSE Leap 15.1
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period.
CriticalCVE-2020-14378SUSE bug 1176590cpe:/o:opensuse:leap:15.1CVE-2020-14381openSUSE Leap 15.1
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
ImportantCVE-2020-14381SUSE bug 1176011SUSE bug 1176012cpe:/o:opensuse:leap:15.1CVE-2020-14383openSUSE Leap 15.1
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.
ModerateCVE-2020-14383SUSE bug 1177613cpe:/o:opensuse:leap:15.1CVE-2020-14386openSUSE Leap 15.1
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
ImportantCVE-2020-14386SUSE bug 1176069SUSE bug 1176072cpe:/o:opensuse:leap:15.1CVE-2020-14390openSUSE Leap 15.1
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
ImportantCVE-2020-14390SUSE bug 1176235SUSE bug 1176253SUSE bug 1176278cpe:/o:opensuse:leap:15.1CVE-2020-14392openSUSE Leap 15.1
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
ImportantCVE-2020-14392SUSE bug 1176412cpe:/o:opensuse:leap:15.1CVE-2020-14393openSUSE Leap 15.1
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
ImportantCVE-2020-14393SUSE bug 1176409cpe:/o:opensuse:leap:15.1CVE-2020-14397openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
ModerateCVE-2020-14397SUSE bug 1173477SUSE bug 1173700cpe:/o:opensuse:leap:15.1CVE-2020-14398openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
ModerateCVE-2020-14398SUSE bug 1173477SUSE bug 1173880cpe:/o:opensuse:leap:15.1CVE-2020-14399openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed."
ModerateCVE-2020-14399SUSE bug 1173477SUSE bug 1173743cpe:/o:opensuse:leap:15.1CVE-2020-14400openSUSE Leap 15.1
** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary.
ModerateCVE-2020-14400SUSE bug 1173477SUSE bug 1173691cpe:/o:opensuse:leap:15.1CVE-2020-14401openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
ModerateCVE-2020-14401SUSE bug 1173477SUSE bug 1173694cpe:/o:opensuse:leap:15.1CVE-2020-14402openSUSE Leap 15.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
ModerateCVE-2020-14402SUSE bug 1173477SUSE bug 1173701cpe:/o:opensuse:leap:15.1CVE-2020-14416openSUSE Leap 15.1
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.
ModerateCVE-2020-14416SUSE bug 1162002cpe:/o:opensuse:leap:15.1CVE-2020-14422openSUSE Leap 15.1
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.
ImportantCVE-2020-14422SUSE bug 1173274cpe:/o:opensuse:leap:15.1CVE-2020-14556openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-14556SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14562openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-14562SUSE bug 1174157cpe:/o:opensuse:leap:15.1CVE-2020-14573openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-14573SUSE bug 1174157cpe:/o:opensuse:leap:15.1CVE-2020-14577openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2020-14577SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14578openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-14578SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14579openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-14579SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14581openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2020-14581SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14583openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2020-14583SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14593openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N).
ModerateCVE-2020-14593SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14621openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-14621SUSE bug 1174157SUSE bug 1175259cpe:/o:opensuse:leap:15.1CVE-2020-14628openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14628 is applicable to Windows VM only. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-14628SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14629openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14629SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14646openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14646SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14647openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14647SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14648openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14648SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14649openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14649SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14650openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14650SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14673openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14673SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14674openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14674SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14675openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14675SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14676openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14676SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14677openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14677SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14694openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14694SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14695openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14695SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14698openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14698SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14699openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14699SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14700openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14700SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14703openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14703SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14704openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-14704SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14707openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14707SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14711openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14711 is applicable to macOS host only. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
ModerateCVE-2020-14711SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14712openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.0 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N).
ModerateCVE-2020-14712SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14713openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ImportantCVE-2020-14713SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14714openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14714SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-14715openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14715SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-1472openSUSE Leap 15.1
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
CriticalCVE-2020-1472SUSE bug 1176579cpe:/o:opensuse:leap:15.1CVE-2020-14765openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14765SUSE bug 1178428cpe:/o:opensuse:leap:15.1CVE-2020-14776openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14776SUSE bug 1178428cpe:/o:opensuse:leap:15.1CVE-2020-14779openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-14779SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14781openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2020-14781SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14782openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-14782SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14789openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14789SUSE bug 1178428cpe:/o:opensuse:leap:15.1CVE-2020-14792openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
ModerateCVE-2020-14792SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14796openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
ModerateCVE-2020-14796SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14797openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-14797SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14798openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
ModerateCVE-2020-14798SUSE bug 1177943SUSE bug 1180063cpe:/o:opensuse:leap:15.1CVE-2020-14803openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2020-14803SUSE bug 1177943SUSE bug 1181239SUSE bug 1182186cpe:/o:opensuse:leap:15.1CVE-2020-14812openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-14812SUSE bug 1178428cpe:/o:opensuse:leap:15.1CVE-2020-14954openSUSE Leap 15.1
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
ImportantCVE-2020-14954SUSE bug 1173197cpe:/o:opensuse:leap:15.1CVE-2020-14983openSUSE Leap 15.1
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.
ImportantCVE-2020-14983SUSE bug 1173595cpe:/o:opensuse:leap:15.1CVE-2020-15025openSUSE Leap 15.1
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
ModerateCVE-2020-15025SUSE bug 1173334cpe:/o:opensuse:leap:15.1CVE-2020-15049openSUSE Leap 15.1
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
ImportantCVE-2020-15049SUSE bug 1173455SUSE bug 1174381cpe:/o:opensuse:leap:15.1CVE-2020-15095openSUSE Leap 15.1
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files.
ModerateCVE-2020-15095SUSE bug 1173937cpe:/o:opensuse:leap:15.1CVE-2020-15103openSUSE Leap 15.1
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto
ImportantCVE-2020-15103SUSE bug 1174321cpe:/o:opensuse:leap:15.1CVE-2020-15166openSUSE Leap 15.1
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete successfully, and messages are delivered to the library, but the server application never receives them. This is patched in version 4.3.3.
ModerateCVE-2020-15166SUSE bug 1176116cpe:/o:opensuse:leap:15.1CVE-2020-15169openSUSE Leap 15.1
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.
ImportantCVE-2020-15169SUSE bug 1176421cpe:/o:opensuse:leap:15.1CVE-2020-15180openSUSE Leap 15.1
A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
CriticalCVE-2020-15180SUSE bug 1177472cpe:/o:opensuse:leap:15.1CVE-2020-15229openSUSE Leap 15.1
Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem during the extraction with a crafted squashfs filesystem. The extraction occurs automatically for unprivileged (either installation or with `allow setuid = no`) run of Singularity when a user attempt to run an image which is a local SIF image or a single file containing a squashfs filesystem and is coming from remote sources `library://` or `shub://`. Image build is also impacted in a more serious way as it can be used by a root user, allowing an attacker to overwrite/create files leading to a system compromise, so far bootstrap methods `library`, `shub` and `localimage` are triggering the squashfs extraction. This issue is addressed in Singularity 3.6.4. All users are advised to upgrade to 3.6.4 especially if they use Singularity mainly for building image as root user. There is no solid workaround except to temporary avoid to use unprivileged mode with single file images in favor of sandbox images instead. Regarding image build, temporary avoid to build from `library` and `shub` sources and as much as possible use `--fakeroot` or a VM for that.
ModerateCVE-2020-15229SUSE bug 1177901cpe:/o:opensuse:leap:15.1CVE-2020-15304openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.
ModerateCVE-2020-15304SUSE bug 1173466cpe:/o:opensuse:leap:15.1CVE-2020-15305openSUSE Leap 15.1
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
LowCVE-2020-15305SUSE bug 1173467cpe:/o:opensuse:leap:15.1CVE-2020-15306openSUSE Leap 15.1
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
LowCVE-2020-15306SUSE bug 1173469cpe:/o:opensuse:leap:15.1CVE-2020-15393openSUSE Leap 15.1
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
ModerateCVE-2020-15393SUSE bug 1173514cpe:/o:opensuse:leap:15.1CVE-2020-15396openSUSE Leap 15.1
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
ImportantCVE-2020-15396SUSE bug 1173521cpe:/o:opensuse:leap:15.1CVE-2020-15397openSUSE Leap 15.1
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).
ImportantCVE-2020-15397SUSE bug 1173519cpe:/o:opensuse:leap:15.1CVE-2020-15436openSUSE Leap 15.1
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
ModerateCVE-2020-15436SUSE bug 1179141cpe:/o:opensuse:leap:15.1CVE-2020-15437openSUSE Leap 15.1
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.
ModerateCVE-2020-15437SUSE bug 1179140cpe:/o:opensuse:leap:15.1CVE-2020-15466openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
LowCVE-2020-15466SUSE bug 1173606cpe:/o:opensuse:leap:15.1CVE-2020-15503openSUSE Leap 15.1
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.
ModerateCVE-2020-15503SUSE bug 1173674cpe:/o:opensuse:leap:15.1CVE-2020-15562openSUSE Leap 15.1
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.
ModerateCVE-2020-15562SUSE bug 1173792SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2020-15563openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest's video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability.
ModerateCVE-2020-15563SUSE bug 1173377cpe:/o:opensuse:leap:15.1CVE-2020-15565openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.
ImportantCVE-2020-15565SUSE bug 1173378cpe:/o:opensuse:leap:15.1CVE-2020-15566openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory allocation failed, or (3) the port we try to allocate is higher than what is supported by the ABI (e.g., 2L or FIFO) used by the guest or the limit set by an administrator (max_event_channels in xl cfg). Due to the missing error checks, only (1) will be considered an error. All the other cases will provide a valid port and will result in a crash when trying to access the event channel. When the administrator configured a guest to allow more than 1023 event channels, that guest may be able to crash the host. When Xen is out-of-memory, allocation of new event channels will result in crashing the host rather than reporting an error. Xen versions 4.10 and later are affected. All architectures are affected. The default configuration, when guests are created with xl/libxl, is not vulnerable, because of the default event-channel limit.
ModerateCVE-2020-15566SUSE bug 1173376cpe:/o:opensuse:leap:15.1CVE-2020-15567openSUSE Leap 15.1
An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable.
ModerateCVE-2020-15567SUSE bug 1173380SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-15572openSUSE Leap 15.1
Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.
ModerateCVE-2020-15572SUSE bug 1173979cpe:/o:opensuse:leap:15.1CVE-2020-15586openSUSE Leap 15.1
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
ImportantCVE-2020-15586SUSE bug 1174153cpe:/o:opensuse:leap:15.1CVE-2020-15652openSUSE Leap 15.1
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
ImportantCVE-2020-15652SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15653openSUSE Leap 15.1
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15653SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15654openSUSE Leap 15.1
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15654SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15655openSUSE Leap 15.1
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15655SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15656openSUSE Leap 15.1
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15656SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15657openSUSE Leap 15.1
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15657SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15658openSUSE Leap 15.1
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
ImportantCVE-2020-15658SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15659openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
ImportantCVE-2020-15659SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-15663openSUSE Leap 15.1
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, and Firefox ESR < 78.2.
ImportantCVE-2020-15663SUSE bug 1175686cpe:/o:opensuse:leap:15.1CVE-2020-15664openSUSE Leap 15.1
By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, Firefox ESR < 78.2, and Firefox for Android < 80.
ImportantCVE-2020-15664SUSE bug 1175686cpe:/o:opensuse:leap:15.1CVE-2020-15669openSUSE Leap 15.1
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.12 and Thunderbird < 68.12.
ImportantCVE-2020-15669SUSE bug 1175686cpe:/o:opensuse:leap:15.1CVE-2020-15670openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.
ImportantCVE-2020-15670SUSE bug 1175686cpe:/o:opensuse:leap:15.1CVE-2020-15673openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
ImportantCVE-2020-15673SUSE bug 1176756SUSE bug 1176899cpe:/o:opensuse:leap:15.1CVE-2020-15676openSUSE Leap 15.1
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
ImportantCVE-2020-15676SUSE bug 1176756SUSE bug 1176899cpe:/o:opensuse:leap:15.1CVE-2020-15677openSUSE Leap 15.1
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
ImportantCVE-2020-15677SUSE bug 1176756SUSE bug 1176899cpe:/o:opensuse:leap:15.1CVE-2020-15678openSUSE Leap 15.1
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
ImportantCVE-2020-15678SUSE bug 1176756SUSE bug 1176899cpe:/o:opensuse:leap:15.1CVE-2020-15683openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4.
ImportantCVE-2020-15683SUSE bug 1177872SUSE bug 1177977cpe:/o:opensuse:leap:15.1CVE-2020-15685openSUSE Leap 15.1
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
ImportantCVE-2020-15685SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2020-15705openSUSE Leap 15.1
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
ImportantCVE-2020-15705SUSE bug 1174421SUSE bug 1182890cpe:/o:opensuse:leap:15.1CVE-2020-15706openSUSE Leap 15.1
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
ModerateCVE-2020-15706SUSE bug 1174463cpe:/o:opensuse:leap:15.1CVE-2020-15707openSUSE Leap 15.1
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
ImportantCVE-2020-15707SUSE bug 1174570cpe:/o:opensuse:leap:15.1CVE-2020-15708openSUSE Leap 15.1
Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.
ImportantCVE-2020-15708SUSE bug 1174955cpe:/o:opensuse:leap:15.1CVE-2020-15719openSUSE Leap 15.1
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.
ModerateCVE-2020-15719SUSE bug 1174154cpe:/o:opensuse:leap:15.1CVE-2020-15780openSUSE Leap 15.1
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
ImportantCVE-2020-15780SUSE bug 1173573SUSE bug 1174186cpe:/o:opensuse:leap:15.1CVE-2020-15803openSUSE Leap 15.1
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
ModerateCVE-2020-15803SUSE bug 1174253cpe:/o:opensuse:leap:15.1CVE-2020-15810openSUSE Leap 15.1
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
CriticalCVE-2020-15810SUSE bug 1175664cpe:/o:opensuse:leap:15.1CVE-2020-15811openSUSE Leap 15.1
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.
CriticalCVE-2020-15811SUSE bug 1175665cpe:/o:opensuse:leap:15.1CVE-2020-15900openSUSE Leap 15.1
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
ImportantCVE-2020-15900SUSE bug 1174415cpe:/o:opensuse:leap:15.1CVE-2020-15917openSUSE Leap 15.1
common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.
ImportantCVE-2020-15917SUSE bug 1174457cpe:/o:opensuse:leap:15.1CVE-2020-15959openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
ModerateCVE-2020-15959SUSE bug 1176306cpe:/o:opensuse:leap:15.1CVE-2020-15960openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ModerateCVE-2020-15960SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15961openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2020-15961SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15962openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ModerateCVE-2020-15962SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15963openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2020-15963SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15964openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-15964SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15965openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ModerateCVE-2020-15965SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15966openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
ModerateCVE-2020-15966SUSE bug 1176791SUSE bug 1176799cpe:/o:opensuse:leap:15.1CVE-2020-15967openSUSE Leap 15.1
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-15967SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15968openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15968SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15969openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15969SUSE bug 1177408SUSE bug 1177872SUSE bug 1177977cpe:/o:opensuse:leap:15.1CVE-2020-15970openSUSE Leap 15.1
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-15970SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15971openSUSE Leap 15.1
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-15971SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15972openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15972SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15973openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
ModerateCVE-2020-15973SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15974openSUSE Leap 15.1
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
ImportantCVE-2020-15974SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15975openSUSE Leap 15.1
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15975SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15976openSUSE Leap 15.1
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15976SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15977openSUSE Leap 15.1
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
ModerateCVE-2020-15977SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15978openSUSE Leap 15.1
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-15978SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15979openSUSE Leap 15.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-15979SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15980openSUSE Leap 15.1
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
ModerateCVE-2020-15980SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15981openSUSE Leap 15.1
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2020-15981SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15982openSUSE Leap 15.1
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ModerateCVE-2020-15982SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15983openSUSE Leap 15.1
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2020-15983SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15984openSUSE Leap 15.1
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
ModerateCVE-2020-15984SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15985openSUSE Leap 15.1
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2020-15985SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15986openSUSE Leap 15.1
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-15986SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15987openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
ModerateCVE-2020-15987SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15988openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
ModerateCVE-2020-15988SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15989openSUSE Leap 15.1
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
ModerateCVE-2020-15989SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15990openSUSE Leap 15.1
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-15990SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15991openSUSE Leap 15.1
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-15991SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15992openSUSE Leap 15.1
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
ModerateCVE-2020-15992SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-15995openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-15995SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2020-15999openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-15999SUSE bug 1177914SUSE bug 1177936SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-16000openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16000SUSE bug 1177936cpe:/o:opensuse:leap:15.1CVE-2020-16001openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-16001SUSE bug 1177936cpe:/o:opensuse:leap:15.1CVE-2020-16002openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2020-16002SUSE bug 1177936cpe:/o:opensuse:leap:15.1CVE-2020-16003openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16003SUSE bug 1177936cpe:/o:opensuse:leap:15.1CVE-2020-16004openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16004SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16005openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16005SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16006openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16006SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16007openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
ModerateCVE-2020-16007SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16008openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
ModerateCVE-2020-16008SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16009openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16009SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16011openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16011SUSE bug 1178375cpe:/o:opensuse:leap:15.1CVE-2020-16012openSUSE Leap 15.1
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-16012SUSE bug 1178824SUSE bug 1178894SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16013openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16013SUSE bug 1178703cpe:/o:opensuse:leap:15.1CVE-2020-16014openSUSE Leap 15.1
Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16014SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16015openSUSE Leap 15.1
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16015SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16016openSUSE Leap 15.1
Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16016SUSE bug 1178630cpe:/o:opensuse:leap:15.1CVE-2020-16017openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16017SUSE bug 1178703cpe:/o:opensuse:leap:15.1CVE-2020-16018openSUSE Leap 15.1
Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16018SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16019openSUSE Leap 15.1
Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
ModerateCVE-2020-16019SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16020openSUSE Leap 15.1
Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.
ModerateCVE-2020-16020SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16021openSUSE Leap 15.1
Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to perform OS-level privilege escalation via a malicious file.
ModerateCVE-2020-16021SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16022openSUSE Leap 15.1
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.
ModerateCVE-2020-16022SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16023openSUSE Leap 15.1
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16023SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16024openSUSE Leap 15.1
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16024SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16025openSUSE Leap 15.1
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-16025SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16026openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16026SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16027openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
ModerateCVE-2020-16027SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16028openSUSE Leap 15.1
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-16028SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16029openSUSE Leap 15.1
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
ModerateCVE-2020-16029SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16030openSUSE Leap 15.1
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
ModerateCVE-2020-16030SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16031openSUSE Leap 15.1
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2020-16031SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16032openSUSE Leap 15.1
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2020-16032SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16033openSUSE Leap 15.1
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2020-16033SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16034openSUSE Leap 15.1
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
ModerateCVE-2020-16034SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16035openSUSE Leap 15.1
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
ModerateCVE-2020-16035SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16036openSUSE Leap 15.1
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.
ModerateCVE-2020-16036SUSE bug 1178923cpe:/o:opensuse:leap:15.1CVE-2020-16037openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-16037SUSE bug 1179576cpe:/o:opensuse:leap:15.1CVE-2020-16038openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-16038SUSE bug 1179576cpe:/o:opensuse:leap:15.1CVE-2020-16039openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-16039SUSE bug 1179576cpe:/o:opensuse:leap:15.1CVE-2020-16040openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-16040SUSE bug 1179576cpe:/o:opensuse:leap:15.1CVE-2020-16041openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-16041SUSE bug 1179576cpe:/o:opensuse:leap:15.1CVE-2020-16042openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-16042SUSE bug 1179576SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-16043openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
ModerateCVE-2020-16043SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2020-16044openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
ImportantCVE-2020-16044SUSE bug 1180623SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2020-16116openSUSE Leap 15.1
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
ModerateCVE-2020-16116SUSE bug 1174773cpe:/o:opensuse:leap:15.1CVE-2020-16118openSUSE Leap 15.1
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c.
ModerateCVE-2020-16118SUSE bug 1174711cpe:/o:opensuse:leap:15.1CVE-2020-16120openSUSE Leap 15.1
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
ModerateCVE-2020-16120SUSE bug 1177470cpe:/o:opensuse:leap:15.1CVE-2020-16121openSUSE Leap 15.1
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
LowCVE-2020-16121SUSE bug 1176930cpe:/o:opensuse:leap:15.1CVE-2020-16125openSUSE Leap 15.1
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
ImportantCVE-2020-16125SUSE bug 1140851SUSE bug 1178150cpe:/o:opensuse:leap:15.1CVE-2020-16145openSUSE Leap 15.1
Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.
ModerateCVE-2020-16145SUSE bug 1175135cpe:/o:opensuse:leap:15.1CVE-2020-16166openSUSE Leap 15.1
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
ModerateCVE-2020-16166SUSE bug 1174757cpe:/o:opensuse:leap:15.1CVE-2020-16587openSUSE Leap 15.1
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.
ModerateCVE-2020-16587SUSE bug 1179879SUSE bug 1180108SUSE bug 1180109cpe:/o:opensuse:leap:15.1CVE-2020-16588openSUSE Leap 15.1
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
ModerateCVE-2020-16588SUSE bug 1179879SUSE bug 1180108cpe:/o:opensuse:leap:15.1CVE-2020-16589openSUSE Leap 15.1
A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.
ModerateCVE-2020-16589SUSE bug 1179879SUSE bug 1180109cpe:/o:opensuse:leap:15.1CVE-2020-16845openSUSE Leap 15.1
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
ModerateCVE-2020-16845SUSE bug 1174977cpe:/o:opensuse:leap:15.1CVE-2020-16846openSUSE Leap 15.1
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
CriticalCVE-2020-16846SUSE bug 1178361cpe:/o:opensuse:leap:15.1CVE-2020-1699openSUSE Leap 15.1
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard.
ModerateCVE-2020-1699SUSE bug 1161074cpe:/o:opensuse:leap:15.1CVE-2020-1700openSUSE Leap 15.1
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system.
ModerateCVE-2020-1700SUSE bug 1161312cpe:/o:opensuse:leap:15.1CVE-2020-1711openSUSE Leap 15.1
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.
ImportantCVE-2020-1711SUSE bug 1166240cpe:/o:opensuse:leap:15.1CVE-2020-1712openSUSE Leap 15.1
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.
ImportantCVE-2020-1712SUSE bug 1162108cpe:/o:opensuse:leap:15.1CVE-2020-1720openSUSE Leap 15.1
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.
ModerateCVE-2020-1720SUSE bug 1163985cpe:/o:opensuse:leap:15.1CVE-2020-1726openSUSE Leap 15.1
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
ModerateCVE-2020-1726SUSE bug 1164090cpe:/o:opensuse:leap:15.1CVE-2020-1730openSUSE Leap 15.1
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
ModerateCVE-2020-1730SUSE bug 1168699cpe:/o:opensuse:leap:15.1CVE-2020-1747openSUSE Leap 15.1
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.
ImportantCVE-2020-1747SUSE bug 1165439SUSE bug 1174514cpe:/o:opensuse:leap:15.1CVE-2020-17482openSUSE Leap 15.1
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.
ModerateCVE-2020-17482SUSE bug 1176535cpe:/o:opensuse:leap:15.1CVE-2020-1749openSUSE Leap 15.1
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
ImportantCVE-2020-1749SUSE bug 1165629SUSE bug 1165631SUSE bug 1177511SUSE bug 1177513cpe:/o:opensuse:leap:15.1CVE-2020-17490openSUSE Leap 15.1
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
ModerateCVE-2020-17490SUSE bug 1178362cpe:/o:opensuse:leap:15.1CVE-2020-17498openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
ImportantCVE-2020-17498SUSE bug 1175204cpe:/o:opensuse:leap:15.1CVE-2020-17507openSUSE Leap 15.1
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
ImportantCVE-2020-17507SUSE bug 1176315cpe:/o:opensuse:leap:15.1CVE-2020-1752openSUSE Leap 15.1
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
ImportantCVE-2020-1752SUSE bug 1167631cpe:/o:opensuse:leap:15.1CVE-2020-17527openSUSE Leap 15.1
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.
ImportantCVE-2020-17527SUSE bug 1179602SUSE bug 1180830cpe:/o:opensuse:leap:15.1CVE-2020-1759openSUSE Leap 15.1
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.
ModerateCVE-2020-1759SUSE bug 1166403cpe:/o:opensuse:leap:15.1CVE-2020-1760openSUSE Leap 15.1
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
ModerateCVE-2020-1760SUSE bug 1166484cpe:/o:opensuse:leap:15.1CVE-2020-1765openSUSE Leap 15.1
An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.
ModerateCVE-2020-1765cpe:/o:opensuse:leap:15.1CVE-2020-1766openSUSE Leap 15.1
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.
ModerateCVE-2020-1766cpe:/o:opensuse:leap:15.1CVE-2020-1769openSUSE Leap 15.1
In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
ModerateCVE-2020-1769SUSE bug 1168032cpe:/o:opensuse:leap:15.1CVE-2020-1770openSUSE Leap 15.1
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
ModerateCVE-2020-1770SUSE bug 1168031cpe:/o:opensuse:leap:15.1CVE-2020-1771openSUSE Leap 15.1
Attacker is able craft an article with a link to the customer address book with malicious content (JavaScript). When agent opens the link, JavaScript code is executed due to the missing parameter encoding. This issue affects: ((OTRS)) Community Edition: 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
LowCVE-2020-1771SUSE bug 1168030cpe:/o:opensuse:leap:15.1CVE-2020-1772openSUSE Leap 15.1
It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.
ModerateCVE-2020-1772SUSE bug 1168029cpe:/o:opensuse:leap:15.1CVE-2020-1773openSUSE Leap 15.1
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions.
ModerateCVE-2020-1773SUSE bug 1168028cpe:/o:opensuse:leap:15.1CVE-2020-1927openSUSE Leap 15.1
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
ModerateCVE-2020-1927SUSE bug 1145738SUSE bug 1168407cpe:/o:opensuse:leap:15.1CVE-2020-1930openSUSE Leap 15.1
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges.
ImportantCVE-2020-1930SUSE bug 1162197cpe:/o:opensuse:leap:15.1CVE-2020-1931openSUSE Leap 15.1
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places.
ImportantCVE-2020-1931SUSE bug 1162197SUSE bug 1162200cpe:/o:opensuse:leap:15.1CVE-2020-1934openSUSE Leap 15.1
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
ModerateCVE-2020-1934SUSE bug 1168404cpe:/o:opensuse:leap:15.1CVE-2020-1935openSUSE Leap 15.1
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
ModerateCVE-2020-1935SUSE bug 1164860cpe:/o:opensuse:leap:15.1CVE-2020-1938openSUSE Leap 15.1
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
ImportantCVE-2020-1938SUSE bug 1164692SUSE bug 1169066cpe:/o:opensuse:leap:15.1CVE-2020-19667openSUSE Leap 15.1
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
ModerateCVE-2020-19667SUSE bug 1179103cpe:/o:opensuse:leap:15.1CVE-2020-1967openSUSE Leap 15.1
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
ImportantCVE-2020-1967SUSE bug 1169407cpe:/o:opensuse:leap:15.1CVE-2020-1971openSUSE Leap 15.1
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).
ImportantCVE-2020-1971SUSE bug 1179491SUSE bug 1196179cpe:/o:opensuse:leap:15.1CVE-2020-1983openSUSE Leap 15.1
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
ImportantCVE-2020-1983SUSE bug 1170940cpe:/o:opensuse:leap:15.1CVE-2020-24368openSUSE Leap 15.1
Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.
ModerateCVE-2020-24368SUSE bug 1175530cpe:/o:opensuse:leap:15.1CVE-2020-24386openSUSE Leap 15.1
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
ImportantCVE-2020-24386SUSE bug 1180405cpe:/o:opensuse:leap:15.1CVE-2020-24394openSUSE Leap 15.1
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.
ImportantCVE-2020-24394SUSE bug 1175518SUSE bug 1175992cpe:/o:opensuse:leap:15.1CVE-2020-24553openSUSE Leap 15.1
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
ModerateCVE-2020-24553SUSE bug 1176031cpe:/o:opensuse:leap:15.1CVE-2020-24606openSUSE Leap 15.1
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
ImportantCVE-2020-24606SUSE bug 1175671cpe:/o:opensuse:leap:15.1CVE-2020-24614openSUSE Leap 15.1
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
ModerateCVE-2020-24614SUSE bug 1175760cpe:/o:opensuse:leap:15.1CVE-2020-24654openSUSE Leap 15.1
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
ModerateCVE-2020-24654SUSE bug 1175857cpe:/o:opensuse:leap:15.1CVE-2020-24659openSUSE Leap 15.1
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.
ModerateCVE-2020-24659SUSE bug 1176181SUSE bug 1178057cpe:/o:opensuse:leap:15.1CVE-2020-24972openSUSE Leap 15.1
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
ModerateCVE-2020-24972SUSE bug 1177932cpe:/o:opensuse:leap:15.1CVE-2020-24977openSUSE Leap 15.1
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
ModerateCVE-2020-24977SUSE bug 1176179SUSE bug 1191860cpe:/o:opensuse:leap:15.1CVE-2020-25032openSUSE Leap 15.1
An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
ModerateCVE-2020-25032SUSE bug 1175986cpe:/o:opensuse:leap:15.1CVE-2020-25039openSUSE Leap 15.1
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
ModerateCVE-2020-25039SUSE bug 1176705SUSE bug 1176707cpe:/o:opensuse:leap:15.1CVE-2020-25040openSUSE Leap 15.1
Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.
ModerateCVE-2020-25040SUSE bug 1176707cpe:/o:opensuse:leap:15.1CVE-2020-25212openSUSE Leap 15.1
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.
ImportantCVE-2020-25212SUSE bug 1176381SUSE bug 1176382SUSE bug 1177027cpe:/o:opensuse:leap:15.1CVE-2020-25219openSUSE Leap 15.1
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
ImportantCVE-2020-25219SUSE bug 1176410cpe:/o:opensuse:leap:15.1CVE-2020-25275openSUSE Leap 15.1
Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.
ImportantCVE-2020-25275SUSE bug 1180406cpe:/o:opensuse:leap:15.1CVE-2020-25284openSUSE Leap 15.1
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
ModerateCVE-2020-25284SUSE bug 1176482cpe:/o:opensuse:leap:15.1CVE-2020-25285openSUSE Leap 15.1
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
ModerateCVE-2020-25285SUSE bug 1176485cpe:/o:opensuse:leap:15.1CVE-2020-25592openSUSE Leap 15.1
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
CriticalCVE-2020-25592SUSE bug 1178319cpe:/o:opensuse:leap:15.1CVE-2020-25637openSUSE Leap 15.1
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25637SUSE bug 1174955SUSE bug 1177155cpe:/o:opensuse:leap:15.1CVE-2020-25639openSUSE Leap 15.1
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.
ModerateCVE-2020-25639SUSE bug 1176846cpe:/o:opensuse:leap:15.1CVE-2020-25641openSUSE Leap 15.1
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
ModerateCVE-2020-25641SUSE bug 1177121cpe:/o:opensuse:leap:15.1CVE-2020-25643openSUSE Leap 15.1
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25643SUSE bug 1177206SUSE bug 1177226cpe:/o:opensuse:leap:15.1CVE-2020-25645openSUSE Leap 15.1
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
ImportantCVE-2020-25645SUSE bug 1177511SUSE bug 1177513cpe:/o:opensuse:leap:15.1CVE-2020-25654openSUSE Leap 15.1
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.
ImportantCVE-2020-25654SUSE bug 1173668SUSE bug 1177916SUSE bug 1196165cpe:/o:opensuse:leap:15.1CVE-2020-25656openSUSE Leap 15.1
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.
ModerateCVE-2020-25656SUSE bug 1177766cpe:/o:opensuse:leap:15.1CVE-2020-25660openSUSE Leap 15.1
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication except older clients that do not support the msgr2 protocol. The msgr1 protocol is not affected. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.
ImportantCVE-2020-25660SUSE bug 1177843cpe:/o:opensuse:leap:15.1CVE-2020-25664openSUSE Leap 15.1
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.
ImportantCVE-2020-25664SUSE bug 1179202SUSE bug 1179346cpe:/o:opensuse:leap:15.1CVE-2020-25665openSUSE Leap 15.1
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-25665SUSE bug 1179208cpe:/o:opensuse:leap:15.1CVE-2020-25666openSUSE Leap 15.1
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-25666SUSE bug 1179212cpe:/o:opensuse:leap:15.1CVE-2020-25668openSUSE Leap 15.1
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
ImportantCVE-2020-25668SUSE bug 1178123SUSE bug 1178622SUSE bug 1196914cpe:/o:opensuse:leap:15.1CVE-2020-25669openSUSE Leap 15.1
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
ModerateCVE-2020-25669SUSE bug 1178182cpe:/o:opensuse:leap:15.1CVE-2020-25674openSUSE Leap 15.1
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
ImportantCVE-2020-25674SUSE bug 1179223cpe:/o:opensuse:leap:15.1CVE-2020-25675openSUSE Leap 15.1
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-25675SUSE bug 1179240cpe:/o:opensuse:leap:15.1CVE-2020-25676openSUSE Leap 15.1
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-25676SUSE bug 1179244cpe:/o:opensuse:leap:15.1CVE-2020-25681openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25681SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25682openSUSE Leap 15.1
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25682SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25683openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
ImportantCVE-2020-25683SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25684openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query's attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
ImportantCVE-2020-25684SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25685openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
ImportantCVE-2020-25685SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25686openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
ImportantCVE-2020-25686SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25687openSUSE Leap 15.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
ImportantCVE-2020-25687SUSE bug 1177077cpe:/o:opensuse:leap:15.1CVE-2020-25690openSUSE Leap 15.1
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
ImportantCVE-2020-25690SUSE bug 1178308cpe:/o:opensuse:leap:15.1CVE-2020-25692openSUSE Leap 15.1
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
ImportantCVE-2020-25692SUSE bug 1178387cpe:/o:opensuse:leap:15.1CVE-2020-25694openSUSE Leap 15.1
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ModerateCVE-2020-25694SUSE bug 1178667SUSE bug 1179870cpe:/o:opensuse:leap:15.1CVE-2020-25695openSUSE Leap 15.1
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25695SUSE bug 1178666cpe:/o:opensuse:leap:15.1CVE-2020-25696openSUSE Leap 15.1
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25696SUSE bug 1178668SUSE bug 1179870cpe:/o:opensuse:leap:15.1CVE-2020-25704openSUSE Leap 15.1
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
ModerateCVE-2020-25704SUSE bug 1178393cpe:/o:opensuse:leap:15.1CVE-2020-25705openSUSE Leap 15.1
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version
ImportantCVE-2020-25705SUSE bug 1175721SUSE bug 1178782SUSE bug 1178783SUSE bug 1191790cpe:/o:opensuse:leap:15.1CVE-2020-25708openSUSE Leap 15.1
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
ModerateCVE-2020-25708SUSE bug 1178682cpe:/o:opensuse:leap:15.1CVE-2020-25709openSUSE Leap 15.1
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
ModerateCVE-2020-25709SUSE bug 1178909cpe:/o:opensuse:leap:15.1CVE-2020-25710openSUSE Leap 15.1
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
ModerateCVE-2020-25710SUSE bug 1178909cpe:/o:opensuse:leap:15.1CVE-2020-25712openSUSE Leap 15.1
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
ImportantCVE-2020-25712SUSE bug 1174908SUSE bug 1177596cpe:/o:opensuse:leap:15.1CVE-2020-2574openSUSE Leap 15.1
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-2574SUSE bug 1161085SUSE bug 1162388cpe:/o:opensuse:leap:15.1CVE-2020-25829openSUSE Leap 15.1
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process).
ModerateCVE-2020-25829SUSE bug 1177383cpe:/o:opensuse:leap:15.1CVE-2020-2583openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2583SUSE bug 1160968SUSE bug 1162972cpe:/o:opensuse:leap:15.1CVE-2020-25862openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
ModerateCVE-2020-25862SUSE bug 1176909cpe:/o:opensuse:leap:15.1CVE-2020-25863openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
ModerateCVE-2020-25863SUSE bug 1176908cpe:/o:opensuse:leap:15.1CVE-2020-25866openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
ModerateCVE-2020-25866SUSE bug 1176910cpe:/o:opensuse:leap:15.1CVE-2020-2590openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
ModerateCVE-2020-2590SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2020-2593openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-2593SUSE bug 1160968SUSE bug 1162972cpe:/o:opensuse:leap:15.1CVE-2020-2601openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-2601SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2020-2604openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
ImportantCVE-2020-2604SUSE bug 1160968SUSE bug 1162972cpe:/o:opensuse:leap:15.1CVE-2020-26088openSUSE Leap 15.1
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
ModerateCVE-2020-26088SUSE bug 1176990cpe:/o:opensuse:leap:15.1CVE-2020-26116openSUSE Leap 15.1
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
ModerateCVE-2020-26116SUSE bug 1177120SUSE bug 1177211SUSE bug 1192361cpe:/o:opensuse:leap:15.1CVE-2020-26117openSUSE Leap 15.1
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
CriticalCVE-2020-26117SUSE bug 1176733cpe:/o:opensuse:leap:15.1CVE-2020-26137openSUSE Leap 15.1
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
ModerateCVE-2020-26137SUSE bug 1177120SUSE bug 1177211cpe:/o:opensuse:leap:15.1CVE-2020-26154openSUSE Leap 15.1
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
ImportantCVE-2020-26154SUSE bug 1177143cpe:/o:opensuse:leap:15.1CVE-2020-26164openSUSE Leap 15.1
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.
ModerateCVE-2020-26164SUSE bug 1176268SUSE bug 1177628cpe:/o:opensuse:leap:15.1CVE-2020-26215openSUSE Leap 15.1
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. The issue is patched in version 6.1.5.
ModerateCVE-2020-26215SUSE bug 1180458cpe:/o:opensuse:leap:15.1CVE-2020-2654openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2654SUSE bug 1160968SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2655openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-2655SUSE bug 1160968cpe:/o:opensuse:leap:15.1CVE-2020-26575openSUSE Leap 15.1
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
ModerateCVE-2020-26575SUSE bug 1177406SUSE bug 1178290cpe:/o:opensuse:leap:15.1CVE-2020-2659openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2659SUSE bug 1160968SUSE bug 1162972cpe:/o:opensuse:leap:15.1CVE-2020-26664openSUSE Leap 15.1
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
ModerateCVE-2020-26664SUSE bug 1180755cpe:/o:opensuse:leap:15.1CVE-2020-26934openSUSE Leap 15.1
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.
ModerateCVE-2020-26934SUSE bug 1177561cpe:/o:opensuse:leap:15.1CVE-2020-26935openSUSE Leap 15.1
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.
CriticalCVE-2020-26935SUSE bug 1177562cpe:/o:opensuse:leap:15.1CVE-2020-26950openSUSE Leap 15.1
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
ImportantCVE-2020-26950SUSE bug 1177872SUSE bug 1178588SUSE bug 1178611cpe:/o:opensuse:leap:15.1CVE-2020-26951openSUSE Leap 15.1
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ImportantCVE-2020-26951SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26953openSUSE Leap 15.1
It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26953SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26956openSUSE Leap 15.1
In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26956SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26958openSUSE Leap 15.1
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26958SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26959openSUSE Leap 15.1
During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26959SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26960openSUSE Leap 15.1
If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26960SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26961openSUSE Leap 15.1
When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26961SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26965openSUSE Leap 15.1
Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26965SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26966openSUSE Leap 15.1
Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26966SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26968openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
ModerateCVE-2020-26968SUSE bug 1178824SUSE bug 1178894cpe:/o:opensuse:leap:15.1CVE-2020-26971openSUSE Leap 15.1
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-26971SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-26973openSUSE Leap 15.1
Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-26973SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-26974openSUSE Leap 15.1
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-26974SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-26976openSUSE Leap 15.1
When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox < 84.
ImportantCVE-2020-26976SUSE bug 1180039SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2020-26978openSUSE Leap 15.1
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-26978SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-27068openSUSE Leap 15.1
In the nl80211_policy policy of nl80211.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-119770583
ModerateCVE-2020-27068SUSE bug 1180086cpe:/o:opensuse:leap:15.1CVE-2020-27153openSUSE Leap 15.1
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
ModerateCVE-2020-27153SUSE bug 1177895cpe:/o:opensuse:leap:15.1CVE-2020-2732openSUSE Leap 15.1
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.
ModerateCVE-2020-2732SUSE bug 1163971cpe:/o:opensuse:leap:15.1CVE-2020-27347openSUSE Leap 15.1
In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.
ModerateCVE-2020-27347SUSE bug 1178263SUSE bug 1178316cpe:/o:opensuse:leap:15.1CVE-2020-2741openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-2741SUSE bug 1169628SUSE bug 1174159cpe:/o:opensuse:leap:15.1CVE-2020-2742openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2742SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2743openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-2743SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2748openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).
ModerateCVE-2020-2748SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2752openSUSE Leap 15.1
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-2752SUSE bug 1171550cpe:/o:opensuse:leap:15.1CVE-2020-2754openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2754SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2755openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2755SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2756openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2756SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-27560openSUSE Leap 15.1
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
ModerateCVE-2020-27560SUSE bug 1178067cpe:/o:opensuse:leap:15.1CVE-2020-2757openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2757SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2758openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2758SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2760openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
ModerateCVE-2020-2760SUSE bug 1171550cpe:/o:opensuse:leap:15.1CVE-2020-27619openSUSE Leap 15.1
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
ImportantCVE-2020-27619SUSE bug 1178009SUSE bug 1180254SUSE bug 1193386cpe:/o:opensuse:leap:15.1CVE-2020-2767openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-2767SUSE bug 1169511cpe:/o:opensuse:leap:15.1CVE-2020-27670openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
ImportantCVE-2020-27670SUSE bug 1177414SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-27671openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
ImportantCVE-2020-27671SUSE bug 1177413cpe:/o:opensuse:leap:15.1CVE-2020-27672openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.
ImportantCVE-2020-27672SUSE bug 1177412SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-27673openSUSE Leap 15.1
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
ModerateCVE-2020-27673SUSE bug 1177411SUSE bug 1184583cpe:/o:opensuse:leap:15.1CVE-2020-27674openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
ModerateCVE-2020-27674SUSE bug 1177409SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-2773openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2773SUSE bug 1169511cpe:/o:opensuse:leap:15.1CVE-2020-27745openSUSE Leap 15.1
Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
ImportantCVE-2020-27745SUSE bug 1178890cpe:/o:opensuse:leap:15.1CVE-2020-27746openSUSE Leap 15.1
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
ModerateCVE-2020-27746SUSE bug 1178891cpe:/o:opensuse:leap:15.1CVE-2020-27750openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
ImportantCVE-2020-27750SUSE bug 1179260cpe:/o:opensuse:leap:15.1CVE-2020-27751openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27751SUSE bug 1179269cpe:/o:opensuse:leap:15.1CVE-2020-27752openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27752SUSE bug 1179202SUSE bug 1179346cpe:/o:opensuse:leap:15.1CVE-2020-27753openSUSE Leap 15.1
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27753SUSE bug 1179397cpe:/o:opensuse:leap:15.1CVE-2020-27754openSUSE Leap 15.1
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69.
ModerateCVE-2020-27754SUSE bug 1179313SUSE bug 1179336cpe:/o:opensuse:leap:15.1CVE-2020-27755openSUSE Leap 15.1
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27755SUSE bug 1179345cpe:/o:opensuse:leap:15.1CVE-2020-27756openSUSE Leap 15.1
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.
ImportantCVE-2020-27756SUSE bug 1179221cpe:/o:opensuse:leap:15.1CVE-2020-27757openSUSE Leap 15.1
A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by ImageMagick. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-27757SUSE bug 1179268cpe:/o:opensuse:leap:15.1CVE-2020-27758openSUSE Leap 15.1
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-27758SUSE bug 1179276cpe:/o:opensuse:leap:15.1CVE-2020-27759openSUSE Leap 15.1
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-27759SUSE bug 1179313SUSE bug 1179321SUSE bug 1179336cpe:/o:opensuse:leap:15.1CVE-2020-27760openSUSE Leap 15.1
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
ImportantCVE-2020-27760SUSE bug 1179281cpe:/o:opensuse:leap:15.1CVE-2020-27761openSUSE Leap 15.1
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0.
ModerateCVE-2020-27761SUSE bug 1179315cpe:/o:opensuse:leap:15.1CVE-2020-27762openSUSE Leap 15.1
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
ModerateCVE-2020-27762SUSE bug 1179278cpe:/o:opensuse:leap:15.1CVE-2020-27763openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-27763SUSE bug 1179312cpe:/o:opensuse:leap:15.1CVE-2020-27764openSUSE Leap 15.1
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69.
ModerateCVE-2020-27764SUSE bug 1179317SUSE bug 1179333cpe:/o:opensuse:leap:15.1CVE-2020-27765openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27765SUSE bug 1179311cpe:/o:opensuse:leap:15.1CVE-2020-27766openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69.
ModerateCVE-2020-27766SUSE bug 1179333SUSE bug 1179361cpe:/o:opensuse:leap:15.1CVE-2020-27767openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27767SUSE bug 1179268SUSE bug 1179269SUSE bug 1179322SUSE bug 1179346cpe:/o:opensuse:leap:15.1CVE-2020-27768openSUSE Leap 15.1
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27768SUSE bug 1179339cpe:/o:opensuse:leap:15.1CVE-2020-27769openSUSE Leap 15.1
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
ModerateCVE-2020-27769SUSE bug 1179321cpe:/o:opensuse:leap:15.1CVE-2020-27770openSUSE Leap 15.1
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
ModerateCVE-2020-27770SUSE bug 1179343cpe:/o:opensuse:leap:15.1CVE-2020-27771openSUSE Leap 15.1
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27771SUSE bug 1179327cpe:/o:opensuse:leap:15.1CVE-2020-27772openSUSE Leap 15.1
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27772SUSE bug 1179347cpe:/o:opensuse:leap:15.1CVE-2020-27773openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27773SUSE bug 1179285cpe:/o:opensuse:leap:15.1CVE-2020-27774openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27774SUSE bug 1179317SUSE bug 1179333SUSE bug 1179361cpe:/o:opensuse:leap:15.1CVE-2020-27775openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27775SUSE bug 1179338cpe:/o:opensuse:leap:15.1CVE-2020-27776openSUSE Leap 15.1
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
ModerateCVE-2020-27776SUSE bug 1179333SUSE bug 1179362cpe:/o:opensuse:leap:15.1CVE-2020-27777openSUSE Leap 15.1
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
ModerateCVE-2020-27777SUSE bug 1179107SUSE bug 1179419cpe:/o:opensuse:leap:15.1CVE-2020-2778openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ModerateCVE-2020-2778SUSE bug 1169511cpe:/o:opensuse:leap:15.1CVE-2020-27781openSUSE Leap 15.1
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 14.2.16, 15.x prior to 15.2.8, and 16.x prior to 16.2.0.
ImportantCVE-2020-27781SUSE bug 1179802SUSE bug 1180155cpe:/o:opensuse:leap:15.1CVE-2020-27786openSUSE Leap 15.1
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
ImportantCVE-2020-27786SUSE bug 1179601SUSE bug 1179616cpe:/o:opensuse:leap:15.1CVE-2020-2781openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2781SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-27818openSUSE Leap 15.1
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.
ModerateCVE-2020-27818SUSE bug 1179528cpe:/o:opensuse:leap:15.1CVE-2020-27825openSUSE Leap 15.1
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
ImportantCVE-2020-27825SUSE bug 1179960SUSE bug 1179961cpe:/o:opensuse:leap:15.1CVE-2020-2800openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
ModerateCVE-2020-2800SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2803openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2803SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-28030openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
ModerateCVE-2020-28030SUSE bug 1178291cpe:/o:opensuse:leap:15.1CVE-2020-28049openSUSE Leap 15.1
An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation.
ModerateCVE-2020-28049SUSE bug 1177201cpe:/o:opensuse:leap:15.1CVE-2020-2805openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2805SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-2812openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-2812SUSE bug 1171550cpe:/o:opensuse:leap:15.1CVE-2020-2814openSUSE Leap 15.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateCVE-2020-2814SUSE bug 1171550cpe:/o:opensuse:leap:15.1CVE-2020-2816openSUSE Leap 15.1
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
ModerateCVE-2020-2816SUSE bug 1169511cpe:/o:opensuse:leap:15.1CVE-2020-28196openSUSE Leap 15.1
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
ImportantCVE-2020-28196SUSE bug 1178512cpe:/o:opensuse:leap:15.1CVE-2020-2830openSUSE Leap 15.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2830SUSE bug 1169511SUSE bug 1172277cpe:/o:opensuse:leap:15.1CVE-2020-28362openSUSE Leap 15.1
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
ImportantCVE-2020-28362SUSE bug 1178750cpe:/o:opensuse:leap:15.1CVE-2020-28366openSUSE Leap 15.1
Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.
ImportantCVE-2020-28366SUSE bug 1178753cpe:/o:opensuse:leap:15.1CVE-2020-28367openSUSE Leap 15.1
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.
ImportantCVE-2020-28367SUSE bug 1178752cpe:/o:opensuse:leap:15.1CVE-2020-28368openSUSE Leap 15.1
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
ModerateCVE-2020-28368SUSE bug 1178591SUSE bug 1178658cpe:/o:opensuse:leap:15.1CVE-2020-28374openSUSE Leap 15.1
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.
ImportantCVE-2020-28374SUSE bug 1178372SUSE bug 1178684SUSE bug 1180676cpe:/o:opensuse:leap:15.1CVE-2020-28896openSUSE Leap 15.1
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted connection, or to a machine-in-the-middle.
ModerateCVE-2020-28896SUSE bug 1179035cpe:/o:opensuse:leap:15.1CVE-2020-28915openSUSE Leap 15.1
A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.
ModerateCVE-2020-28915SUSE bug 1178886cpe:/o:opensuse:leap:15.1CVE-2020-28924openSUSE Leap 15.1
An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on the time the second rclone was started. This limits the entropy of the passwords enormously. These passwords are often used in the crypt backend for encryption of data. It would be possible to make a dictionary of all possible passwords with about 38 million entries per password length. This would make decryption of secret material possible with a plausible amount of effort. NOTE: all passwords generated by affected versions should be changed.
ModerateCVE-2020-28924SUSE bug 1179005cpe:/o:opensuse:leap:15.1CVE-2020-28926openSUSE Leap 15.1
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
ImportantCVE-2020-28926SUSE bug 1179447cpe:/o:opensuse:leap:15.1CVE-2020-28935openSUSE Leap 15.1
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.
ModerateCVE-2020-28935SUSE bug 1173619SUSE bug 1179191cpe:/o:opensuse:leap:15.1CVE-2020-2894openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
ModerateCVE-2020-2894SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-28974openSUSE Leap 15.1
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.
ModerateCVE-2020-28974SUSE bug 1178589cpe:/o:opensuse:leap:15.1CVE-2020-2902openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2902SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2905openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2905SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2907openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2907SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2908openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2908SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2909openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).
ModerateCVE-2020-2909SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2910openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N).
ModerateCVE-2020-2910SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2911openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2911SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2913openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2020-2913SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2914openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2020-2914SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2929openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
ModerateCVE-2020-2929SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-29367openSUSE Leap 15.1
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CriticalCVE-2020-29367SUSE bug 1179914cpe:/o:opensuse:leap:15.1CVE-2020-29371openSUSE Leap 15.1
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.
ModerateCVE-2020-29371SUSE bug 1179429cpe:/o:opensuse:leap:15.1CVE-2020-29480openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A guest administrator can also use the special watches, which will cause a notification every time a domain is created and destroyed. Data may include: number, type, and domids of other VMs; existence and domids of driver domains; numbers of virtual interfaces, block devices, vcpus; existence of virtual framebuffers and their backend style (e.g., existence of VNC service); Xen VM UUIDs for other domains; timing information about domain creation and device setup; and some hints at the backend provisioning of VMs and their devices. The watch events do not contain values stored in xenstore, only key names. A guest administrator can observe non-sensitive domain and device lifecycle events relating to other guests. This information allows some insight into overall system configuration (including the number and general nature of other guests), and configuration of other guests (including the number and general nature of other guests' devices). This information might be commercially interesting or might make other attacks easier. There is not believed to be exposure of sensitive data. Specifically, there is no exposure of VNC passwords, port numbers, pathnames in host and guest filesystems, cryptographic keys, or within-guest data.
ModerateCVE-2020-29480SUSE bug 1178658SUSE bug 1179496cpe:/o:opensuse:leap:15.1CVE-2020-29481openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. Because all Xenstore entries of a guest below /local/domain/<domid> are being deleted by Xen tools when a guest is destroyed, only Xenstore entries of other guests still running are affected. For example, a newly created guest domain might be able to read sensitive information that had belonged to a previously existing guest domain. Both Xenstore implementations (C and Ocaml) are vulnerable.
ModerateCVE-2020-29481SUSE bug 1176349SUSE bug 1178658SUSE bug 1179498cpe:/o:opensuse:leap:15.1CVE-2020-29483openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by just removing the guest from xenstored's internal management, resulting in the same actions as if the guest had been destroyed, including sending an @releaseDomain event. @releaseDomain events do not say that the guest has been removed. All watchers of this event must look at the states of all guests to find the guest that has been removed. When an @releaseDomain is generated due to a domain xenstored protocol violation, because the guest is still running, the watchers will not react. Later, when the guest is actually destroyed, xenstored will no longer have it stored in its internal data base, so no further @releaseDomain event will be sent. This can lead to a zombie domain; memory mappings of that guest's memory will not be removed, due to the missing event. This zombie domain will be cleaned up only after another domain is destroyed, as that will trigger another @releaseDomain event. If the device model of the guest that violated the Xenstore protocol is running in a stub-domain, a use-after-free case could happen in xenstored, after having removed the guest from its internal data base, possibly resulting in a crash of xenstored. A malicious guest can block resources of the host for a period after its own death. Guests with a stub domain device model can eventually crash xenstored, resulting in a more serious denial of service (the prevention of any further domain management operations). Only the C variant of Xenstore is affected; the Ocaml variant is not affected. Only HVM guests with a stubdom device model can cause a serious DoS.
ModerateCVE-2020-29483SUSE bug 1178658SUSE bug 1179502cpe:/o:opensuse:leap:15.1CVE-2020-29484openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering the watch. Any communication with xenstored is done via Xenstore messages, consisting of a message header and the payload. The payload length is limited to 4096 bytes. Any request to xenstored resulting in a response with a payload longer than 4096 bytes will result in an error. When registering a watch, the payload length limit applies to the combined length of the watched path and the specified tag. Because watches for a specific path are also triggered for all nodes below that path, the payload of a watch event message can be longer than the payload needed to register the watch. A malicious guest that registers a watch using a very large tag (i.e., with a registration operation payload length close to the 4096 byte limit) can cause the generation of watch events with a payload length larger than 4096 bytes, by writing to Xenstore entries below the watched path. This will result in an error condition in xenstored. This error can result in a NULL pointer dereference, leading to a crash of xenstored. A malicious guest administrator can cause xenstored to crash, leading to a denial of service. Following a xenstored crash, domains may continue to run, but management operations will be impossible. Only C xenstored is affected, oxenstored is not affected.
ModerateCVE-2020-29484SUSE bug 1178658SUSE bug 1179501cpe:/o:opensuse:leap:15.1CVE-2020-2951openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2020-2951SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-29566openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled. If the device model were to signal Xen without having actually completed the operation, the de-schedule / re-schedule cycle would repeat. If, in addition, Xen is resignalled very quickly, the re-schedule may occur before the de-schedule was fully complete, triggering a shortcut. This potentially repeating process uses ordinary recursive function calls, and thus could result in a stack overflow. A malicious or buggy stubdomain serving a HVM guest can cause Xen to crash, resulting in a Denial of Service (DoS) to the entire host. Only x86 systems are affected. Arm systems are not affected. Only x86 stubdomains serving HVM guests can exploit the vulnerability.
ModerateCVE-2020-29566SUSE bug 1178658SUSE bug 1179506cpe:/o:opensuse:leap:15.1CVE-2020-29568openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.
ModerateCVE-2020-29568SUSE bug 1179508cpe:/o:opensuse:leap:15.1CVE-2020-29569openSUSE Leap 15.1
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback.
ImportantCVE-2020-29569SUSE bug 1179509SUSE bug 1180008cpe:/o:opensuse:leap:15.1CVE-2020-29570openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system.
ModerateCVE-2020-29570SUSE bug 1179514cpe:/o:opensuse:leap:15.1CVE-2020-29571openSUSE Leap 15.1
An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable.
ModerateCVE-2020-29571SUSE bug 1179516cpe:/o:opensuse:leap:15.1CVE-2020-2958openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
ModerateCVE-2020-2958SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-2959openSUSE Leap 15.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via MLD to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).
ModerateCVE-2020-2959SUSE bug 1169628cpe:/o:opensuse:leap:15.1CVE-2020-29599openSUSE Leap 15.1
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
ImportantCVE-2020-29599SUSE bug 1179753cpe:/o:opensuse:leap:15.1CVE-2020-29660openSUSE Leap 15.1
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
ImportantCVE-2020-29660SUSE bug 1179745SUSE bug 1179877cpe:/o:opensuse:leap:15.1CVE-2020-29661openSUSE Leap 15.1
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
ImportantCVE-2020-29661SUSE bug 1179745SUSE bug 1179877cpe:/o:opensuse:leap:15.1CVE-2020-3123openSUSE Leap 15.1
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
ModerateCVE-2020-3123SUSE bug 1162921cpe:/o:opensuse:leap:15.1CVE-2020-3327openSUSE Leap 15.1
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
ImportantCVE-2020-3327SUSE bug 1171980SUSE bug 1174250cpe:/o:opensuse:leap:15.1CVE-2020-3341openSUSE Leap 15.1
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
ImportantCVE-2020-3341SUSE bug 1171981cpe:/o:opensuse:leap:15.1CVE-2020-3350openSUSE Leap 15.1
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.
ModerateCVE-2020-3350SUSE bug 1174250SUSE bug 1174255cpe:/o:opensuse:leap:15.1CVE-2020-3481openSUSE Leap 15.1
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
ImportantCVE-2020-3481SUSE bug 1174250cpe:/o:opensuse:leap:15.1CVE-2020-35111openSUSE Leap 15.1
When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-35111SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-35112openSUSE Leap 15.1
If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-35112SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-35113openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
ImportantCVE-2020-35113SUSE bug 1180039cpe:/o:opensuse:leap:15.1CVE-2020-35458openSUSE Leap 15.1
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser.
CriticalCVE-2020-35458SUSE bug 1179998cpe:/o:opensuse:leap:15.1CVE-2020-35459openSUSE Leap 15.1
An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.
ImportantCVE-2020-35459SUSE bug 1179999cpe:/o:opensuse:leap:15.1CVE-2020-35678openSUSE Leap 15.1
Autobahn|Python before 20.12.3 allows redirect header injection.
ModerateCVE-2020-35678SUSE bug 1180570cpe:/o:opensuse:leap:15.1CVE-2020-35738openSUSE Leap 15.1
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
ImportantCVE-2020-35738SUSE bug 1180414cpe:/o:opensuse:leap:15.1CVE-2020-36158openSUSE Leap 15.1
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
ImportantCVE-2020-36158SUSE bug 1180559SUSE bug 1180562cpe:/o:opensuse:leap:15.1CVE-2020-3862openSUSE Leap 15.1
A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.
ModerateCVE-2020-3862SUSE bug 1163809cpe:/o:opensuse:leap:15.1CVE-2020-3864openSUSE Leap 15.1
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.
ModerateCVE-2020-3864SUSE bug 1163809cpe:/o:opensuse:leap:15.1CVE-2020-3865openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-3865SUSE bug 1163809cpe:/o:opensuse:leap:15.1CVE-2020-3867openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2020-3867SUSE bug 1163809cpe:/o:opensuse:leap:15.1CVE-2020-3868openSUSE Leap 15.1
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-3868SUSE bug 1163809cpe:/o:opensuse:leap:15.1CVE-2020-3898openSUSE Leap 15.1
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
ImportantCVE-2020-3898SUSE bug 1168422SUSE bug 1170671cpe:/o:opensuse:leap:15.1CVE-2020-3899openSUSE Leap 15.1
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
ModerateCVE-2020-3899SUSE bug 1170643cpe:/o:opensuse:leap:15.1CVE-2020-4030openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
ModerateCVE-2020-4030SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-4031openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
ModerateCVE-2020-4031SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-4032openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
ModerateCVE-2020-4032SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-4033openSUSE Leap 15.1
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
ModerateCVE-2020-4033SUSE bug 1173247cpe:/o:opensuse:leap:15.1CVE-2020-4044openSUSE Leap 15.1
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on port 3350. This will allow them to capture any user credentials that are submitted to XRDP and approve or reject arbitrary login credentials. For xorgxrdp sessions in particular, this allows an unauthorized user to hijack an existing session. This is a buffer overflow attack, so there may be a risk of arbitrary code execution as well.
ImportantCVE-2020-4044SUSE bug 1173580cpe:/o:opensuse:leap:15.1CVE-2020-4788openSUSE Leap 15.1
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
ModerateCVE-2020-4788SUSE bug 1177666SUSE bug 1181158cpe:/o:opensuse:leap:15.1CVE-2020-5202openSUSE Leap 15.1
apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.
ModerateCVE-2020-5202SUSE bug 1157706cpe:/o:opensuse:leap:15.1CVE-2020-5204openSUSE Leap 15.1
In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11
ModerateCVE-2020-5204SUSE bug 1160199SUSE bug 1161667SUSE bug 1180249cpe:/o:opensuse:leap:15.1CVE-2020-5208openSUSE Leap 15.1
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
ImportantCVE-2020-5208SUSE bug 1163026cpe:/o:opensuse:leap:15.1CVE-2020-5247openSUSE Leap 15.1
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.
ModerateCVE-2020-5247SUSE bug 1165402SUSE bug 1165524cpe:/o:opensuse:leap:15.1CVE-2020-5249openSUSE Leap 15.1
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.
ModerateCVE-2020-5249SUSE bug 1165524cpe:/o:opensuse:leap:15.1CVE-2020-5260openSUSE Leap 15.1
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.
ImportantCVE-2020-5260SUSE bug 1168930SUSE bug 1169936SUSE bug 1170741cpe:/o:opensuse:leap:15.1CVE-2020-5267openSUSE Leap 15.1
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
ModerateCVE-2020-5267SUSE bug 1167240cpe:/o:opensuse:leap:15.1CVE-2020-5283openSUSE Leap 15.1
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the `show_subdir_lastmod` feature enabled. The attack vector involves files with unsafe names (names that, when embedded into an HTML stream, would cause the browser to run unwanted code), which themselves can be challenging to create. This vulnerability is patched in versions 1.2.1 and 1.1.28.
ModerateCVE-2020-5283SUSE bug 1167974cpe:/o:opensuse:leap:15.1CVE-2020-5395openSUSE Leap 15.1
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
ModerateCVE-2020-5395SUSE bug 1160220SUSE bug 1178308cpe:/o:opensuse:leap:15.1CVE-2020-5496openSUSE Leap 15.1
FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.
ModerateCVE-2020-5496SUSE bug 1160236cpe:/o:opensuse:leap:15.1CVE-2020-5504openSUSE Leap 15.1
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
ModerateCVE-2020-5504SUSE bug 1160456cpe:/o:opensuse:leap:15.1CVE-2020-6095openSUSE Leap 15.1
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
ModerateCVE-2020-6095SUSE bug 1168026cpe:/o:opensuse:leap:15.1CVE-2020-6377openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6377SUSE bug 1160337cpe:/o:opensuse:leap:15.1CVE-2020-6378openSUSE Leap 15.1
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6378SUSE bug 1161252cpe:/o:opensuse:leap:15.1CVE-2020-6379openSUSE Leap 15.1
Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6379SUSE bug 1161252cpe:/o:opensuse:leap:15.1CVE-2020-6380openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.
ImportantCVE-2020-6380SUSE bug 1161252cpe:/o:opensuse:leap:15.1CVE-2020-6381openSUSE Leap 15.1
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6381SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6382openSUSE Leap 15.1
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6382SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6385openSUSE Leap 15.1
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
ImportantCVE-2020-6385SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6387openSUSE Leap 15.1
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
ImportantCVE-2020-6387SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6388openSUSE Leap 15.1
Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6388SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6389openSUSE Leap 15.1
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
ImportantCVE-2020-6389SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6390openSUSE Leap 15.1
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6390SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6391openSUSE Leap 15.1
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2020-6391SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6392openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
ImportantCVE-2020-6392SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6393openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6393SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6394openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2020-6394SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6395openSUSE Leap 15.1
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-6395SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6396openSUSE Leap 15.1
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2020-6396SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6397openSUSE Leap 15.1
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
ImportantCVE-2020-6397SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6398openSUSE Leap 15.1
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2020-6398SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6399openSUSE Leap 15.1
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6399SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6400openSUSE Leap 15.1
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6400SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6401openSUSE Leap 15.1
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ImportantCVE-2020-6401SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6402openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
ImportantCVE-2020-6402SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6403openSUSE Leap 15.1
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2020-6403SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6404openSUSE Leap 15.1
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6404SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6405openSUSE Leap 15.1
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-6405SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6406openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6406SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6407openSUSE Leap 15.1
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6407SUSE bug 1164828cpe:/o:opensuse:leap:15.1CVE-2020-6408openSUSE Leap 15.1
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
ImportantCVE-2020-6408SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6409openSUSE Leap 15.1
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
ImportantCVE-2020-6409SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6410openSUSE Leap 15.1
Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.
ImportantCVE-2020-6410SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6411openSUSE Leap 15.1
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ImportantCVE-2020-6411SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6412openSUSE Leap 15.1
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ImportantCVE-2020-6412SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6413openSUSE Leap 15.1
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.
ImportantCVE-2020-6413SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6414openSUSE Leap 15.1
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6414SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6415openSUSE Leap 15.1
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6415SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6416openSUSE Leap 15.1
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6416SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6417openSUSE Leap 15.1
Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.
ImportantCVE-2020-6417SUSE bug 1162833cpe:/o:opensuse:leap:15.1CVE-2020-6418openSUSE Leap 15.1
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6418SUSE bug 1164828cpe:/o:opensuse:leap:15.1CVE-2020-6420openSUSE Leap 15.1
Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
ModerateCVE-2020-6420SUSE bug 1165826cpe:/o:opensuse:leap:15.1CVE-2020-6422openSUSE Leap 15.1
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6422SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6423openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6423SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6424openSUSE Leap 15.1
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6424SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6425openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
ImportantCVE-2020-6425SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6426openSUSE Leap 15.1
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6426SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6427openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6427SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6428openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6428SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6429openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6429SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6430openSUSE Leap 15.1
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6430SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6431openSUSE Leap 15.1
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2020-6431SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6432openSUSE Leap 15.1
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6432SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6433openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6433SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6434openSUSE Leap 15.1
Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6434SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6435openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6435SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6436openSUSE Leap 15.1
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6436SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6437openSUSE Leap 15.1
Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.
ModerateCVE-2020-6437SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6438openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
ModerateCVE-2020-6438SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6439openSUSE Leap 15.1
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
ModerateCVE-2020-6439SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6440openSUSE Leap 15.1
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
ModerateCVE-2020-6440SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6441openSUSE Leap 15.1
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
ModerateCVE-2020-6441SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6442openSUSE Leap 15.1
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-6442SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6443openSUSE Leap 15.1
Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.
ModerateCVE-2020-6443SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6444openSUSE Leap 15.1
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6444SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6445openSUSE Leap 15.1
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2020-6445SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6446openSUSE Leap 15.1
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ModerateCVE-2020-6446SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6447openSUSE Leap 15.1
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6447SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6448openSUSE Leap 15.1
Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6448SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6449openSUSE Leap 15.1
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6449SUSE bug 1167090cpe:/o:opensuse:leap:15.1CVE-2020-6450openSUSE Leap 15.1
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6450SUSE bug 1168421cpe:/o:opensuse:leap:15.1CVE-2020-6451openSUSE Leap 15.1
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6451SUSE bug 1168421cpe:/o:opensuse:leap:15.1CVE-2020-6452openSUSE Leap 15.1
Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6452SUSE bug 1168421cpe:/o:opensuse:leap:15.1CVE-2020-6454openSUSE Leap 15.1
Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
ModerateCVE-2020-6454SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6455openSUSE Leap 15.1
Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6455SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6456openSUSE Leap 15.1
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
ModerateCVE-2020-6456SUSE bug 1168911cpe:/o:opensuse:leap:15.1CVE-2020-6457openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6457SUSE bug 1169729cpe:/o:opensuse:leap:15.1CVE-2020-6458openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ModerateCVE-2020-6458SUSE bug 1170107cpe:/o:opensuse:leap:15.1CVE-2020-6459openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6459SUSE bug 1170107cpe:/o:opensuse:leap:15.1CVE-2020-6460openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name.
ModerateCVE-2020-6460SUSE bug 1170107cpe:/o:opensuse:leap:15.1CVE-2020-6461openSUSE Leap 15.1 NonFree
Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-6461SUSE bug 1170707cpe:/o:opensuse:leap:15.1CVE-2020-6462openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-6462SUSE bug 1170707cpe:/o:opensuse:leap:15.1CVE-2020-6463openSUSE Leap 15.1
Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6463SUSE bug 1171975SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-6464openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6464SUSE bug 1171247cpe:/o:opensuse:leap:15.1CVE-2020-6465openSUSE Leap 15.1
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6465SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6466openSUSE Leap 15.1
Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6466SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6467openSUSE Leap 15.1
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6467SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6468openSUSE Leap 15.1
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6468SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6469openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ImportantCVE-2020-6469SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6470openSUSE Leap 15.1
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.
ImportantCVE-2020-6470SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6471openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ImportantCVE-2020-6471SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6472openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
ImportantCVE-2020-6472SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6473openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-6473SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6474openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6474SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6475openSUSE Leap 15.1
Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
ImportantCVE-2020-6475SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6476openSUSE Leap 15.1
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
ImportantCVE-2020-6476SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6477openSUSE Leap 15.1
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.
ImportantCVE-2020-6477SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6478openSUSE Leap 15.1
Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
ImportantCVE-2020-6478SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6479openSUSE Leap 15.1
Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
ImportantCVE-2020-6479SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6480openSUSE Leap 15.1
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.
ImportantCVE-2020-6480SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6481openSUSE Leap 15.1
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.
ImportantCVE-2020-6481SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6482openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
ImportantCVE-2020-6482SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6483openSUSE Leap 15.1
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6483SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6484openSUSE Leap 15.1
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.
ImportantCVE-2020-6484SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6485openSUSE Leap 15.1
Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6485SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6486openSUSE Leap 15.1
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6486SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6487openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6487SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6488openSUSE Leap 15.1
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6488SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6489openSUSE Leap 15.1
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.
ImportantCVE-2020-6489SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6490openSUSE Leap 15.1
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6490SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6491openSUSE Leap 15.1
Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.
ImportantCVE-2020-6491SUSE bug 1171910cpe:/o:opensuse:leap:15.1CVE-2020-6493openSUSE Leap 15.1
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6493SUSE bug 1172496cpe:/o:opensuse:leap:15.1CVE-2020-6494openSUSE Leap 15.1
Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2020-6494SUSE bug 1172496cpe:/o:opensuse:leap:15.1CVE-2020-6495openSUSE Leap 15.1
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ImportantCVE-2020-6495SUSE bug 1172496cpe:/o:opensuse:leap:15.1CVE-2020-6496openSUSE Leap 15.1
Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6496SUSE bug 1172496cpe:/o:opensuse:leap:15.1CVE-2020-6505openSUSE Leap 15.1
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6505SUSE bug 1173029cpe:/o:opensuse:leap:15.1CVE-2020-6506openSUSE Leap 15.1
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page.
ImportantCVE-2020-6506SUSE bug 1173029cpe:/o:opensuse:leap:15.1CVE-2020-6507openSUSE Leap 15.1
Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6507SUSE bug 1173029cpe:/o:opensuse:leap:15.1CVE-2020-6509openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2020-6509SUSE bug 1173251cpe:/o:opensuse:leap:15.1CVE-2020-6510openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6510SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6511openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6511SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6512openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6512SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6513openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
ImportantCVE-2020-6513SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6514openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
ImportantCVE-2020-6514SUSE bug 1174189SUSE bug 1174538cpe:/o:opensuse:leap:15.1CVE-2020-6515openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6515SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6516openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6516SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6517openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6517SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6518openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6518SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6519openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2020-6519SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6520openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6520SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6521openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-6521SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6522openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ImportantCVE-2020-6522SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6523openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6523SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6524openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6524SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6525openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6525SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6526openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ImportantCVE-2020-6526SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6527openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
ImportantCVE-2020-6527SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6528openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ImportantCVE-2020-6528SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6529openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6529SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6530openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
ImportantCVE-2020-6530SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6531openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6531SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6532openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6532SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6533openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6533SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6534openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6534SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6535openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.
ImportantCVE-2020-6535SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6536openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.
ImportantCVE-2020-6536SUSE bug 1174189cpe:/o:opensuse:leap:15.1CVE-2020-6537openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
ImportantCVE-2020-6537SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6538openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ImportantCVE-2020-6538SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6539openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6539SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6540openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6540SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6541openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6541SUSE bug 1174582cpe:/o:opensuse:leap:15.1CVE-2020-6542openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6542SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6543openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6543SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6544openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6544SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6545openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6545SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6546openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
ImportantCVE-2020-6546SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6547openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
ImportantCVE-2020-6547SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6548openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6548SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6549openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CriticalCVE-2020-6549SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6550openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6550SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6551openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ImportantCVE-2020-6551SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6552openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CriticalCVE-2020-6552SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6553openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CriticalCVE-2020-6553SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6554openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2020-6554SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6555openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
ImportantCVE-2020-6555SUSE bug 1175085cpe:/o:opensuse:leap:15.1CVE-2020-6556openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CriticalCVE-2020-6556SUSE bug 1175505cpe:/o:opensuse:leap:15.1CVE-2020-6557openSUSE Leap 15.1
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
ModerateCVE-2020-6557SUSE bug 1177408cpe:/o:opensuse:leap:15.1CVE-2020-6558openSUSE Leap 15.1
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6558SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6559openSUSE Leap 15.1
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6559SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6560openSUSE Leap 15.1
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-6560SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6561openSUSE Leap 15.1
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-6561SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6562openSUSE Leap 15.1
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-6562SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6563openSUSE Leap 15.1
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
ModerateCVE-2020-6563SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6564openSUSE Leap 15.1
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
ModerateCVE-2020-6564SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6565openSUSE Leap 15.1
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
ModerateCVE-2020-6565SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6566openSUSE Leap 15.1
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2020-6566SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6567openSUSE Leap 15.1
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6567SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6568openSUSE Leap 15.1
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2020-6568SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6569openSUSE Leap 15.1
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6569SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6570openSUSE Leap 15.1
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
ModerateCVE-2020-6570SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6571openSUSE Leap 15.1
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
ModerateCVE-2020-6571SUSE bug 1175757cpe:/o:opensuse:leap:15.1CVE-2020-6573openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-6573SUSE bug 1176306cpe:/o:opensuse:leap:15.1CVE-2020-6574openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
ModerateCVE-2020-6574SUSE bug 1176306cpe:/o:opensuse:leap:15.1CVE-2020-6575openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2020-6575SUSE bug 1176306cpe:/o:opensuse:leap:15.1CVE-2020-6576openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2020-6576SUSE bug 1176306cpe:/o:opensuse:leap:15.1CVE-2020-6609openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
ModerateCVE-2020-6609SUSE bug 1160520cpe:/o:opensuse:leap:15.1CVE-2020-6610openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
ModerateCVE-2020-6610SUSE bug 1160522cpe:/o:opensuse:leap:15.1CVE-2020-6611openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
ModerateCVE-2020-6611SUSE bug 1160523cpe:/o:opensuse:leap:15.1CVE-2020-6612openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
ModerateCVE-2020-6612SUSE bug 1160524cpe:/o:opensuse:leap:15.1CVE-2020-6613openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
ModerateCVE-2020-6613SUSE bug 1160525cpe:/o:opensuse:leap:15.1CVE-2020-6614openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
ModerateCVE-2020-6614SUSE bug 1160526cpe:/o:opensuse:leap:15.1CVE-2020-6615openSUSE Leap 15.1
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
ModerateCVE-2020-6615SUSE bug 1160527cpe:/o:opensuse:leap:15.1CVE-2020-6792openSUSE Leap 15.1
When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.
ImportantCVE-2020-6792SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6793openSUSE Leap 15.1
When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5.
ImportantCVE-2020-6793SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6794openSUSE Leap 15.1
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Thunderbird < 68.5.
ImportantCVE-2020-6794SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6795openSUSE Leap 15.1
When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5.
ImportantCVE-2020-6795SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6796openSUSE Leap 15.1
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
ImportantCVE-2020-6796SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6797openSUSE Leap 15.1
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6797SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6798openSUSE Leap 15.1
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6798SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6799openSUSE Leap 15.1
Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
ImportantCVE-2020-6799SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6800openSUSE Leap 15.1
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
ImportantCVE-2020-6800SUSE bug 1163368cpe:/o:opensuse:leap:15.1CVE-2020-6802openSUSE Leap 15.1
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
ModerateCVE-2020-6802SUSE bug 1165303cpe:/o:opensuse:leap:15.1CVE-2020-6805openSUSE Leap 15.1
When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6805SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6806openSUSE Leap 15.1
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6806SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6807openSUSE Leap 15.1
When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6807SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6811openSUSE Leap 15.1
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6811SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6812openSUSE Leap 15.1
The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6812SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6814openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
ImportantCVE-2020-6814SUSE bug 1166238cpe:/o:opensuse:leap:15.1CVE-2020-6819openSUSE Leap 15.1
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
ImportantCVE-2020-6819SUSE bug 1168630SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6820openSUSE Leap 15.1
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
ImportantCVE-2020-6820SUSE bug 1168630SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6821openSUSE Leap 15.1
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
ImportantCVE-2020-6821SUSE bug 1168630SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6822openSUSE Leap 15.1
On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
ImportantCVE-2020-6822SUSE bug 1168630SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6825openSUSE Leap 15.1
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
ImportantCVE-2020-6825SUSE bug 1168630SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6827openSUSE Leap 15.1
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.
ImportantCVE-2020-6827SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6828openSUSE Leap 15.1
A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.<br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.
ImportantCVE-2020-6828SUSE bug 1168874cpe:/o:opensuse:leap:15.1CVE-2020-6831openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
ImportantCVE-2020-6831SUSE bug 1171186SUSE bug 1171247cpe:/o:opensuse:leap:15.1CVE-2020-7039openSUSE Leap 15.1
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
ImportantCVE-2020-7039SUSE bug 1161066cpe:/o:opensuse:leap:15.1CVE-2020-7040openSUSE Leap 15.1
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)
CriticalCVE-2020-7040SUSE bug 1150555SUSE bug 1156767cpe:/o:opensuse:leap:15.1CVE-2020-7041openSUSE Leap 15.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
ModerateCVE-2020-7041SUSE bug 1165299cpe:/o:opensuse:leap:15.1CVE-2020-7042openSUSE Leap 15.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
ModerateCVE-2020-7042SUSE bug 1165300cpe:/o:opensuse:leap:15.1CVE-2020-7043openSUSE Leap 15.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.
ModerateCVE-2020-7043SUSE bug 1165301cpe:/o:opensuse:leap:15.1CVE-2020-7044openSUSE Leap 15.1
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.
ModerateCVE-2020-7044SUSE bug 1161052cpe:/o:opensuse:leap:15.1CVE-2020-7053openSUSE Leap 15.1
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.
ModerateCVE-2020-7053SUSE bug 1160966cpe:/o:opensuse:leap:15.1CVE-2020-7059openSUSE Leap 15.1
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
ModerateCVE-2020-7059SUSE bug 1162629cpe:/o:opensuse:leap:15.1CVE-2020-7060openSUSE Leap 15.1
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
ImportantCVE-2020-7060SUSE bug 1162632cpe:/o:opensuse:leap:15.1CVE-2020-7062openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.
LowCVE-2020-7062SUSE bug 1165280cpe:/o:opensuse:leap:15.1CVE-2020-7063openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.
ModerateCVE-2020-7063SUSE bug 1165289cpe:/o:opensuse:leap:15.1CVE-2020-7064openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
ModerateCVE-2020-7064SUSE bug 1168326cpe:/o:opensuse:leap:15.1CVE-2020-7066openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
ModerateCVE-2020-7066SUSE bug 1168352cpe:/o:opensuse:leap:15.1CVE-2020-7068openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
ModerateCVE-2020-7068SUSE bug 1175203SUSE bug 1175223cpe:/o:opensuse:leap:15.1CVE-2020-7069openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
ImportantCVE-2020-7069SUSE bug 1177351cpe:/o:opensuse:leap:15.1CVE-2020-7070openSUSE Leap 15.1
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
ModerateCVE-2020-7070SUSE bug 1177352cpe:/o:opensuse:leap:15.1CVE-2020-7071openSUSE Leap 15.1
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.
ModerateCVE-2020-7071SUSE bug 1180706SUSE bug 1182049cpe:/o:opensuse:leap:15.1CVE-2020-7106openSUSE Leap 15.1
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
ModerateCVE-2020-7106SUSE bug 1163749cpe:/o:opensuse:leap:15.1CVE-2020-7216openSUSE Leap 15.1
An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.
ModerateCVE-2020-7216SUSE bug 1160905cpe:/o:opensuse:leap:15.1CVE-2020-7217openSUSE Leap 15.1
An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.
ModerateCVE-2020-7217SUSE bug 1160906cpe:/o:opensuse:leap:15.1CVE-2020-7237openSUSE Leap 15.1
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.
CriticalCVE-2020-7237SUSE bug 1161297cpe:/o:opensuse:leap:15.1CVE-2020-7595openSUSE Leap 15.1
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
ModerateCVE-2020-7595SUSE bug 1161517SUSE bug 1191860cpe:/o:opensuse:leap:15.1CVE-2020-7598openSUSE Leap 15.1
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
ImportantCVE-2020-7598SUSE bug 1166916cpe:/o:opensuse:leap:15.1CVE-2020-8013openSUSE Leap 15.1
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.
ModerateCVE-2020-8013SUSE bug 1163922cpe:/o:opensuse:leap:15.1CVE-2020-8015openSUSE Leap 15.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
ImportantCVE-2020-8015SUSE bug 1154062SUSE bug 1154183cpe:/o:opensuse:leap:15.1CVE-2020-8016openSUSE Leap 15.1
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.
ModerateCVE-2020-8016SUSE bug 1158910SUSE bug 1159740cpe:/o:opensuse:leap:15.1CVE-2020-8017openSUSE Leap 15.1
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.
ModerateCVE-2020-8017SUSE bug 1158910SUSE bug 1159103cpe:/o:opensuse:leap:15.1CVE-2020-8022openSUSE Leap 15.1
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
ImportantCVE-2020-8022SUSE bug 1172405SUSE bug 1172562cpe:/o:opensuse:leap:15.1CVE-2020-8023openSUSE Leap 15.1
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.
ImportantCVE-2020-8023SUSE bug 1172698SUSE bug 1190347cpe:/o:opensuse:leap:15.1CVE-2020-8024openSUSE Leap 15.1
A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1.
ModerateCVE-2020-8024SUSE bug 1172731cpe:/o:opensuse:leap:15.1CVE-2020-8026openSUSE Leap 15.1
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.
ImportantCVE-2020-8026SUSE bug 1172573cpe:/o:opensuse:leap:15.1CVE-2020-8027openSUSE Leap 15.1
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.
ImportantCVE-2020-8027SUSE bug 1175568cpe:/o:opensuse:leap:15.1CVE-2020-8037openSUSE Leap 15.1
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
ModerateCVE-2020-8037SUSE bug 1178466cpe:/o:opensuse:leap:15.1CVE-2020-8118openSUSE Leap 15.1
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
ModerateCVE-2020-8118SUSE bug 1162782cpe:/o:opensuse:leap:15.1CVE-2020-8119openSUSE Leap 15.1
Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app.
ModerateCVE-2020-8119SUSE bug 1162781cpe:/o:opensuse:leap:15.1CVE-2020-8130openSUSE Leap 15.1
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
ModerateCVE-2020-8130SUSE bug 1164804cpe:/o:opensuse:leap:15.1CVE-2020-8154openSUSE Leap 15.1
An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.
ModerateCVE-2020-8154SUSE bug 1171579cpe:/o:opensuse:leap:15.1CVE-2020-8155openSUSE Leap 15.1
An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF.
LowCVE-2020-8155SUSE bug 1171572cpe:/o:opensuse:leap:15.1CVE-2020-8164openSUSE Leap 15.1
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
ImportantCVE-2020-8164SUSE bug 1172177cpe:/o:opensuse:leap:15.1CVE-2020-8165openSUSE Leap 15.1
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
CriticalCVE-2020-8165SUSE bug 1172186cpe:/o:opensuse:leap:15.1CVE-2020-8166openSUSE Leap 15.1
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.
ModerateCVE-2020-8166SUSE bug 1172182cpe:/o:opensuse:leap:15.1CVE-2020-8167openSUSE Leap 15.1
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
ModerateCVE-2020-8167SUSE bug 1172184cpe:/o:opensuse:leap:15.1CVE-2020-8174openSUSE Leap 15.1
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
CriticalCVE-2020-8174SUSE bug 1172443cpe:/o:opensuse:leap:15.1CVE-2020-8177openSUSE Leap 15.1
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
ImportantCVE-2020-8177SUSE bug 1173027SUSE bug 1186108cpe:/o:opensuse:leap:15.1CVE-2020-8183openSUSE Leap 15.1
A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.
ModerateCVE-2020-8183SUSE bug 1178384cpe:/o:opensuse:leap:15.1CVE-2020-8184openSUSE Leap 15.1
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
ModerateCVE-2020-8184SUSE bug 1173351SUSE bug 1177352SUSE bug 1193081cpe:/o:opensuse:leap:15.1CVE-2020-8185openSUSE Leap 15.1
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
ModerateCVE-2020-8185SUSE bug 1173564cpe:/o:opensuse:leap:15.1CVE-2020-8228openSUSE Leap 15.1
A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.
ModerateCVE-2020-8228cpe:/o:opensuse:leap:15.1CVE-2020-8231openSUSE Leap 15.1
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.
ModerateCVE-2020-8231SUSE bug 1175109SUSE bug 1179399SUSE bug 1186108cpe:/o:opensuse:leap:15.1CVE-2020-8233openSUSE Leap 15.1
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.
CriticalCVE-2020-8233cpe:/o:opensuse:leap:15.1CVE-2020-8265openSUSE Leap 15.1
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
ImportantCVE-2020-8265SUSE bug 1180553cpe:/o:opensuse:leap:15.1CVE-2020-8277openSUSE Leap 15.1
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.
ImportantCVE-2020-8277SUSE bug 1178882cpe:/o:opensuse:leap:15.1CVE-2020-8284openSUSE Leap 15.1
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
ModerateCVE-2020-8284SUSE bug 1179398SUSE bug 1179399SUSE bug 1186108cpe:/o:opensuse:leap:15.1CVE-2020-8285openSUSE Leap 15.1
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
ModerateCVE-2020-8285SUSE bug 1179399SUSE bug 1186108cpe:/o:opensuse:leap:15.1CVE-2020-8286openSUSE Leap 15.1
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
ModerateCVE-2020-8286SUSE bug 1179593SUSE bug 1186108cpe:/o:opensuse:leap:15.1CVE-2020-8287openSUSE Leap 15.1
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
ModerateCVE-2020-8287SUSE bug 1180554cpe:/o:opensuse:leap:15.1CVE-2020-8428openSUSE Leap 15.1
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.
ModerateCVE-2020-8428SUSE bug 1162109cpe:/o:opensuse:leap:15.1CVE-2020-8432openSUSE Leap 15.1
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis.
ImportantCVE-2020-8432SUSE bug 1162198cpe:/o:opensuse:leap:15.1CVE-2020-8449openSUSE Leap 15.1
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
ImportantCVE-2020-8449SUSE bug 1162687cpe:/o:opensuse:leap:15.1CVE-2020-8450openSUSE Leap 15.1
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
ImportantCVE-2020-8450SUSE bug 1162687cpe:/o:opensuse:leap:15.1CVE-2020-8492openSUSE Leap 15.1
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
ModerateCVE-2020-8492SUSE bug 1162367cpe:/o:opensuse:leap:15.1CVE-2020-8517openSUSE Leap 15.1
An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
ImportantCVE-2020-8517SUSE bug 1162691cpe:/o:opensuse:leap:15.1CVE-2020-8597openSUSE Leap 15.1
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
ImportantCVE-2020-8597SUSE bug 1162610cpe:/o:opensuse:leap:15.1CVE-2020-8608openSUSE Leap 15.1
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
ImportantCVE-2020-8608SUSE bug 1163018SUSE bug 1163019cpe:/o:opensuse:leap:15.1CVE-2020-8616openSUSE Leap 15.1
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.
ImportantCVE-2020-8616SUSE bug 1109160SUSE bug 1171740cpe:/o:opensuse:leap:15.1CVE-2020-8617openSUSE Leap 15.1
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.
ImportantCVE-2020-8617SUSE bug 1109160SUSE bug 1171740cpe:/o:opensuse:leap:15.1CVE-2020-8618openSUSE Leap 15.1
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
ModerateCVE-2020-8618SUSE bug 1172958cpe:/o:opensuse:leap:15.1CVE-2020-8619openSUSE Leap 15.1
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
ModerateCVE-2020-8619SUSE bug 1172958cpe:/o:opensuse:leap:15.1CVE-2020-8620openSUSE Leap 15.1
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
ImportantCVE-2020-8620SUSE bug 1175443SUSE bug 1191120cpe:/o:opensuse:leap:15.1CVE-2020-8621openSUSE Leap 15.1
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
ImportantCVE-2020-8621SUSE bug 1175443SUSE bug 1191120cpe:/o:opensuse:leap:15.1CVE-2020-8622openSUSE Leap 15.1
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
ImportantCVE-2020-8622SUSE bug 1175443SUSE bug 1188888SUSE bug 1191120cpe:/o:opensuse:leap:15.1CVE-2020-8623openSUSE Leap 15.1
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
ImportantCVE-2020-8623SUSE bug 1175443SUSE bug 1191120cpe:/o:opensuse:leap:15.1CVE-2020-8624openSUSE Leap 15.1
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.
ImportantCVE-2020-8624SUSE bug 1175443SUSE bug 1191120cpe:/o:opensuse:leap:15.1CVE-2020-8631openSUSE Leap 15.1
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
ImportantCVE-2020-8631SUSE bug 1162937cpe:/o:opensuse:leap:15.1CVE-2020-8632openSUSE Leap 15.1
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
ImportantCVE-2020-8632SUSE bug 1162936cpe:/o:opensuse:leap:15.1CVE-2020-8647openSUSE Leap 15.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
ModerateCVE-2020-8647SUSE bug 1162929SUSE bug 1164078cpe:/o:opensuse:leap:15.1CVE-2020-8648openSUSE Leap 15.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
ModerateCVE-2020-8648SUSE bug 1162928cpe:/o:opensuse:leap:15.1CVE-2020-8649openSUSE Leap 15.1
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
ModerateCVE-2020-8649SUSE bug 1162929SUSE bug 1162931cpe:/o:opensuse:leap:15.1CVE-2020-8694openSUSE Leap 15.1
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-8694SUSE bug 1170415SUSE bug 1170446SUSE bug 1178591SUSE bug 1178700SUSE bug 1179661cpe:/o:opensuse:leap:15.1CVE-2020-8695openSUSE Leap 15.1
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
ModerateCVE-2020-8695SUSE bug 1170415SUSE bug 1170446SUSE bug 1178591cpe:/o:opensuse:leap:15.1CVE-2020-8696openSUSE Leap 15.1
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-8696SUSE bug 1173592cpe:/o:opensuse:leap:15.1CVE-2020-8698openSUSE Leap 15.1
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
ModerateCVE-2020-8698SUSE bug 1173594cpe:/o:opensuse:leap:15.1CVE-2020-8813openSUSE Leap 15.1
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
ImportantCVE-2020-8813SUSE bug 1154087SUSE bug 1160867SUSE bug 1164675cpe:/o:opensuse:leap:15.1CVE-2020-8834openSUSE Leap 15.1
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to panic. There were two commits that, according to the reporter, introduced the vulnerability: f024ee098476 ("KVM: PPC: Book3S HV: Pull out TM state save/restore into separate procedures") 87a11bb6a7f7 ("KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode") The former landed in 4.8, the latter in 4.17. This was fixed without realizing the impact in 4.18 with the following three commits, though it's believed the first is the only strictly necessary commit: 6f597c6b63b6 ("KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm()") 7b0e827c6970 ("KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm") 009c872a8bc4 ("KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file")
ImportantCVE-2020-8834SUSE bug 1168276SUSE bug 1173945cpe:/o:opensuse:leap:15.1CVE-2020-8903openSUSE Leap 15.1
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the systemd journal. Using the DHCP XID, it is then possible to set the IP address and hostname of the instance to any value, which is then stored in /etc/hosts. An attacker can then point metadata.google.internal to an arbitrary IP address and impersonate the GCE metadata server which make it is possible to instruct the OS Login PAM module to grant administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "adm" user from the OS Login entry.
ImportantCVE-2020-8903SUSE bug 1173258cpe:/o:opensuse:leap:15.1CVE-2020-8907openSUSE Leap 15.1
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and mount the host OS. Within docker, it is possible to modify the host OS filesystem and modify /etc/groups to gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "docker" user from the OS Login entry.
ImportantCVE-2020-8907SUSE bug 1173258cpe:/o:opensuse:leap:15.1CVE-2020-8933openSUSE Leap 15.1
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an lxc container, it is possible to attach the host OS filesystem and modify /etc/sudoers to then gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "lxd" user from the OS Login entry.
ImportantCVE-2020-8933SUSE bug 1173258cpe:/o:opensuse:leap:15.1CVE-2020-8955openSUSE Leap 15.1
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).
ImportantCVE-2020-8955SUSE bug 1163889cpe:/o:opensuse:leap:15.1CVE-2020-8992openSUSE Leap 15.1
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
LowCVE-2020-8992SUSE bug 1164069cpe:/o:opensuse:leap:15.1CVE-2020-9272openSUSE Leap 15.1
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
ModerateCVE-2020-9272SUSE bug 1164572cpe:/o:opensuse:leap:15.1CVE-2020-9273openSUSE Leap 15.1
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
CriticalCVE-2020-9273SUSE bug 1164574cpe:/o:opensuse:leap:15.1CVE-2020-9383openSUSE Leap 15.1
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.
ModerateCVE-2020-9383SUSE bug 1165111cpe:/o:opensuse:leap:15.1CVE-2020-9428openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
ModerateCVE-2020-9428SUSE bug 1165241cpe:/o:opensuse:leap:15.1CVE-2020-9429openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.
ModerateCVE-2020-9429SUSE bug 1165241cpe:/o:opensuse:leap:15.1CVE-2020-9430openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.
ModerateCVE-2020-9430SUSE bug 1165241cpe:/o:opensuse:leap:15.1CVE-2020-9431openSUSE Leap 15.1
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
ModerateCVE-2020-9431SUSE bug 1165241cpe:/o:opensuse:leap:15.1CVE-2020-9484openSUSE Leap 15.1
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
ImportantCVE-2020-9484SUSE bug 1171928SUSE bug 1182909SUSE bug 1195255SUSE bug 1196395cpe:/o:opensuse:leap:15.1CVE-2020-9490openSUSE Leap 15.1
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.
ImportantCVE-2020-9490SUSE bug 1175071SUSE bug 1178074cpe:/o:opensuse:leap:15.1CVE-2020-9802openSUSE Leap 15.1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-9802SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9803openSUSE Leap 15.1
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-9803SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9805openSUSE Leap 15.1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.
ImportantCVE-2020-9805SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9806openSUSE Leap 15.1
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-9806SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9807openSUSE Leap 15.1
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-9807SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9843openSUSE Leap 15.1
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.
ImportantCVE-2020-9843SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9850openSUSE Leap 15.1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.
ImportantCVE-2020-9850SUSE bug 1173998cpe:/o:opensuse:leap:15.1CVE-2020-9862openSUSE Leap 15.1
A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection.
ModerateCVE-2020-9862SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9893openSUSE Leap 15.1
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
ModerateCVE-2020-9893SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9894openSUSE Leap 15.1
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
ModerateCVE-2020-9894SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9895openSUSE Leap 15.1
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
ModerateCVE-2020-9895SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9915openSUSE Leap 15.1
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
ModerateCVE-2020-9915SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9925openSUSE Leap 15.1
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.
ModerateCVE-2020-9925SUSE bug 1174662cpe:/o:opensuse:leap:15.1CVE-2020-9948openSUSE Leap 15.1
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
ModerateCVE-2020-9948SUSE bug 1179122SUSE bug 1179910SUSE bug 1179911SUSE bug 1179912cpe:/o:opensuse:leap:15.1CVE-2020-9951openSUSE Leap 15.1
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
ImportantCVE-2020-9951SUSE bug 1179122SUSE bug 1179910SUSE bug 1179911SUSE bug 1179912cpe:/o:opensuse:leap:15.1CVE-2020-9983openSUSE Leap 15.1
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
ImportantCVE-2020-9983SUSE bug 1179122SUSE bug 1179910SUSE bug 1179911SUSE bug 1179912cpe:/o:opensuse:leap:15.1CVE-2021-21106openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21106SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21107openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21107SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21108openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21108SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21109openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21109SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21110openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21110SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21111openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2021-21111SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21112openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21112SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21113openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21113SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21114openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21114SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21115openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21115SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21116openSUSE Leap 15.1openSUSE Leap 15.1 NonFree
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21116SUSE bug 1180645cpe:/o:opensuse:leap:15.1CVE-2021-21117openSUSE Leap 15.1
Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file.
ModerateCVE-2021-21117SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21118openSUSE Leap 15.1
Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
ModerateCVE-2021-21118SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21119openSUSE Leap 15.1
Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21119SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21120openSUSE Leap 15.1
Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21120SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21121openSUSE Leap 15.1
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21121SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21122openSUSE Leap 15.1
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21122SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21123openSUSE Leap 15.1
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
ModerateCVE-2021-21123SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21124openSUSE Leap 15.1
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
ModerateCVE-2021-21124SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21125openSUSE Leap 15.1
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
ModerateCVE-2021-21125SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21126openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
ModerateCVE-2021-21126SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21127openSUSE Leap 15.1
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
ModerateCVE-2021-21127SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21128openSUSE Leap 15.1
Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
ModerateCVE-2021-21128SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21129openSUSE Leap 15.1
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
ModerateCVE-2021-21129SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21130openSUSE Leap 15.1
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
ModerateCVE-2021-21130SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21131openSUSE Leap 15.1
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
ModerateCVE-2021-21131SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21132openSUSE Leap 15.1
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
ModerateCVE-2021-21132SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21133openSUSE Leap 15.1
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2021-21133SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21134openSUSE Leap 15.1
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
ModerateCVE-2021-21134SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21135openSUSE Leap 15.1
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2021-21135SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21136openSUSE Leap 15.1
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
ModerateCVE-2021-21136SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21137openSUSE Leap 15.1
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
ModerateCVE-2021-21137SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21138openSUSE Leap 15.1
Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file.
ModerateCVE-2021-21138SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21139openSUSE Leap 15.1
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
ModerateCVE-2021-21139SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21140openSUSE Leap 15.1
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
ModerateCVE-2021-21140SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-21141openSUSE Leap 15.1
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
ModerateCVE-2021-21141SUSE bug 1181137cpe:/o:opensuse:leap:15.1CVE-2021-23239openSUSE Leap 15.1
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.
ModerateCVE-2021-23239SUSE bug 1171722SUSE bug 1180684cpe:/o:opensuse:leap:15.1CVE-2021-23240openSUSE Leap 15.1
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.
ImportantCVE-2021-23240SUSE bug 1171722SUSE bug 1180685cpe:/o:opensuse:leap:15.1CVE-2021-23953openSUSE Leap 15.1
If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
ImportantCVE-2021-23953SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2021-23954openSUSE Leap 15.1
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
ImportantCVE-2021-23954SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2021-23960openSUSE Leap 15.1
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
ImportantCVE-2021-23960SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2021-23964openSUSE Leap 15.1
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
ImportantCVE-2021-23964SUSE bug 1181414cpe:/o:opensuse:leap:15.1CVE-2021-3114openSUSE Leap 15.1
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
ModerateCVE-2021-3114SUSE bug 1181145cpe:/o:opensuse:leap:15.1CVE-2021-3115openSUSE Leap 15.1
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).
ImportantCVE-2021-3115SUSE bug 1181146cpe:/o:opensuse:leap:15.1CVE-2021-3139openSUSE Leap 15.1
In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. NOTE: relative to CVE-2020-28374, this is a similar mistake in a different algorithm.
ImportantCVE-2021-3139SUSE bug 1178684SUSE bug 1180676cpe:/o:opensuse:leap:15.1CVE-2021-3156openSUSE Leap 15.1
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
ImportantCVE-2021-3156SUSE bug 1180684SUSE bug 1181090SUSE bug 1181506SUSE bug 1181657SUSE bug 1183936cpe:/o:opensuse:leap:15.1CVE-2021-3181openSUSE Leap 15.1
rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons.
ModerateCVE-2021-3181SUSE bug 1181221SUSE bug 1181505cpe:/o:opensuse:leap:15.1cacticacti-spineopenSUSE-releaseapache2-mod_perlapache2-mod_perl-devellibpython3_6m1_0libpython3_6m1_0-32bitpython3python3-32bitpython3-basepython3-base-32bitpython3-cursespython3-dbmpython3-develpython3-idlepython3-testsuitepython3-tkpython3-toolslibruby2_5-2_5ruby2.5ruby2.5-develruby2.5-devel-extraruby2.5-docruby2.5-doc-riruby2.5-stdlibperl-DBIfish3fish3-develapache-commons-httpclientapache-commons-httpclient-demoapache-commons-httpclient-javadocapache-commons-httpclient-manualwpa_supplicantwpa_supplicant-guiarcimapfilterbzip2bzip2-doclibbz2-1libbz2-1-32bitlibbz2-devellibbz2-devel-32bitcri-ocri-o-kubeadm-criconfigcri-toolsgo1.14go1.14-docgo1.14-racekubernetes-apiserverkubernetes-clientkubernetes-controller-managerkubernetes-kubeadmkubernetes-kubelet-commonkubernetes-kubelet1.17kubernetes-kubelet1.18kubernetes-masterkubernetes-nodekubernetes-proxykubernetes-schedulerlibexif-devellibexif-devel-32bitlibexif12libexif12-32bitperl-XML-Twigjasperlibjasper-devellibjasper4libjasper4-32bitbluezbluez-auto-enable-devicesbluez-cupsbluez-develbluez-devel-32bitbluez-testlibbluetooth3libbluetooth3-32bitexiv2exiv2-langlibexiv2-26libexiv2-26-32bitlibexiv2-devellibexiv2-docldnsldns-devellibldns2perl-DNS-LDNSpython3-ldnsknotledgermp3gainhostapdbouncycastlebouncycastle-javadoclibIlmImf-2_2-23libIlmImf-2_2-23-32bitlibIlmImfUtil-2_2-23libIlmImfUtil-2_2-23-32bitopenexropenexr-developenexr-docdnsmasqdnsmasq-utilsgitgit-archgit-coregit-credential-gnome-keyringgit-credential-libsecretgit-cvsgit-daemongit-docgit-emailgit-guigit-p4git-svngit-webgitktcpdumpffmpeg-4-libavcodec-develffmpeg-4-libavdevice-develffmpeg-4-libavfilter-develffmpeg-4-libavformat-develffmpeg-4-libavresample-develffmpeg-4-libavutil-develffmpeg-4-libpostproc-develffmpeg-4-libswresample-develffmpeg-4-libswscale-develffmpeg-4-private-devellibavcodec58libavcodec58-32bitlibavdevice58libavdevice58-32bitlibavfilter7libavfilter7-32bitlibavformat58libavformat58-32bitlibavresample4libavresample4-32bitlibavutil56libavutil56-32bitlibpostproc55libpostproc55-32bitlibswresample3libswresample3-32bitlibswscale5libswscale5-32bitlibldap-2_4-2libldap-2_4-2-32bitlibldap-dataopenldap2openldap2-back-metaopenldap2-back-perlopenldap2-back-sockopenldap2-back-sqlopenldap2-clientopenldap2-contribopenldap2-developenldap2-devel-32bitopenldap2-devel-staticopenldap2-docopenldap2-ppolicy-check-passwordruby-bundled-gems-rpmhelpergimpgimp-develgimp-langgimp-plugin-aagimp-plugins-pythonlibgimp-2_0-0libgimp-2_0-0-32bitlibgimpui-2_0-0libgimpui-2_0-0-32bitkernel-debugkernel-debug-basekernel-debug-develkernel-defaultkernel-default-basekernel-default-develkernel-develkernel-docskernel-docs-htmlkernel-kvmsmallkernel-kvmsmall-basekernel-kvmsmall-develkernel-macroskernel-obs-buildkernel-obs-qakernel-sourcekernel-source-vanillakernel-symskernel-vanillakernel-vanilla-basekernel-vanilla-develncatndiffnmapnpingzenmapLibVNCServer-devellibvncclient0libvncserver0libraptor-devellibraptor2-0libraptor2-0-32bitraptorlibnetpbm-devellibnetpbm11libnetpbm11-32bitnetpbmnetpbm-vulnerablebindbind-chrootenvbind-develbind-devel-32bitbind-docbind-utilslibbind9-1600libbind9-1600-32bitlibdns1605libdns1605-32bitlibirs-devellibirs1601libirs1601-32bitlibisc1606libisc1606-32bitlibisccc1600libisccc1600-32bitlibisccfg1600libisccfg1600-32bitlibns1604libns1604-32bitlibuv-devellibuv1libuv1-32bitpython3-bindsysuser-shadowsysuser-toolsproftpdproftpd-develproftpd-docproftpd-langproftpd-ldapproftpd-mysqlproftpd-pgsqlproftpd-radiusproftpd-sqliteelfutilselfutils-langlibasm-devellibasm1libasm1-32bitlibdw-devellibdw1libdw1-32bitlibebl-devellibebl-pluginslibebl-plugins-32bitlibelf-devellibelf-devel-32bitlibelf1libelf1-32bitlibcrocolibcroco-0_6-3libcroco-0_6-3-32bitlibcroco-develadnslibadns-devellibadns-devel-32bitlibadns1libadns1-32bitcairo-develcairo-devel-32bitcairo-toolslibcairo-gobject2libcairo-gobject2-32bitlibcairo-script-interpreter2libcairo-script-interpreter2-32bitlibcairo2libcairo2-32bitpython3-virtualboxvirtualboxvirtualbox-develvirtualbox-guest-desktop-iconsvirtualbox-guest-kmp-defaultvirtualbox-guest-sourcevirtualbox-guest-toolsvirtualbox-guest-x11virtualbox-host-kmp-defaultvirtualbox-host-sourcevirtualbox-qtvirtualbox-vncvirtualbox-websrvcargocargo-docclippyrlsrustrust-analysisrust-cbindgenrust-docrust-gdbrust-srcrust-std-staticrustfmtlibtasn1libtasn1-6libtasn1-6-32bitlibtasn1-devellibtasn1-devel-32bitnasmbinutilsbinutils-develbinutils-devel-32bitbinutils-goldcross-aarch64-binutilscross-arm-binutilscross-avr-binutilscross-epiphany-binutilscross-hppa-binutilscross-hppa64-binutilscross-i386-binutilscross-ia64-binutilscross-m68k-binutilscross-mips-binutilscross-ppc-binutilscross-ppc64-binutilscross-ppc64le-binutilscross-riscv64-binutilscross-rx-binutilscross-s390-binutilscross-s390x-binutilscross-sparc-binutilscross-sparc64-binutilscross-spu-binutilsbsdtarlibarchive-devellibarchive13libarchive13-32bitgraphvizgraphviz-develgraphviz-docgraphviz-gdgraphviz-gnomegraphviz-guilegraphviz-gveditgraphviz-javagraphviz-luagraphviz-perlgraphviz-phpgraphviz-plugins-coregraphviz-pythongraphviz-rubygraphviz-smyrnagraphviz-tcllibgraphviz6libwavpack1libwavpack1-32bitwavpackwavpack-develstrongswanstrongswan-docstrongswan-hmacstrongswan-ipsecstrongswan-libs0strongswan-mysqlstrongswan-nmstrongswan-sqliteglusterfsglusterfs-devellibgfapi0libgfchangelog0libgfdb0libgfrpc0libgfxdr0libglusterfs0python-glusterantant-antlrant-apache-bcelant-apache-bsfant-apache-log4jant-apache-oroant-apache-regexpant-apache-resolverant-apache-xalan2ant-commons-loggingant-commons-netant-javamailant-jdependant-jmfant-jschant-junitant-manualant-scriptsant-swingant-testutilcontainerdcontainerd-ctrdockerdocker-bash-completiondocker-libnetworkdocker-runcdocker-testdocker-zsh-completiongolang-github-docker-libnetworklibecpg6libpq5postgresqlpostgresql-contribpostgresql-develpostgresql-docspostgresql-llvmjitpostgresql-plperlpostgresql-plpythonpostgresql-pltclpostgresql-serverpostgresql-server-develpostgresql-testpostgresql10postgresql10-contribpostgresql10-develpostgresql10-docspostgresql10-plperlpostgresql10-plpythonpostgresql10-pltclpostgresql10-serverpostgresql10-testpostgresql12postgresql12-contribpostgresql12-develpostgresql12-docspostgresql12-llvmjitpostgresql12-plperlpostgresql12-plpythonpostgresql12-pltclpostgresql12-serverpostgresql12-server-develpostgresql12-testpostgresql96postgresql96-contribpostgresql96-develpostgresql96-docspostgresql96-plperlpostgresql96-plpythonpostgresql96-pltclpostgresql96-serverpostgresql96-testlibprocps7procpsprocps-devellibucl1ucl-develupxlibmaxminddb-devellibmaxminddb0libmaxminddb0-32bitlibspandsp2libspandsp2-32bitlibwireshark13libwiretap10libwsutil11mmdblookupspandsp-develspandsp-docwiresharkwireshark-develwireshark-ui-qtepiphanyepiphany-branding-upstreamepiphany-langgnome-shell-search-provider-epiphanylibsass-3_6_1-1libsass-devellibsvn_auth_gnome_keyring-1-0libsvn_auth_kwallet-1-0subversionsubversion-bash-completionsubversion-develsubversion-perlsubversion-pythonsubversion-python-ctypessubversion-rubysubversion-serversubversion-toolsperl-Mail-SpamAssassinperl-Mail-SpamAssassin-Plugin-iXhash2spamassassinucode-intelxenxen-develxen-doc-htmlxen-libsxen-libs-32bitxen-toolsxen-tools-domUqemuqemu-armqemu-audio-alsaqemu-audio-ossqemu-audio-paqemu-audio-sdlqemu-block-curlqemu-block-dmgqemu-block-glusterqemu-block-iscsiqemu-block-nfsqemu-block-rbdqemu-block-sshqemu-extraqemu-guest-agentqemu-ipxeqemu-ksmqemu-kvmqemu-langqemu-linux-userqemu-ppcqemu-s390qemu-seabiosqemu-sgabiosqemu-toolsqemu-ui-cursesqemu-ui-gtkqemu-ui-sdlqemu-vgabiosqemu-x86spectre-meltdown-checkerexempi-toolslibexempi-devellibexempi3libexempi3-32bitnagiosnagios-contribnagios-develnagios-theme-exfoliationnagios-wwwnagios-www-dchlibpng16-16libpng16-16-32bitlibpng16-compat-devellibpng16-compat-devel-32bitlibpng16-devellibpng16-devel-32bitlibpng16-toolsclementinegdgd-devellibgd3libgd3-32bitlibqt4libqt4-32bitlibqt4-devellibqt4-devel-32bitlibqt4-devel-doclibqt4-devel-doc-datalibqt4-linguistlibqt4-private-headers-devellibqt4-qt3supportlibqt4-qt3support-32bitlibqt4-sqllibqt4-sql-32bitlibqt4-sql-postgresqllibqt4-sql-sqlitelibqt4-sql-sqlite-32bitlibqt4-sql-unixODBClibqt4-x11libqt4-x11-32bitqt4-x11-toolsevolutionevolution-develevolution-langevolution-plugin-bogofilterevolution-plugin-pst-importevolution-plugin-spamassassinglade-catalog-evolutionfuse-overlayfsfuse3fuse3-develfuse3-doclibcontainers-commonlibfuse3-3podmanpodman-cni-configslirp4netnspython2-saltpython3-saltsaltsalt-apisalt-bash-completionsalt-cloudsalt-docsalt-fish-completionsalt-mastersalt-minionsalt-proxysalt-sshsalt-standalone-formulas-configurationsalt-syndicsalt-zsh-completiontransfiglibpcap-devellibpcap-devel-32bitlibpcap-devel-staticlibpcap1libpcap1-32bitruby2.5-rubygem-rackruby2.5-rubygem-rack-docruby2.5-rubygem-rack-testsuitelibzzip-0-13libzzip-0-13-32bitzziplib-develzziplib-devel-32bitansiblelibipa_hbac-devellibipa_hbac0libnfsidmap-ssslibsss_certmap-devellibsss_certmap0libsss_idmap-devellibsss_idmap0libsss_nss_idmap-devellibsss_nss_idmap0libsss_simpleifp-devellibsss_simpleifp0python3-ipa_hbacpython3-sss-murmurpython3-sss_nss_idmappython3-sssd-configsssdsssd-32bitsssd-adsssd-dbussssd-ipasssd-krb5sssd-krb5-commonsssd-ldapsssd-proxysssd-toolssssd-wbclientsssd-wbclient-develsssd-winbind-idmapnginxnginx-sourcevim-plugin-nginxlibixion-0_14-0libixion-devellibixion-toolsliborcus-0_14-0liborcus-develliborcus-toolslibreofficelibreoffice-baselibreoffice-base-drivers-firebirdlibreoffice-base-drivers-postgresqllibreoffice-branding-upstreamlibreoffice-calclibreoffice-calc-extensionslibreoffice-drawlibreoffice-filters-optionallibreoffice-gdb-pretty-printerslibreoffice-gladelibreoffice-gnomelibreoffice-gtk2libreoffice-gtk3libreoffice-icon-themeslibreoffice-impresslibreoffice-l10n-aflibreoffice-l10n-amlibreoffice-l10n-arlibreoffice-l10n-aslibreoffice-l10n-astlibreoffice-l10n-belibreoffice-l10n-bglibreoffice-l10n-bnlibreoffice-l10n-bn_INlibreoffice-l10n-bolibreoffice-l10n-brlibreoffice-l10n-brxlibreoffice-l10n-bslibreoffice-l10n-calibreoffice-l10n-ca_valencialibreoffice-l10n-cslibreoffice-l10n-cylibreoffice-l10n-dalibreoffice-l10n-delibreoffice-l10n-dgolibreoffice-l10n-dsblibreoffice-l10n-dzlibreoffice-l10n-ellibreoffice-l10n-enlibreoffice-l10n-en_GBlibreoffice-l10n-en_ZAlibreoffice-l10n-eolibreoffice-l10n-eslibreoffice-l10n-etlibreoffice-l10n-eulibreoffice-l10n-falibreoffice-l10n-filibreoffice-l10n-frlibreoffice-l10n-fylibreoffice-l10n-galibreoffice-l10n-gdlibreoffice-l10n-gllibreoffice-l10n-gulibreoffice-l10n-guglibreoffice-l10n-helibreoffice-l10n-hilibreoffice-l10n-hrlibreoffice-l10n-hsblibreoffice-l10n-hulibreoffice-l10n-idlibreoffice-l10n-islibreoffice-l10n-itlibreoffice-l10n-jalibreoffice-l10n-kalibreoffice-l10n-kablibreoffice-l10n-kklibreoffice-l10n-kmlibreoffice-l10n-kmr_Latnlibreoffice-l10n-knlibreoffice-l10n-kolibreoffice-l10n-koklibreoffice-l10n-kslibreoffice-l10n-lblibreoffice-l10n-lolibreoffice-l10n-ltlibreoffice-l10n-lvlibreoffice-l10n-mailibreoffice-l10n-mklibreoffice-l10n-mllibreoffice-l10n-mnlibreoffice-l10n-mnilibreoffice-l10n-mrlibreoffice-l10n-mylibreoffice-l10n-nblibreoffice-l10n-nelibreoffice-l10n-nllibreoffice-l10n-nnlibreoffice-l10n-nrlibreoffice-l10n-nsolibreoffice-l10n-oclibreoffice-l10n-omlibreoffice-l10n-orlibreoffice-l10n-palibreoffice-l10n-pllibreoffice-l10n-pt_BRlibreoffice-l10n-pt_PTlibreoffice-l10n-rolibreoffice-l10n-rulibreoffice-l10n-rwlibreoffice-l10n-sa_INlibreoffice-l10n-satlibreoffice-l10n-sdlibreoffice-l10n-silibreoffice-l10n-sidlibreoffice-l10n-sklibreoffice-l10n-sllibreoffice-l10n-sqlibreoffice-l10n-srlibreoffice-l10n-sslibreoffice-l10n-stlibreoffice-l10n-svlibreoffice-l10n-sw_TZlibreoffice-l10n-talibreoffice-l10n-telibreoffice-l10n-tglibreoffice-l10n-thlibreoffice-l10n-tnlibreoffice-l10n-trlibreoffice-l10n-tslibreoffice-l10n-ttlibreoffice-l10n-uglibreoffice-l10n-uklibreoffice-l10n-uzlibreoffice-l10n-velibreoffice-l10n-veclibreoffice-l10n-vilibreoffice-l10n-xhlibreoffice-l10n-zh_CNlibreoffice-l10n-zh_TWlibreoffice-l10n-zulibreoffice-mailmergelibreoffice-mathlibreoffice-officebeanlibreoffice-pyunolibreoffice-qt5libreoffice-sdklibreoffice-sdk-doclibreoffice-writerlibreoffice-writer-extensionslibreofficekitlibreofficekit-devellibwps-0_4-4libwps-devellibwps-toolsmdds-1_4-develmyspell-af_NAmyspell-af_ZAmyspell-anmyspell-an_ESmyspell-armyspell-ar_AEmyspell-ar_BHmyspell-ar_DZmyspell-ar_EGmyspell-ar_IQmyspell-ar_JOmyspell-ar_KWmyspell-ar_LBmyspell-ar_LYmyspell-ar_MAmyspell-ar_OMmyspell-ar_QAmyspell-ar_SAmyspell-ar_SDmyspell-ar_SYmyspell-ar_TNmyspell-ar_YEmyspell-be_BYmyspell-bg_BGmyspell-bn_BDmyspell-bn_INmyspell-bomyspell-bo_CNmyspell-bo_INmyspell-br_FRmyspell-bsmyspell-bs_BAmyspell-camyspell-ca_ADmyspell-ca_ESmyspell-ca_ES_valenciamyspell-ca_FRmyspell-ca_ITmyspell-cs_CZmyspell-da_DKmyspell-demyspell-de_ATmyspell-de_CHmyspell-de_DEmyspell-dictionariesmyspell-el_GRmyspell-enmyspell-en_AUmyspell-en_BSmyspell-en_BZmyspell-en_CAmyspell-en_GBmyspell-en_GHmyspell-en_IEmyspell-en_INmyspell-en_JMmyspell-en_MWmyspell-en_NAmyspell-en_NZmyspell-en_PHmyspell-en_TTmyspell-en_USmyspell-en_ZAmyspell-en_ZWmyspell-esmyspell-es_ARmyspell-es_BOmyspell-es_CLmyspell-es_COmyspell-es_CRmyspell-es_CUmyspell-es_DOmyspell-es_ECmyspell-es_ESmyspell-es_GTmyspell-es_HNmyspell-es_MXmyspell-es_NImyspell-es_PAmyspell-es_PEmyspell-es_PRmyspell-es_PYmyspell-es_SVmyspell-es_UYmyspell-es_VEmyspell-et_EEmyspell-fr_BEmyspell-fr_CAmyspell-fr_CHmyspell-fr_FRmyspell-fr_LUmyspell-fr_MCmyspell-gd_GBmyspell-glmyspell-gl_ESmyspell-gu_INmyspell-gugmyspell-gug_PYmyspell-he_ILmyspell-hi_INmyspell-hr_HRmyspell-hu_HUmyspell-idmyspell-id_IDmyspell-ismyspell-is_ISmyspell-it_ITmyspell-kmr_Latnmyspell-kmr_Latn_SYmyspell-kmr_Latn_TRmyspell-lightproof-enmyspell-lightproof-hu_HUmyspell-lightproof-pt_BRmyspell-lightproof-ru_RUmyspell-lo_LAmyspell-lt_LTmyspell-lv_LVmyspell-nb_NOmyspell-ne_NPmyspell-nl_BEmyspell-nl_NLmyspell-nn_NOmyspell-nomyspell-oc_FRmyspell-pl_PLmyspell-pt_AOmyspell-pt_BRmyspell-pt_PTmyspell-romyspell-ro_ROmyspell-ru_RUmyspell-si_LKmyspell-sk_SKmyspell-sl_SImyspell-sq_ALmyspell-srmyspell-sr_CSmyspell-sr_Latn_CSmyspell-sr_Latn_RSmyspell-sr_RSmyspell-sv_FImyspell-sv_SEmyspell-sw_TZmyspell-temyspell-te_INmyspell-th_THmyspell-trmyspell-tr_TRmyspell-uk_UAmyspell-vimyspell-vi_VNmyspell-zu_ZApython3-libixionpython3-liborcuslibheimdallibheimdal-develgnutlsgnutls-guilelibgnutls-dane-devellibgnutls-dane0libgnutls-devellibgnutls-devel-32bitlibgnutls30libgnutls30-32bitlibgnutlsxx-devellibgnutlsxx28containerd-testdocker-runc-testgogo-docgo-racego1.11go1.11-docgo1.11-racego1.12go1.12-docgo1.12-racepython2-requestspython2-requests-testpython3-requestspython3-requests-testicingacliicingaweb2icingaweb2-commonicingaweb2-vendor-HTMLPurifiericingaweb2-vendor-JShrinkicingaweb2-vendor-Parsedownicingaweb2-vendor-dompdficingaweb2-vendor-lessphpicingaweb2-vendor-zf1php-Icingalibfreebl3libfreebl3-32bitlibfreebl3-hmaclibfreebl3-hmac-32bitlibsoftokn3libsoftokn3-32bitlibsoftokn3-hmaclibsoftokn3-hmac-32bitmozilla-nsprmozilla-nspr-32bitmozilla-nspr-develmozilla-nssmozilla-nss-32bitmozilla-nss-certsmozilla-nss-certs-32bitmozilla-nss-develmozilla-nss-sysinitmozilla-nss-sysinit-32bitmozilla-nss-toolsteeworldsgettext-csharpgettext-javagettext-runtimegettext-runtime-32bitgettext-runtime-minigettext-runtime-mini-tools-docgettext-runtime-tools-docgettext-toolsgettext-tools-minilighttpdlighttpd-mod_authn_gssapilighttpd-mod_authn_ldaplighttpd-mod_authn_mysqllighttpd-mod_authn_pamlighttpd-mod_authn_sasllighttpd-mod_cmllighttpd-mod_geoiplighttpd-mod_magnetlighttpd-mod_maxminddblighttpd-mod_mysql_vhostlighttpd-mod_rrdtoollighttpd-mod_trigger_b4_dllighttpd-mod_vhostdb_dbilighttpd-mod_vhostdb_ldaplighttpd-mod_vhostdb_mysqllighttpd-mod_vhostdb_pgsqllighttpd-mod_webdavtmuxaubio-toolslibaubio-devellibaubio5libaubio5-32bitpython2-aubiopython3-aubiolibvlc5libvlccore9vlcvlc-codec-gstreamervlc-develvlc-jackvlc-langvlc-noXvlc-qtvlc-vdpauapache2-mod_php7php7php7-bcmathphp7-bz2php7-calendarphp7-ctypephp7-curlphp7-dbaphp7-develphp7-domphp7-embedphp7-enchantphp7-exifphp7-fastcgiphp7-fileinfophp7-firebirdphp7-fpmphp7-ftpphp7-gdphp7-gettextphp7-gmpphp7-iconvphp7-intlphp7-jsonphp7-ldapphp7-mbstringphp7-mysqlphp7-odbcphp7-opcachephp7-opensslphp7-pcntlphp7-pdophp7-pearphp7-pear-Archive_Tarphp7-pgsqlphp7-pharphp7-posixphp7-readlinephp7-shmopphp7-snmpphp7-soapphp7-socketsphp7-sodiumphp7-sqlitephp7-sysvmsgphp7-sysvsemphp7-sysvshmphp7-testresultsphp7-tidyphp7-tokenizerphp7-wddxphp7-xmlreaderphp7-xmlrpcphp7-xmlwriterphp7-xslphp7-zipphp7-zlibchromedriverchromiumyast2-rmtrdesktoplibu2f-host-devellibu2f-host-doclibu2f-host0u2f-hostPackageKitPackageKit-backend-zyppPackageKit-branding-upstreamPackageKit-develPackageKit-gstreamer-pluginPackageKit-gtk3-modulePackageKit-langlibpackagekit-glib2-18libpackagekit-glib2-18-32bitlibpackagekit-glib2-devellibpackagekit-glib2-devel-32bitlibsolv-demolibsolv-devellibsolv-toolslibyui-ncurses-pkg-devellibyui-ncurses-pkg-doclibyui-ncurses-pkg9libyui-qt-pkg-devellibyui-qt-pkg-doclibyui-qt-pkg9libzypplibzypp-devellibzypp-devel-docperl-solvpython-solvpython3-solvruby-solvtypelib-1_0-PackageKitGlib-1_0yast2-pkg-bindingsyast2-pkg-bindings-devel-doczypperzypper-aptitudezypper-logzypper-needs-restartingmumblemumble-32bitmumble-serverexpatlibexpat-devellibexpat-devel-32bitlibexpat1libexpat1-32bitlibpython2_7-1_0libpython2_7-1_0-32bitpythonpython-32bitpython-basepython-base-32bitpython-cursespython-demopython-develpython-docpython-doc-pdfpython-gdbmpython-idlepython-tkpython-xmllibmodplug-devellibmodplug1libmodplug1-32bitlibopenmpt-devellibopenmpt0libopenmpt0-32bitlibopenmpt_modplug1libopenmpt_modplug1-32bitopenmpt123bind-lwresdlibbind9-160libbind9-160-32bitlibdns169libdns169-32bitlibirs160libirs160-32bitlibisc166libisc166-32bitlibisccc160libisccc160-32bitlibisccfg160libisccfg160-32bitliblwres160liblwres160-32bitfreetype2-develfreetype2-devel-32bitfreetype2-profile-tti35ft2demosftbenchftdiffftdumpftgammaftgridftinspectftlintftmultiftstringftvalidftviewlibfreetype6libfreetype6-32bitntpntp-doctomcattomcat-admin-webappstomcat-docs-webapptomcat-el-3_0-apitomcat-embedtomcat-javadoctomcat-jsp-2_3-apitomcat-jsvctomcat-libtomcat-servlet-4_0-apitomcat-webappspython-azure-agentpython-azure-agent-testcloud-initcloud-init-config-susecloud-init-docotrsotrs-docotrs-itsmapache2apache2-develapache2-docapache2-eventapache2-example-pagesapache2-preforkapache2-utilsapache2-workerapache-commons-beanutilsapache-commons-beanutils-javadocevinceevince-develevince-langevince-plugin-comicsdocumentevince-plugin-djvudocumentevince-plugin-dvidocumentevince-plugin-pdfdocumentevince-plugin-psdocumentevince-plugin-tiffdocumentevince-plugin-xpsdocumentlibevdocument3-4libevview3-3nautilus-evincetypelib-1_0-EvinceDocument-3_0typelib-1_0-EvinceView-3_0gdbgdb-testresultsgdbserverg3utilsmgettysendfaxlibmspack-devellibmspack0libmspack0-32bitmspack-toolslibecpg6-32bitlibpq5-32biteximeximoneximstats-htmlfence-agentsfence-agents-amt_wsfence-agents-devellibvirtlibvirt-adminlibvirt-bash-completionlibvirt-clientlibvirt-daemonlibvirt-daemon-config-networklibvirt-daemon-config-nwfilterlibvirt-daemon-driver-interfacelibvirt-daemon-driver-libxllibvirt-daemon-driver-lxclibvirt-daemon-driver-networklibvirt-daemon-driver-nodedevlibvirt-daemon-driver-nwfilterlibvirt-daemon-driver-qemulibvirt-daemon-driver-secretlibvirt-daemon-driver-storagelibvirt-daemon-driver-storage-corelibvirt-daemon-driver-storage-disklibvirt-daemon-driver-storage-glusterlibvirt-daemon-driver-storage-iscsilibvirt-daemon-driver-storage-logicallibvirt-daemon-driver-storage-mpathlibvirt-daemon-driver-storage-rbdlibvirt-daemon-driver-storage-scsilibvirt-daemon-hookslibvirt-daemon-lxclibvirt-daemon-qemulibvirt-daemon-xenlibvirt-devellibvirt-devel-32bitlibvirt-doclibvirt-libslibvirt-lock-sanlocklibvirt-nsswireshark-plugin-libvirtpdnspdns-backend-geoippdns-backend-godbcpdns-backend-ldappdns-backend-luapdns-backend-mydnspdns-backend-mysqlpdns-backend-postgresqlpdns-backend-remotepdns-backend-sqlite3ctdbctdb-pcp-pmdactdb-testslibdcerpc-binding0libdcerpc-binding0-32bitlibdcerpc-devellibdcerpc-samr-devellibdcerpc-samr0libdcerpc-samr0-32bitlibdcerpc0libdcerpc0-32bitlibndr-devellibndr-krb5pac-devellibndr-krb5pac0libndr-krb5pac0-32bitlibndr-nbt-devellibndr-nbt0libndr-nbt0-32bitlibndr-standard-devellibndr-standard0libndr-standard0-32bitlibndr0libndr0-32bitlibnetapi-devellibnetapi0libnetapi0-32bitlibsamba-credentials-devellibsamba-credentials0libsamba-credentials0-32bitlibsamba-errors-devellibsamba-errors0libsamba-errors0-32bitlibsamba-hostconfig-devellibsamba-hostconfig0libsamba-hostconfig0-32bitlibsamba-passdb-devellibsamba-passdb0libsamba-passdb0-32bitlibsamba-policy-devellibsamba-policy-python-devellibsamba-policy-python3-devellibsamba-policy0libsamba-policy0-32bitlibsamba-policy0-python3libsamba-policy0-python3-32bitlibsamba-util-devellibsamba-util0libsamba-util0-32bitlibsamdb-devellibsamdb0libsamdb0-32bitlibsmbclient-devellibsmbclient0libsmbclient0-32bitlibsmbconf-devellibsmbconf0libsmbconf0-32bitlibsmbldap-devellibsmbldap2libsmbldap2-32bitlibtevent-util-devellibtevent-util0libtevent-util0-32bitlibwbclient-devellibwbclient0libwbclient0-32bitsambasamba-ad-dcsamba-ad-dc-32bitsamba-cephsamba-clientsamba-client-32bitsamba-core-develsamba-docsamba-dsdb-modulessamba-libssamba-libs-32bitsamba-libs-pythonsamba-libs-python-32bitsamba-libs-python3samba-libs-python3-32bitsamba-pidlsamba-pythonsamba-python3samba-testsamba-winbindsamba-winbind-32bitansible-docansible-testbuildahskopeoghostscriptghostscript-develghostscript-minighostscript-mini-develghostscript-x11messagelibmessagelib-develmessagelib-langroundcubemailpython3-httpiephp7-imagickphp7-testu-boot-toolslibxslt-devellibxslt-devel-32bitlibxslt-pythonlibxslt-toolslibxslt1libxslt1-32bitrmt-serverrmt-server-configrmt-server-pubcloudfreeradius-serverfreeradius-server-develfreeradius-server-docfreeradius-server-krb5freeradius-server-ldapfreeradius-server-libsfreeradius-server-mysqlfreeradius-server-perlfreeradius-server-postgresqlfreeradius-server-pythonfreeradius-server-sqlitefreeradius-server-utilspython2-urllib3python2-urllib3-testpython3-urllib3python3-urllib3-testsingularitypython3-DjangoImageMagickImageMagick-config-7-SUSEImageMagick-config-7-upstreamImageMagick-develImageMagick-devel-32bitImageMagick-docImageMagick-extralibMagick++-7_Q16HDRI4libMagick++-7_Q16HDRI4-32bitlibMagick++-devellibMagick++-devel-32bitlibMagickCore-7_Q16HDRI6libMagickCore-7_Q16HDRI6-32bitlibMagickWand-7_Q16HDRI6libMagickWand-7_Q16HDRI6-32bitperl-PerlMagickdovecot23dovecot23-backend-mysqldovecot23-backend-pgsqldovecot23-backend-sqlitedovecot23-develdovecot23-ftsdovecot23-fts-lucenedovecot23-fts-solrdovecot23-fts-squatpagurepagure-cipagure-evpagure-loadjsonpagure-logcompagure-milterspagure-mirrorpagure-theme-chameleonpagure-theme-default-openSUSEpagure-theme-default-upstreampagure-theme-pagureiopagure-theme-srcfpopagure-theme-upstreampagure-webhookmemcachedmemcached-develMozillaThunderbirdMozillaThunderbird-buildsymbolsMozillaThunderbird-translations-commonMozillaThunderbird-translations-otherMozillaFirefoxMozillaFirefox-branding-upstreamMozillaFirefox-buildsymbolsMozillaFirefox-develMozillaFirefox-translations-commonMozillaFirefox-translations-otherenigmailMozillaFirefox-branding-openSUSEfirefox-esr-branding-openSUSEphpMyAdminlibmosquitto1libmosquittopp1mosquittomosquitto-clientsmosquitto-devellibzstd-devellibzstd-devel-staticlibzstd1libzstd1-32bitzstdqemu-testsuitepam_u2flibSDL2_image-2_0-0libSDL2_image-2_0-0-32bitlibSDL2_image-devellibSDL2_image-devel-32bitlibidn2-0libidn2-0-32bitlibidn2-devellibidn2-langlibidn2-toolspython-Twisted-docpython2-Twistedpython3-Twistedbubblewrapgvfsgvfs-32bitgvfs-backend-afcgvfs-backend-sambagvfs-backendsgvfs-develgvfs-fusegvfs-langsquiddosboxclamavclamav-devellibclamav7libclamav9libclammspack0libfreshclam2gvimneovimneovim-langvimvim-datavim-data-commondbus-1dbus-1-develdbus-1-devel-32bitdbus-1-devel-docdbus-1-x11libdbus-1-3libdbus-1-3-32bitlibqb-devellibqb-devel-32bitlibqb-testslibqb-toolslibqb20libqb20-32bitzncznc-develznc-langznc-perlznc-python3znc-tcllibpmi0libslurm33perl-slurmslurmslurm-auth-noneslurm-configslurm-config-manslurm-crayslurm-develslurm-docslurm-hdf5slurm-luaslurm-mungeslurm-nodeslurm-openlavaslurm-pam_slurmslurm-pluginsslurm-seffslurm-sjstatslurm-slurmdbdslurm-sqlslurm-sviewslurm-torqueslurm-webdoclibgcrypt-cavslibgcrypt-devellibgcrypt-devel-32bitlibgcrypt20libgcrypt20-32bitlibgcrypt20-hmaclibgcrypt20-hmac-32bitGraphicsMagickGraphicsMagick-devellibGraphicsMagick++-Q16-12libGraphicsMagick++-devellibGraphicsMagick-Q16-3libGraphicsMagick3-configlibGraphicsMagickWand-Q16-2perl-GraphicsMagicklibctf-nobfd0libctf0irssiirssi-develgpg2gpg2-langlibzmq5zeromq-develzeromq-toolsnodejs10nodejs10-develnodejs10-docsnodejs8nodejs8-develnodejs8-docsnpm10npm8calamarescalamares-branding-upstreamcalamares-webviewnsdpython2-virt-bootstrappython3-virt-bootstrapperl-Authen-SASLperl-Net-SMTP-SSLfreetds-configfreetds-develfreetds-docfreetds-toolslibct4libsybdb5libtdsodbc0vlc-opencvlibSDL-1_2-0libSDL-1_2-0-32bitlibSDL-devellibSDL-devel-32bitlibSDL2-2_0-0libSDL2-2_0-0-32bitlibSDL2-devellibSDL2-devel-32bitlibSDL_image-1_2-0libSDL_image-1_2-0-32bitlibSDL_image-devellibSDL_image-devel-32bitlibwireshark9libwiretap7libwscodecs1libwsutil8qbittorrentqbittorrent-noxlibre2-0libre2-0-32bitre2-developerahaproxycpp7cpp9cross-nvptx-gcc9cross-nvptx-newlib9-develgcc7gcc7-32bitgcc7-adagcc7-ada-32bitgcc7-c++gcc7-c++-32bitgcc7-fortrangcc7-fortran-32bitgcc7-gogcc7-go-32bitgcc7-infogcc7-localegcc7-obj-c++gcc7-obj-c++-32bitgcc7-objcgcc7-objc-32bitgcc9gcc9-32bitgcc9-adagcc9-ada-32bitgcc9-c++gcc9-c++-32bitgcc9-fortrangcc9-fortran-32bitgcc9-gogcc9-go-32bitgcc9-infogcc9-localelibada7libada7-32bitlibada9libada9-32bitlibasan4libasan4-32bitlibasan5libasan5-32bitlibatomic1libatomic1-32bitlibcilkrts5libcilkrts5-32bitlibgcc_s1libgcc_s1-32bitlibgfortran4libgfortran4-32bitlibgfortran5libgfortran5-32bitlibgo11libgo11-32bitlibgo14libgo14-32bitlibgomp1libgomp1-32bitlibitm1libitm1-32bitliblsan0libobjc4libobjc4-32bitlibquadmath0libquadmath0-32bitlibstdc++6libstdc++6-32bitlibstdc++6-devel-gcc7libstdc++6-devel-gcc7-32bitlibstdc++6-devel-gcc9libstdc++6-devel-gcc9-32bitlibstdc++6-localelibstdc++6-pp-gcc9libstdc++6-pp-gcc9-32bitlibtsan0libubsan0libubsan0-32bitlibubsan1libubsan1-32bitlibmcpp0mcppmcpp-develsudosudo-develsudo-testlibcryptopp-devellibcryptopp5_6_5libcryptopp5_6_5-32bitlibopencv3_3opencvopencv-developencv-docpython2-opencvpython3-opencvschismtrackerovmfovmf-toolsqemu-ovmf-ia32qemu-ovmf-x86_64qemu-ovmf-x86_64-debugkconf_update5kconfig-develkconfig-devel-32bitkdelibs4kdelibs4-apidocskdelibs4-branding-upstreamkdelibs4-corekdelibs4-doclibKF5ConfigCore5libKF5ConfigCore5-32bitlibKF5ConfigCore5-langlibKF5ConfigGui5libKF5ConfigGui5-32bitlibkde4libkde4-32bitlibkde4-devellibkdecore4libkdecore4-32bitlibkdecore4-devellibksuseinstall-devellibksuseinstall1libksuseinstall1-32bitpython2-nltkpython3-nltkpython-Werkzeug-docpython2-Werkzeugpython3-Werkzeugibusibus-develibus-gtkibus-gtk-32bitibus-gtk3ibus-gtk3-32bitibus-langlibibus-1_0-5libibus-1_0-5-32bitpython-ibustypelib-1_0-IBus-1_0python2-ecdsapython3-ecdsaapache2-mod_auth_openidccpiocpio-langcpio-mtlibssh-devellibssh4libssh4-32bitlibtiff-devellibtiff-devel-32bitlibtiff5libtiff5-32bittiffdjvulibredjvulibre-doclibdjvulibre-devellibdjvulibre21libopenssl-1_0_0-devellibopenssl-1_0_0-devel-32bitlibopenssl-1_1-devellibopenssl-1_1-devel-32bitlibopenssl1_0_0libopenssl1_0_0-32bitlibopenssl1_0_0-hmaclibopenssl1_0_0-hmac-32bitlibopenssl1_0_0-steamlibopenssl1_0_0-steam-32bitlibopenssl1_1libopenssl1_1-32bitlibopenssl1_1-hmaclibopenssl1_1-hmac-32bitopenssl-1_0_0openssl-1_0_0-cavsopenssl-1_0_0-docopenssl-1_1openssl-1_1-doclibmirage-3_2libmirage-datalibmirage-devellibmirage-langlibmirage11typelib-1_0-libmirage-3_2nextcloudvinovino-langlibXvnc-devellibXvnc1tigervnctigervnc-x11vncxorg-x11-Xvncxorg-x11-Xvnc-javaxorg-x11-Xvnc-modulexorg-x11-Xvnc-novnclibsrt1srtsrt-devellibvarnishapi2varnishvarnish-develbirdbird-commonbird-docbird6sysstatsysstat-isaglibsqlite3-0libsqlite3-0-32bitsqlite3sqlite3-develsqlite3-docopenconnectopenconnect-developenconnect-docopenconnect-langpython2-rpycpython3-rpycfile-rollerfile-roller-langhunspellhunspell-develhunspell-devel-32bithunspell-toolslibhunspell-1_6-0libhunspell-1_6-0-32bitruby2.5-rubygem-exconruby2.5-rubygem-excon-docruby2.5-rubygem-excon-testsuitepython2-waitresspython3-waitresspython3-docpython3-doc-devhelprsyslogrsyslog-diag-toolsrsyslog-docrsyslog-module-dbirsyslog-module-elasticsearchrsyslog-module-gcryptrsyslog-module-gssapirsyslog-module-gtlsrsyslog-module-mmnormalizersyslog-module-mysqlrsyslog-module-omamqp1rsyslog-module-omhttpfsrsyslog-module-omtclrsyslog-module-pgsqlrsyslog-module-relprsyslog-module-snmprsyslog-module-udpspoofputtyfreerdpfreerdp-develfreerdp-serverfreerdp-waylandlibfreerdp2libuwac0-0libwinpr2uwac0-0-develwinpr2-devellibtomcrypt-devellibtomcrypt-exampleslibtomcrypt0libntlm-devellibntlm0libssh2-1libssh2-1-32bitlibssh2-develliblz4-1liblz4-1-32bitliblz4-devellz4gdalgdal-devellibgdal20perl-gdalpython2-GDALpython3-GDALxmlgraphics-batikxmlgraphics-batik-demoxmlgraphics-batik-rasterizerxmlgraphics-batik-slideshowxmlgraphics-batik-squigglexmlgraphics-batik-svgppxmlgraphics-batik-ttf2svglog4jlog4j-javadoclog4j-manuallog4j-minilibncurses5libncurses5-32bitlibncurses6libncurses6-32bitncurses-develncurses-devel-32bitncurses-utilsncurses5-develncurses5-devel-32bittackterminfoterminfo-baseterminfo-itermterminfo-screenpython2-reportlabpython3-reportlabfilefile-develfile-devel-32bitfile-magiclibmagic1libmagic1-32bitpython2-magicpython3-magiclibvirglrenderer0virglrenderer-develvirglrenderer-test-servercnicni-pluginsconmonlibnghttp2-14libnghttp2-14-32bitlibnghttp2-devellibnghttp2_asio-devellibnghttp2_asio1libnghttp2_asio1-32bitnghttp2python3-nghttp2libtspi1libtspi1-32bittrouserstrousers-develapt-cacher-nglibmysqld-devellibmysqld19mariadbmariadb-benchmariadb-clientmariadb-errormessagesmariadb-galeramariadb-testmariadb-toolswickedwicked-serviceautoyast2autoyast2-installationsarglibunbound-devel-minilibunbound2unboundunbound-anchorunbound-develunbound-muninunbound-pythonlibshibsp-lite7libshibsp7shibboleth-spshibboleth-sp-develpython3-typed-astdiadia-langlibsingularity1singularity-develloutlibxml2-2libxml2-2-32bitlibxml2-devellibxml2-devel-32bitlibxml2-doclibxml2-toolspython2-libxml2-pythonpython3-libxml2-pythonlibredwg-devellibredwg-toolslibredwg0libbsd-ctor-staticlibbsd-devellibbsd0libsystemd0libsystemd0-32bitlibsystemd0-minilibudev-devellibudev-devel-32bitlibudev-mini-devellibudev-mini1libudev1libudev1-32bitnss-myhostnamenss-myhostname-32bitnss-mymachinesnss-mymachines-32bitnss-systemdsystemdsystemd-32bitsystemd-bash-completionsystemd-containersystemd-coredumpsystemd-develsystemd-loggersystemd-minisystemd-mini-bash-completionsystemd-mini-container-minisystemd-mini-coredump-minisystemd-mini-develsystemd-mini-sysvinitsystemd-sysvinitudevudev-minigdk-pixbuf-loader-rsvggdk-pixbuf-loader-rsvg-32bitlibrsvg-2-2librsvg-2-2-32bitlibrsvg-develrsvg-thumbnailerrsvg-viewtypelib-1_0-Rsvg-2_0prboom-pluspython2-pippython2-pip-wheelpython2-setuptoolspython2-setuptools-testpython2-setuptools-wheelpython3-pippython3-pip-wheelpython3-setuptoolspython3-setuptools-testpython3-setuptools-wheellibvpx-devellibvpx4libvpx4-32bitvpx-toolslibjpeg-turbolibjpeg62libjpeg62-32bitlibjpeg62-devellibjpeg62-devel-32bitlibjpeg62-turbolibjpeg8libjpeg8-32bitlibjpeg8-devellibjpeg8-devel-32bitlibturbojpeg0libturbojpeg0-32bitpython2-mysql-connector-pythonpython3-mysql-connector-pythonlibmariadb-devellibmariadb3libmariadb3-32bitlibmariadb_pluginslibmariadbprivatejava-11-openjdkjava-11-openjdk-accessibilityjava-11-openjdk-demojava-11-openjdk-develjava-11-openjdk-headlessjava-11-openjdk-javadocjava-11-openjdk-jmodsjava-11-openjdk-srcjava-1_8_0-openjdkjava-1_8_0-openjdk-accessibilityjava-1_8_0-openjdk-demojava-1_8_0-openjdk-develjava-1_8_0-openjdk-headlessjava-1_8_0-openjdk-javadocjava-1_8_0-openjdk-srcoscpermissionspermissions-zypp-pluginnfs-clientnfs-docnfs-kernel-serverlibmunge2libmunge2-32bitmungemunge-develmunge-devel-32bitinninn-develmininewsmailmanlibpcp-devellibpcp3libpcp_gui2libpcp_import1libpcp_mmv1libpcp_trace2libpcp_web1pcppcp-confpcp-develpcp-docpcp-export-pcp2elasticsearchpcp-export-pcp2graphitepcp-export-pcp2influxdbpcp-export-pcp2jsonpcp-export-pcp2sparkpcp-export-pcp2xmlpcp-export-pcp2zabbixpcp-export-zabbix-agentpcp-guipcp-import-collectl2pcppcp-import-ganglia2pcppcp-import-iostat2pcppcp-import-mrtg2pcppcp-import-sar2pcppcp-managerpcp-pmda-activemqpcp-pmda-apachepcp-pmda-bashpcp-pmda-bind2pcp-pmda-bondingpcp-pmda-cifspcp-pmda-ciscopcp-pmda-dbpingpcp-pmda-dmpcp-pmda-dockerpcp-pmda-ds389pcp-pmda-ds389logpcp-pmda-elasticsearchpcp-pmda-gfs2pcp-pmda-glusterpcp-pmda-gpfspcp-pmda-gpsdpcp-pmda-haproxypcp-pmda-infinibandpcp-pmda-jsonpcp-pmda-lmsensorspcp-pmda-loggerpcp-pmda-lustrepcp-pmda-lustrecommpcp-pmda-mailqpcp-pmda-memcachepcp-pmda-micpcp-pmda-mountspcp-pmda-mysqlpcp-pmda-namedpcp-pmda-netfilterpcp-pmda-newspcp-pmda-nfsclientpcp-pmda-nginxpcp-pmda-nutcrackerpcp-pmda-nvidia-gpupcp-pmda-oraclepcp-pmda-papipcp-pmda-pdnspcp-pmda-perfeventpcp-pmda-postfixpcp-pmda-prometheuspcp-pmda-redispcp-pmda-roomtemppcp-pmda-rpmpcp-pmda-rsyslogpcp-pmda-sambapcp-pmda-sendmailpcp-pmda-shpingpcp-pmda-slurmpcp-pmda-smartpcp-pmda-snmppcp-pmda-summarypcp-pmda-systemdpcp-pmda-tracepcp-pmda-unboundpcp-pmda-vmwarepcp-pmda-weblogpcp-pmda-zimbrapcp-pmda-zswappcp-system-toolspcp-testsuitepcp-webapipcp-zeroconfperl-PCP-LogImportperl-PCP-LogSummaryperl-PCP-MMVperl-PCP-PMDApython3-pcpgnome-shellgnome-shell-browser-plugingnome-shell-calendargnome-shell-develgnome-shell-langruby2.5-rubygem-bundlerruby2.5-rubygem-bundler-docmercurialmercurial-langsystem-user-rootMesaMesa-32bitMesa-KHR-develMesa-develMesa-driMesa-dri-32bitMesa-dri-develMesa-dri-nouveauMesa-dri-nouveau-32bitMesa-galliumMesa-gallium-32bitMesa-libEGL-develMesa-libEGL1Mesa-libEGL1-32bitMesa-libGL-develMesa-libGL1Mesa-libGL1-32bitMesa-libGLESv1_CM-develMesa-libGLESv1_CM1Mesa-libGLESv2-2Mesa-libGLESv2-develMesa-libGLESv3-develMesa-libOpenCLMesa-libVulkan-develMesa-libd3dMesa-libd3d-32bitMesa-libd3d-develMesa-libd3d-devel-32bitMesa-libglapi-develMesa-libglapi-devel-32bitMesa-libglapi0Mesa-libglapi0-32bitMesa-libvalibOSMesa-devellibOSMesa-devel-32bitlibOSMesa8libOSMesa8-32bitlibXvMC_nouveaulibXvMC_nouveau-32bitlibXvMC_r600libXvMC_r600-32bitlibgbm-devellibgbm-devel-32bitlibgbm1libgbm1-32bitlibvdpau_nouveaulibvdpau_nouveau-32bitlibvdpau_r300libvdpau_r300-32bitlibvdpau_r600libvdpau_r600-32bitlibvdpau_radeonsilibvdpau_radeonsi-32bitlibvulkan_intellibvulkan_intel-32bitlibvulkan_radeonlibvulkan_radeon-32bitlibxatracker-devellibxatracker2e2fsprogse2fsprogs-devellibcom_err-devellibcom_err-devel-32bitlibcom_err-devel-staticlibcom_err2libcom_err2-32bitlibext2fs-devellibext2fs-devel-32bitlibext2fs-devel-staticlibext2fs2libext2fs2-32bitlibshadowsocks-libev2shadowsocks-libevshadowsocks-libev-develshadowsocks-libev-doccurlcurl-minilibcurl-devellibcurl-devel-32bitlibcurl-mini-devellibcurl4libcurl4-32bitlibcurl4-miniliblxc-develliblxc1lxclxc-bash-completionpam_cgfslibpolkit0libpolkit0-32bitpolkitpolkit-develpolkit-doctypelib-1_0-Polkit-1_0libjavascriptcoregtk-4_0-18libjavascriptcoregtk-4_0-18-32bitlibwebkit2gtk-4_0-37libwebkit2gtk-4_0-37-32bitlibwebkit2gtk3-langtypelib-1_0-JavaScriptCore-4_0typelib-1_0-WebKit2-4_0typelib-1_0-WebKit2WebExtension-4_0webkit-jsc-4webkit2gtk-4_0-injected-bundleswebkit2gtk3-develwebkit2gtk3-minibrowserwebkit2gtk3-plugin-process-gtk2python2-numpypython2-numpy-develpython2-numpy-gnu-hpcpython2-numpy-gnu-hpc-develpython2-numpy_1_16_1-gnu-hpcpython2-numpy_1_16_1-gnu-hpc-develpython3-numpypython3-numpy-develpython3-numpy-gnu-hpcpython3-numpy-gnu-hpc-develpython3-numpy_1_16_1-gnu-hpcpython3-numpy_1_16_1-gnu-hpc-develdhcpdhcp-clientdhcp-develdhcp-docdhcp-relaydhcp-serverpython-SQLAlchemy-docpython2-SQLAlchemypython3-SQLAlchemylibBasicUsageEnvironment1libUsageEnvironment3libgroupsock8libliveMedia66live555live555-develcupscups-clientcups-configcups-ddkcups-develcups-devel-32bitlibcups2libcups2-32bitlibcupscgi1libcupscgi1-32bitlibcupsimage2libcupsimage2-32bitlibcupsmime1libcupsmime1-32bitlibcupsppdc1libcupsppdc1-32bitcroncroniecronie-anacronkernel-firmwareucode-amdcmis-clientlibcmis-0_5-5libcmis-c-0_5-5libcmis-c-devellibcmis-devellibixion-0_15-0libmwaw-0_3-3libmwaw-devellibmwaw-devel-doclibmwaw-toolsliborcus-0_15-0libreoffice-l10n-szllibreoffice-librelogomdds-1_5-develspdlog-devellibseccomp-devellibseccomp-toolslibseccomp2libseccomp2-32bitgstreamer-plugins-basegstreamer-plugins-base-32bitgstreamer-plugins-base-develgstreamer-plugins-base-devel-32bitgstreamer-plugins-base-docgstreamer-plugins-base-langlibgstallocators-1_0-0libgstallocators-1_0-0-32bitlibgstapp-1_0-0libgstapp-1_0-0-32bitlibgstaudio-1_0-0libgstaudio-1_0-0-32bitlibgstfft-1_0-0libgstfft-1_0-0-32bitlibgstpbutils-1_0-0libgstpbutils-1_0-0-32bitlibgstriff-1_0-0libgstriff-1_0-0-32bitlibgstrtp-1_0-0libgstrtp-1_0-0-32bitlibgstrtsp-1_0-0libgstrtsp-1_0-0-32bitlibgstsdp-1_0-0libgstsdp-1_0-0-32bitlibgsttag-1_0-0libgsttag-1_0-0-32bitlibgstvideo-1_0-0libgstvideo-1_0-0-32bittypelib-1_0-GstAllocators-1_0typelib-1_0-GstApp-1_0typelib-1_0-GstAudio-1_0typelib-1_0-GstFft-1_0typelib-1_0-GstPbutils-1_0typelib-1_0-GstRtp-1_0typelib-1_0-GstRtsp-1_0typelib-1_0-GstSdp-1_0typelib-1_0-GstTag-1_0typelib-1_0-GstVideo-1_0flacflac-develflac-devel-32bitflac-doclibFLAC++6libFLAC++6-32bitlibFLAC8libFLAC8-32bitlibQt5Bootstrap-devel-staticlibQt5Bootstrap-devel-static-32bitlibQt5Concurrent-devellibQt5Concurrent-devel-32bitlibQt5Concurrent5libQt5Concurrent5-32bitlibQt5Core-devellibQt5Core-devel-32bitlibQt5Core-private-headers-devellibQt5Core5libQt5Core5-32bitlibQt5DBus-devellibQt5DBus-devel-32bitlibQt5DBus-private-headers-devellibQt5DBus5libQt5DBus5-32bitlibQt5Gui-devellibQt5Gui-devel-32bitlibQt5Gui-private-headers-devellibQt5Gui5libQt5Gui5-32bitlibQt5KmsSupport-devel-staticlibQt5KmsSupport-private-headers-devellibQt5Network-devellibQt5Network-devel-32bitlibQt5Network-private-headers-devellibQt5Network5libQt5Network5-32bitlibQt5OpenGL-devellibQt5OpenGL-devel-32bitlibQt5OpenGL-private-headers-devellibQt5OpenGL5libQt5OpenGL5-32bitlibQt5OpenGLExtensions-devel-staticlibQt5OpenGLExtensions-devel-static-32bitlibQt5PlatformHeaders-devellibQt5PlatformSupport-devel-staticlibQt5PlatformSupport-devel-static-32bitlibQt5PlatformSupport-private-headers-devellibQt5PrintSupport-devellibQt5PrintSupport-devel-32bitlibQt5PrintSupport-private-headers-devellibQt5PrintSupport5libQt5PrintSupport5-32bitlibQt5Sql-devellibQt5Sql-devel-32bitlibQt5Sql-private-headers-devellibQt5Sql5libQt5Sql5-32bitlibQt5Sql5-mysqllibQt5Sql5-mysql-32bitlibQt5Sql5-postgresqllibQt5Sql5-postgresql-32bitlibQt5Sql5-sqlitelibQt5Sql5-sqlite-32bitlibQt5Sql5-unixODBClibQt5Sql5-unixODBC-32bitlibQt5Test-devellibQt5Test-devel-32bitlibQt5Test-private-headers-devellibQt5Test5libQt5Test5-32bitlibQt5Widgets-devellibQt5Widgets-devel-32bitlibQt5Widgets-private-headers-devellibQt5Widgets5libQt5Widgets5-32bitlibQt5Xml-devellibQt5Xml-devel-32bitlibQt5Xml5libQt5Xml5-32bitlibqt5-qtbase-common-devellibqt5-qtbase-devellibqt5-qtbase-exampleslibqt5-qtbase-examples-32bitlibqt5-qtbase-platformtheme-gtk3libqt5-qtbase-private-headers-develglibcglibc-32bitglibc-develglibc-devel-32bitglibc-devel-staticglibc-devel-static-32bitglibc-extraglibc-htmlglibc-i18ndataglibc-infoglibc-localeglibc-locale-baseglibc-locale-base-32bitglibc-profileglibc-profile-32bitglibc-utilsglibc-utils-32bitnscdpdns-recursoriculibicu-devellibicu-devel-32bitlibicu-doclibicu60_2libicu60_2-32bitlibicu60_2-bedatalibicu60_2-ledataperlperl-32bitperl-baseperl-base-32bitperl-doctordom4jdom4j-demodom4j-javadocdom4j-manualgrub2grub2-branding-upstreamgrub2-i386-efigrub2-i386-pcgrub2-i386-xengrub2-snapper-plugingrub2-systemd-sleep-plugingrub2-x86_64-efigrub2-x86_64-xendpdkdpdk-develdpdk-docdpdk-examplesdpdk-kmp-defaultdpdk-toolslibdpdk-18_11ldb-toolslibldb-devellibldb1libldb1-32bitlibnetapi-devel-32bitpython-ldbpython-ldb-32bitpython-ldb-develpython3-ldbpython3-ldb-32bitpython3-ldb-develcephceph-baseceph-commonceph-dashboard-e2eceph-fuseceph-grafana-dashboardsceph-mdsceph-mgrceph-mgr-dashboardceph-mgr-diskprediction-cloudceph-mgr-diskprediction-localceph-mgr-k8seventsceph-mgr-rookceph-mgr-sshceph-monceph-osdceph-prometheus-alertsceph-radosgwceph-resource-agentsceph-testcephfs-shelllibcephfs-devellibcephfs2librados-devellibrados2libradospp-devellibradosstriper-devellibradosstriper1librbd-devellibrbd1librgw-devellibrgw2python3-ceph-argparsepython3-cephfspython3-radospython3-rbdpython3-rgwrados-objclass-develrbd-fuserbd-mirrorrbd-nbddfu-toolfwupdfwupd-develfwupd-langlibfwupd2typelib-1_0-Fwupd-2_0freerdp-proxyruby2.5-rubygem-pumaruby2.5-rubygem-puma-docgmp-develgmp-devel-32bitlibgmp10libgmp10-32bitlibgmpxx4libgmpxx4-32bitlibgnutls30-hmaclibgnutls30-hmac-32bitlibhogweed4libhogweed4-32bitlibnettle-devellibnettle-devel-32bitlibnettle6libnettle6-32bitnettlecrawlcrawl-datacrawl-sdlzabbix-agentzabbix-bash-completionzabbix-java-gatewayzabbix-phpfrontendzabbix-proxyzabbix-proxy-mysqlzabbix-proxy-postgresqlzabbix-proxy-sqlitezabbix-serverzabbix-server-mysqlzabbix-server-postgresqlzabbix-server-sqlitelibEMF-devellibEMF-utilslibEMF1audacityaudacity-langpython2-markdown2python3-markdown2sqliteodbcsqliteodbc-doclibspectre-devellibspectre1minidlnasane-backendssane-backends-32bitsane-backends-autoconfigsane-backends-develsane-backends-devel-32bitaxelalevtdmotvpiatv-commonv4l-confv4l-toolsxawtvcpp10cross-nvptx-gcc10cross-nvptx-newlib10-develgcc10gcc10-32bitgcc10-adagcc10-ada-32bitgcc10-c++gcc10-c++-32bitgcc10-dgcc10-d-32bitgcc10-fortrangcc10-fortran-32bitgcc10-gogcc10-go-32bitgcc10-infogcc10-localegcc10-obj-c++gcc10-obj-c++-32bitgcc10-objcgcc10-objc-32bitlibada10libada10-32bitlibasan6libasan6-32bitlibgdruntime1libgdruntime1-32bitlibgo16libgo16-32bitlibgphobos1libgphobos1-32bitlibstdc++6-devel-gcc10libstdc++6-devel-gcc10-32bitlibstdc++6-pp-gcc10libstdc++6-pp-gcc10-32bitnvptx-toolslibupnp-devellibupnp6libupnp6-32bitpython2-targetcli-fbpython3-targetcli-fbtargetcli-fb-commonicinga2icinga2-binicinga2-commonicinga2-docicinga2-ido-mysqlicinga2-ido-pgsqlnano-icinga2vim-icinga2go1.13go1.13-docgo1.13-racemuttmutt-docmutt-langneomuttneomutt-docneomutt-langopensshopenssh-askpass-gnomeopenssh-cavsopenssh-fipsopenssh-helpersredisuftpdcifs-utilscifs-utils-develpam_cifscredslibX11-6libX11-6-32bitlibX11-datalibX11-devellibX11-devel-32bitlibX11-xcb1libX11-xcb1-32bitlibxcb-composite0libxcb-composite0-32bitlibxcb-damage0libxcb-damage0-32bitlibxcb-devellibxcb-devel-32bitlibxcb-devel-doclibxcb-dpms0libxcb-dpms0-32bitlibxcb-dri2-0libxcb-dri2-0-32bitlibxcb-dri3-0libxcb-dri3-0-32bitlibxcb-glx0libxcb-glx0-32bitlibxcb-present0libxcb-present0-32bitlibxcb-randr0libxcb-randr0-32bitlibxcb-record0libxcb-record0-32bitlibxcb-render0libxcb-render0-32bitlibxcb-res0libxcb-res0-32bitlibxcb-screensaver0libxcb-screensaver0-32bitlibxcb-shape0libxcb-shape0-32bitlibxcb-shm0libxcb-shm0-32bitlibxcb-sync1libxcb-sync1-32bitlibxcb-xf86dri0libxcb-xf86dri0-32bitlibxcb-xfixes0libxcb-xfixes0-32bitlibxcb-xinerama0libxcb-xinerama0-32bitlibxcb-xinput0libxcb-xinput0-32bitlibxcb-xkb1libxcb-xkb1-32bitlibxcb-xtest0libxcb-xtest0-32bitlibxcb-xv0libxcb-xv0-32bitlibxcb-xvmc0libxcb-xvmc0-32bitlibxcb1libxcb1-32bitxorg-x11-serverxorg-x11-server-extraxorg-x11-server-sdkxorg-x11-server-sourcexorg-x11-server-waylandpython-ipaddressvirtualbox-kmp-defaultchocolate-doomchocolate-doom-bash-completionlibunwindlibunwind-32bitlibunwind-develhylafax+hylafax+-clientlibfaxutil7_0_3libraw-devellibraw-devel-staticlibraw-toolslibraw16claws-mailclaws-mail-develclaws-mail-langgnarkark-langlibkerfuffle18balsabalsa-langgdmgdm-branding-upstreamgdm-develgdm-langgdmflexiserverlibgdm1typelib-1_0-Gdm-1_0python2-PyYAMLpython3-PyYAMLlibopenssl10fossilkleopatrakleopatra-langpython2-Flask-Corspython3-Flask-Corslibproxy-devellibproxy-sharplibproxy-toolslibproxy1libproxy1-32bitlibproxy1-config-gnome3libproxy1-config-kdelibproxy1-networkmanagerlibproxy1-pacrunner-webkitperl-Net-Libproxypython-libproxypython3-libproxylibpacemaker-devellibpacemaker3pacemakerpacemaker-clipacemaker-ctspacemaker-remotefontforgefontforge-develfontforge-dockdeconnect-kdekdeconnect-kde-langpython-jupyter_notebook-docpython2-jupyter_notebookpython2-jupyter_notebook-langpython2-jupyter_notebook-latexpython3-jupyter_notebookpython3-jupyter_notebook-langpython3-jupyter_notebook-latexpngchecksddmsddm-branding-openSUSEsddm-branding-upstreamkrb5krb5-32bitkrb5-clientkrb5-develkrb5-devel-32bitkrb5-minikrb5-mini-develkrb5-plugin-kdb-ldapkrb5-plugin-preauth-otpkrb5-plugin-preauth-pkinitkrb5-serverrclonerclone-bash-completionrclone-zsh-completionblosc-devellibblosc1hawk2crmshcrmsh-scriptscrmsh-testpython2-autobahnpython3-autobahnlibpainter0librfxencode0xrdpxrdp-develipmitoolipmitool-bmc-snmp-proxyruby2.5-rubygem-actionview-5_1ruby2.5-rubygem-actionview-doc-5_1viewvcgstreamer-rtsp-server-devellibgstrtspserver-1_0-0typelib-1_0-GstRtspServer-1_0python2-bleachpython3-bleachstoreBackupopenfortivpnlibtidy-devellibtidy5tidytidy-doclibkpathsea6libptexenc1libsynctex1libtexlua52-5libtexluajit2perl-bibertexlivetexlive-a2ping-bintexlive-accfonts-bintexlive-adhocfilelist-bintexlive-afm2pl-bintexlive-aleph-bintexlive-amstex-bintexlive-arara-bintexlive-asymptote-bintexlive-authorindex-bintexlive-autosp-bintexlive-biber-bintexlive-bibexport-bintexlive-bibtex-bintexlive-bibtex8-bintexlive-bibtexu-bintexlive-bin-develtexlive-bundledoc-bintexlive-cachepic-bintexlive-checkcites-bintexlive-checklistings-bintexlive-chktex-bintexlive-cjk-gs-integrate-bintexlive-cjkutils-bintexlive-collection-basictexlive-collection-bibtexextratexlive-collection-binextratexlive-collection-contexttexlive-collection-fontsextratexlive-collection-fontsrecommendedtexlive-collection-fontutilstexlive-collection-formatsextratexlive-collection-gamestexlive-collection-humanitiestexlive-collection-langarabictexlive-collection-langchinesetexlive-collection-langcjktexlive-collection-langcyrillictexlive-collection-langczechslovaktexlive-collection-langenglishtexlive-collection-langeuropeantexlive-collection-langfrenchtexlive-collection-langgermantexlive-collection-langgreektexlive-collection-langitaliantexlive-collection-langjapanesetexlive-collection-langkoreantexlive-collection-langothertexlive-collection-langpolishtexlive-collection-langportuguesetexlive-collection-langspanishtexlive-collection-latextexlive-collection-latexextratexlive-collection-latexrecommendedtexlive-collection-luatextexlive-collection-mathsciencetexlive-collection-metaposttexlive-collection-musictexlive-collection-picturestexlive-collection-plaingenerictexlive-collection-pstrickstexlive-collection-publisherstexlive-collection-xetextexlive-context-bintexlive-convbkmk-bintexlive-crossrefware-bintexlive-cslatex-bintexlive-csplain-bintexlive-ctanify-bintexlive-ctanupload-bintexlive-ctie-bintexlive-cweb-bintexlive-cyrillic-bin-bintexlive-de-macro-bintexlive-detex-bintexlive-develtexlive-diadia-bintexlive-dosepsbin-bintexlive-dtl-bintexlive-dtxgen-bintexlive-dviasm-bintexlive-dvicopy-bintexlive-dvidvi-bintexlive-dviinfox-bintexlive-dviljk-bintexlive-dvipdfmx-bintexlive-dvipng-bintexlive-dvipos-bintexlive-dvips-bintexlive-dvisvgm-bintexlive-ebong-bintexlive-eplain-bintexlive-epspdf-bintexlive-epstopdf-bintexlive-exceltex-bintexlive-extratoolstexlive-fig4latex-bintexlive-filesystemtexlive-findhyph-bintexlive-fontinst-bintexlive-fontools-bintexlive-fontware-bintexlive-fragmaster-bintexlive-getmap-bintexlive-glossaries-bintexlive-gregoriotex-bintexlive-gsftopk-bintexlive-jadetex-bintexlive-kotex-utils-bintexlive-kpathsea-bintexlive-kpathsea-develtexlive-lacheck-bintexlive-latex-bin-bintexlive-latex-git-log-bintexlive-latex-papersize-bintexlive-latex2man-bintexlive-latex2nemeth-bintexlive-latexdiff-bintexlive-latexfileversion-bintexlive-latexindent-bintexlive-latexmk-bintexlive-latexpand-bintexlive-lcdftypetools-bintexlive-lilyglyphs-bintexlive-listbib-bintexlive-listings-ext-bintexlive-lollipop-bintexlive-ltxfileinfo-bintexlive-ltximg-bintexlive-lua2dox-bintexlive-luaotfload-bintexlive-luatex-bintexlive-lwarp-bintexlive-m-tx-bintexlive-make4ht-bintexlive-makedtx-bintexlive-makeindex-bintexlive-match_parens-bintexlive-mathspic-bintexlive-metafont-bintexlive-metapost-bintexlive-mex-bintexlive-mf2pt1-bintexlive-mflua-bintexlive-mfware-bintexlive-mkgrkindex-bintexlive-mkjobtexmf-bintexlive-mkpic-bintexlive-mltex-bintexlive-mptopdf-bintexlive-multibibliography-bintexlive-musixtex-bintexlive-musixtnt-bintexlive-omegaware-bintexlive-patgen-bintexlive-pax-bintexlive-pdfbook2-bintexlive-pdfcrop-bintexlive-pdfjam-bintexlive-pdflatexpicscale-bintexlive-pdftex-bintexlive-pdftools-bintexlive-pdfxup-bintexlive-pedigree-perl-bintexlive-perltex-bintexlive-petri-nets-bintexlive-pfarrei-bintexlive-pkfix-bintexlive-pkfix-helper-bintexlive-platex-bintexlive-pmx-bintexlive-pmxchords-bintexlive-ps2pk-bintexlive-pst-pdf-bintexlive-pst2pdf-bintexlive-pstools-bintexlive-ptex-bintexlive-ptex-fontmaps-bintexlive-ptex2pdf-bintexlive-ptexenc-develtexlive-purifyeps-bintexlive-pygmentex-bintexlive-pythontex-bintexlive-rubik-bintexlive-scheme-basictexlive-scheme-contexttexlive-scheme-fulltexlive-scheme-gusttexlive-scheme-infraonlytexlive-scheme-mediumtexlive-scheme-minimaltexlive-scheme-smalltexlive-scheme-tetextexlive-seetexk-bintexlive-splitindex-bintexlive-srcredact-bintexlive-sty2dtx-bintexlive-svn-multi-bintexlive-synctex-bintexlive-synctex-develtexlive-tetex-bintexlive-tex-bintexlive-tex4ebook-bintexlive-tex4ht-bintexlive-texconfig-bintexlive-texcount-bintexlive-texdef-bintexlive-texdiff-bintexlive-texdirflatten-bintexlive-texdoc-bintexlive-texfot-bintexlive-texliveonfly-bintexlive-texloganalyser-bintexlive-texlua-develtexlive-texluajit-develtexlive-texosquery-bintexlive-texsis-bintexlive-texware-bintexlive-thumbpdf-bintexlive-tie-bintexlive-tpic2pdftex-bintexlive-ttfutils-bintexlive-typeoutfileinfo-bintexlive-ulqda-bintexlive-uplatex-bintexlive-uptex-bintexlive-urlbst-bintexlive-velthuis-bintexlive-vlna-bintexlive-vpe-bintexlive-web-bintexlive-xdvi-bintexlive-xetex-bintexlive-xmltex-bintexlive-yplan-binlibfaxutil7_0_2ruby2.5-rubygem-actionpack-5_1ruby2.5-rubygem-actionpack-doc-5_1ruby2.5-rubygem-activesupport-5_1ruby2.5-rubygem-activesupport-doc-5_1c-ares-develc-ares-utilslibcares2libcares2-32bitpppppp-develppp-modemgoogle-compute-engine-initgoogle-compute-engine-oslogingoogle-compute-engine-oslogin-32bitweechatweechat-aspellweechat-develweechat-guileweechat-langweechat-luaweechat-perlweechat-pythonweechat-rubyweechat-tcllibtcmu2tcmu-runnertcmu-runner-handler-rbd(noarch)0:1.2.11-lp151.3.6.1b88b2fd43dbdc284(aarch64|ppc64le|s390x|x86_64)0:1.2.11-lp151.3.6.115.1(x86_64)0:2.0.11-lp151.3.3.1(i586|x86_64)0:3.6.10-lp151.6.7.1(x86_64)0:3.6.10-lp151.6.7.1(x86_64)0:2.5.7-lp151.4.6.1(noarch)0:2.5.7-lp151.4.6.1(i586|x86_64)0:1.639-lp151.3.16.1(x86_64)0:3.0.0-lp151.2.1(noarch)0:3.1-lp151.4.3.1(i586|x86_64)0:2.9-lp151.5.10.1(aarch64|ppc64le|s390x|x86_64)0:5.21q-lp151.3.3.1(x86_64)0:2.6.16-lp151.3.3.1(i586|x86_64)0:1.0.6-lp151.5.3.1(noarch)0:1.0.6-lp151.5.3.1(x86_64)0:1.0.6-lp151.5.3.1(x86_64)0:1.17.1-lp151.2.2(x86_64)0:1.18.0-lp151.2.1(x86_64)0:1.14-lp151.6.1(x86_64)0:1.18.0-lp151.5.1(i586|x86_64)0:0.6.22-lp151.4.6.1(x86_64)0:0.6.22-lp151.4.6.1(noarch)0:3.52-lp151.3.3.1(i586|x86_64)0:2.0.14-lp151.4.9.1(x86_64)0:2.0.14-lp151.4.9.1(i586|x86_64)0:5.48-lp151.8.3.1(noarch)0:5.48-lp151.8.3.1(x86_64)0:5.48-lp151.8.3.1(i586|x86_64)0:5.48-lp151.8.6.1(noarch)0:5.48-lp151.8.6.1(x86_64)0:5.48-lp151.8.6.1(i586|x86_64)0:0.26-lp151.7.3.1(noarch)0:0.26-lp151.7.3.1(x86_64)0:0.26-lp151.7.3.1(i586|x86_64)0:1.7.0-lp151.4.3.1(x86_64)0:1.6.8-lp151.4.3.1(x86_64)0:3.1.3-lp151.3.3.1(x86_64)0:1.6.2-lp151.3.3.1(aarch64|ppc64le|s390x|x86_64)0:2.9-lp151.4.3.1(noarch)0:1.60-lp151.3.3.1(i586|x86_64)0:2.2.1-lp151.4.6.1(x86_64)0:2.2.1-lp151.4.6.1(i586|x86_64)0:2.78-lp151.5.3.1(x86_64)0:2.26.1-lp151.4.9.1(noarch)0:2.26.1-lp151.4.9.1(x86_64)0:4.9.2-lp151.4.6.1(aarch64|i586|ppc64le|s390x|x86_64)0:4.2.1-lp151.2.3.1(x86_64)0:4.2.1-lp151.2.3.1(i586|x86_64)0:2.4.46-lp151.10.3.1(x86_64)0:2.4.46-lp151.10.3.1(noarch)0:2.4.46-lp151.10.3.1(i586|x86_64)0:1.2-lp151.10.3.1(x86_64)0:2.5.5-lp151.4.3.1(noarch)0:0.0.2-lp151.2.1(noarch)0:2.5.5-lp151.4.3.1(i586|x86_64)0:2.8.22-lp151.5.9.1(noarch)0:2.8.22-lp151.5.9.1(x86_64)0:2.8.22-lp151.5.9.1(i586|x86_64)0:2.8.22-lp151.5.6.1(noarch)0:2.8.22-lp151.5.6.1(x86_64)0:2.8.22-lp151.5.6.1(i586|x86_64)0:2.8.22-lp151.5.3.1(noarch)0:2.8.22-lp151.5.3.1(x86_64)0:2.8.22-lp151.5.3.1(x86_64)0:4.12.14-lp151.28.16.1(noarch)0:4.12.14-lp151.28.16.1(x86_64)0:7.70-lp151.3.9.1(x86_64)0:4.12.14-lp151.28.20.1(noarch)0:4.12.14-lp151.28.20.1(i586|x86_64)0:0.9.10-lp151.7.9.1(i586|x86_64)0:2.0.15-lp151.3.3.1(x86_64)0:2.0.15-lp151.3.3.1(i586|x86_64)0:10.80.1-lp151.4.3.1(x86_64)0:10.80.1-lp151.4.3.1(i586|x86_64)0:9.16.6-lp151.11.9.1(x86_64)0:9.16.6-lp151.11.9.1(noarch)0:9.16.6-lp151.11.9.1(i586|x86_64)0:1.18.0-lp151.3.3.1(x86_64)0:1.18.0-lp151.3.3.1(noarch)0:2.0-lp151.4.3.1(aarch64|ppc64le|s390x|x86_64)0:1.3.6b-lp151.3.6.1(noarch)0:1.3.6b-lp151.3.6.1(i586|x86_64)0:0.168-lp151.4.3.1(noarch)0:0.168-lp151.4.3.1(x86_64)0:0.168-lp151.4.3.1(i586|x86_64)0:0.6.12-lp151.4.3.1(x86_64)0:0.6.12-lp151.4.3.1(i586|x86_64)0:1.5.1-lp151.3.3.1(x86_64)0:1.5.1-lp151.3.3.1(i586|x86_64)0:2.2.1-lp151.4.3.1(x86_64)0:2.2.1-lp151.4.3.1(i586|x86_64)0:1.16.0-lp151.5.3.1(x86_64)0:1.16.0-lp151.5.3.1(x86_64)0:6.0.10-lp151.2.6.1(noarch)0:6.0.10-lp151.2.6.1(x86_64)0:6.0.10_k4.12.14_lp151.28.10-lp151.2.6.1(x86_64)0:4.12.14-lp151.28.52.1(noarch)0:4.12.14-lp151.28.52.1(noarch)0:4.12.14-lp151.28.52.2(x86_64)0:4.12.14-lp151.28.52.3(i586|x86_64)0:1.36.0-lp151.5.8.1(noarch)0:1.36.0-lp151.5.8.1(x86_64)0:0.8.7-lp151.5.2(i586|x86_64)0:4.13-lp151.4.3.1(x86_64)0:4.13-lp151.4.3.1(i586|x86_64)0:2.14.02-lp151.3.3.1(i586|x86_64)0:2.32-lp151.3.3.1(x86_64)0:2.32-lp151.3.3.1(i586|x86_64)0:3.3.2-lp151.5.3.1(x86_64)0:3.3.2-lp151.5.3.1(i586|x86_64)0:2.40.1-lp151.6.6.1(i586|x86_64)0:5.4.0-lp151.5.6.1(x86_64)0:5.4.0-lp151.5.6.1(x86_64)0:5.6.0-lp151.4.3.1(noarch)0:5.6.0-lp151.4.3.1(i586|x86_64)0:3.12.15-lp151.3.3.1(noarch)0:1.9.10-lp151.4.3.1(x86_64)0:1.2.6-lp151.2.6.1(x86_64)0:19.03.1_ce-lp151.2.12.1(noarch)0:19.03.1_ce-lp151.2.12.1(x86_64)0:0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1(x86_64)0:1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1(x86_64)0:12.3-lp151.2.1(noarch)0:12.0.1-lp151.6.9.1(i586|x86_64)0:10.13-lp151.2.14.1(noarch)0:10.13-lp151.2.14.1(noarch)0:12.3-lp151.2.1(i586|x86_64)0:9.6.19-lp151.3.3.1(noarch)0:9.6.19-lp151.3.3.1(i586|x86_64)0:3.3.15-lp151.6.3.1(x86_64)0:1.03-lp151.3.3.1(x86_64)0:3.96-lp151.3.3.1(i586|x86_64)0:1.4.2-lp151.3.3.1(x86_64)0:1.4.2-lp151.3.3.1(i586|x86_64)0:0.0.6-lp151.3.3.1(x86_64)0:0.0.6-lp151.3.3.1(i586|x86_64)0:3.2.2-lp151.2.9.1(noarch)0:0.0.6-lp151.3.3.1(x86_64)0:3.28.1.1-lp151.3.3.1(noarch)0:3.28.1.1-lp151.3.3.1(x86_64)0:3.6.1-lp151.3.3.1(i586|x86_64)0:1.10.6-lp151.4.3.1(noarch)0:1.10.6-lp151.4.3.1(x86_64)0:3.4.2-lp151.8.3.1(x86_64)0:2.05-lp151.8.3.1(x86_64)0:20190618-lp151.2.3.1(x86_64)0:4.12.1_02-lp151.2.3.1(i586|x86_64)0:4.12.1_02-lp151.2.3.1(x86_64)0:4.12.14-lp151.28.32.1(noarch)0:4.12.14-lp151.28.32.1(x86_64)0:3.1.1.1-lp151.7.6.1(noarch)0:1.0.0+-lp151.7.6.1(noarch)0:1.12.0-lp151.7.6.1(noarch)0:8-lp151.7.6.1(x86_64)0:0.43-lp151.3.3.1(x86_64)0:4.12.1_04-lp151.2.6.1(i586|x86_64)0:4.12.1_04-lp151.2.6.1(i586|x86_64)0:2.4.5-lp151.3.3.1(x86_64)0:2.4.5-lp151.3.3.1(x86_64)0:4.4.5-lp151.5.4.1(noarch)0:4.4.5-lp151.5.4.1(i586|x86_64)0:1.6.34-lp151.3.3.1(x86_64)0:1.6.34-lp151.3.3.1(x86_64)0:1.3.1-lp151.3.3.1(i586|x86_64)0:2.2.5-lp151.6.6.1(x86_64)0:2.2.5-lp151.6.6.1(i586|x86_64)0:4.8.7-lp151.9.3.1(x86_64)0:4.8.7-lp151.9.3.1(noarch)0:4.8.7-lp151.9.3.1(x86_64)0:3.26.6-lp151.4.3.1(noarch)0:3.26.6-lp151.4.3.1(x86_64)0:18.09.6_ce-lp151.2.6.1(noarch)0:18.09.6_ce-lp151.2.6.1(x86_64)0:0.4.1-lp151.2.1(x86_64)0:3.6.1-lp151.2.1(noarch)0:20190401-lp151.2.3.1(x86_64)0:1.4.4-lp151.3.3.1(noarch)0:1.4.4-lp151.3.3.1(x86_64)0:0.3.0-lp151.2.3.1(x86_64)0:3000-lp151.5.21.1(noarch)0:3000-lp151.5.21.1(x86_64)0:3.2.6a-lp151.4.3.1(i586|x86_64)0:1.8.1-lp151.4.3.1(x86_64)0:1.8.1-lp151.4.3.1(x86_64)0:2.0.8-lp151.3.3.1(i586|x86_64)0:0.13.69-lp151.4.3.1(x86_64)0:0.13.69-lp151.4.3.1(noarch)0:2.8.1-lp151.2.3.1(i586|x86_64)0:1.16.1-lp151.7.3.1(x86_64)0:1.16.1-lp151.7.3.1(x86_64)0:1.14.2-lp151.4.3.1(noarch)0:1.14.2-lp151.4.3.1(x86_64)0:0.14.1-lp151.4.3.1(x86_64)0:0.14.1-lp151.3.3.1(x86_64)0:6.2.5.2-lp151.3.3.4(noarch)0:6.2.5.2-lp151.3.3.4(x86_64)0:0.4.10-lp151.2.3.1(noarch)0:1.4.3-lp151.2.1(noarch)0:20190423-lp151.2.3.1(i586|x86_64)0:20190423-lp151.2.3.1(x86_64)0:7.7.0-lp151.3.3.1(i586|x86_64)0:3.6.7-lp151.2.3.1(x86_64)0:3.6.7-lp151.2.3.1(x86_64)0:4.12.14-lp151.28.10.1(noarch)0:4.12.14-lp151.28.10.1(x86_64)0:1.2.5-lp151.2.3.1(noarch)0:1.2.5-lp151.2.3.1(x86_64)0:18.09.6_ce-lp151.2.3.1(noarch)0:18.09.6_ce-lp151.2.3.1(x86_64)0:0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1(x86_64)0:1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1(noarch)0:1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1(i586|x86_64)0:1.12-lp151.2.3.1(x86_64)0:1.12-lp151.2.3.1(x86_64)0:1.11.9-lp151.2.3.1(x86_64)0:1.12.4-lp151.2.3.1(noarch)0:2.20.1-lp151.2.3.1(noarch)0:2.7.3-lp151.6.5.1(i586|x86_64)0:3.47.1-lp151.2.9.1(x86_64)0:3.47.1-lp151.2.9.1(i586|x86_64)0:4.23-lp151.2.6.1(x86_64)0:4.23-lp151.2.6.1(x86_64)0:0.7.3.1-lp151.2.3.1(x86_64)0:0.19.8.1-lp151.5.3.1(i586|x86_64)0:0.19.8.1-lp151.5.3.1(noarch)0:0.19.8.1-lp151.5.3.1(aarch64|ppc64le|s390x|x86_64)0:1.4.54-lp151.3.3.1(aarch64|ppc64le|s390x|x86_64)0:3.1c-lp151.3.3.1(i586|x86_64)0:2.0.14-lp151.4.3.1(x86_64)0:2.0.14-lp151.4.3.1(i586|x86_64)0:0.4.6-lp151.6.3.1(x86_64)0:0.4.6-lp151.6.3.1(x86_64)0:3.0.7.1-lp151.6.3.1(noarch)0:3.0.7.1-lp151.6.3.1(i586|x86_64)0:7.2.5-lp151.6.3.1(noarch)0:7.2.5-lp151.6.3.1(aarch64|x86_64)0:75.0.3770.142-lp151.2.12.4(noarch)0:1.3.0-lp151.2.6.1(aarch64|ppc64le|s390x|x86_64)0:1.8.6-lp151.2.3.1(x86_64)0:1.1.6-lp151.2.3.1(i586|x86_64)0:1.1.10-lp151.8.6.1(noarch)0:1.1.10-lp151.8.6.1(x86_64)0:1.1.10-lp151.8.6.1(i586|x86_64)0:0.7.6-lp151.2.3.2(i586|x86_64)0:2.48.9-lp151.2.3.1(noarch)0:2.48.9-lp151.2.3.1(i586|x86_64)0:2.45.27-lp151.2.3.1(noarch)0:2.45.27-lp151.2.3.1(i586|x86_64)0:17.15.0-lp151.2.3.2(i586|x86_64)0:4.1.2-lp151.2.3.1(noarch)0:4.1.2-lp151.2.3.1(i586|x86_64)0:1.14.30-lp151.2.3.1(noarch)0:1.14.30-lp151.2.3.1(x86_64)0:4.12.14-lp151.28.87.2(noarch)0:4.12.14-lp151.28.87.1(x86_64)0:4.12.14-lp151.28.87.1(aarch64|i586|ppc64le|s390x|x86_64)0:1.2.19-lp151.4.6.1(x86_64)0:1.2.19-lp151.4.6.1(i586|x86_64)0:2.2.5-lp151.3.3.1(x86_64)0:2.2.5-lp151.3.3.1(i586|x86_64)0:2.7.14-lp151.10.7.1(x86_64)0:2.7.14-lp151.10.7.1(noarch)0:2.7.14-lp151.10.7.1(x86_64)0:4.12.14-lp151.28.13.1(noarch)0:4.12.14-lp151.28.13.1(i586|x86_64)0:0.3.17-lp151.2.3.1(x86_64)0:0.3.17-lp151.2.3.1(x86_64)0:4.12.14-lp151.28.63.1(noarch)0:4.12.14-lp151.28.63.1(i586|x86_64)0:9.11.2-lp151.11.3.1(x86_64)0:9.11.2-lp151.11.3.1(noarch)0:9.11.2-lp151.11.3.1(x86_64)0:5.8.2-lp151.4.6.1(noarch)0:5.8.2-lp151.4.6.1(i586|x86_64)0:2.10.1-lp151.4.3.1(x86_64)0:2.10.1-lp151.4.3.1(noarch)0:2.10.1-lp151.4.3.1(x86_64)0:4.12.14-lp151.28.4.1(noarch)0:4.12.14-lp151.28.4.1(i586|x86_64)0:4.2.8p15-lp151.2.3.1(i586|x86_64)0:2.0.14-lp151.4.6.1(x86_64)0:2.0.14-lp151.4.6.1(noarch)0:9.0.21-lp151.3.3.1(noarch)0:2.2.45-lp151.2.3.1(x86_64)0:19.2-lp151.2.9.1(noarch)0:6.0.29-lp151.2.6.2(noarch)0:9.0.30-lp151.3.6.1(i586|x86_64)0:2.4.33-lp151.8.6.1(noarch)0:2.4.33-lp151.8.6.1(noarch)0:1.9.2-lp151.3.3.1(x86_64)0:3.26.0+20180128.1bd86963-lp151.4.6.1(noarch)0:3.26.0+20180128.1bd86963-lp151.4.6.1(x86_64)0:8.3.1-lp151.4.3.1(x86_64)0:1.1.37-lp151.4.3.1(i586|x86_64)0:0.4.6-lp151.6.7.1(x86_64)0:0.4.6-lp151.6.7.1(i586|x86_64)0:0.6-lp151.4.3.1(x86_64)0:0.6-lp151.4.3.1(x86_64)0:4.12.14-lp151.28.7.1(noarch)0:4.12.14-lp151.28.7.1(x86_64)0:10.9-lp151.2.3.1(x86_64)0:4.88-lp151.4.3.1(x86_64)0:4.4.0+git.1558595666.5f79f9e9-lp151.2.3.1(i586|x86_64)0:2.7.14-lp151.10.3.1(x86_64)0:2.7.14-lp151.10.3.1(noarch)0:2.7.14-lp151.10.3.1(i586|x86_64)0:5.1.0-lp151.7.3.1(noarch)0:5.1.0-lp151.7.3.1(x86_64)0:5.1.0-lp151.7.3.1(aarch64|ppc64le|s390x|x86_64)0:4.1.8-lp151.2.3.1(i586|x86_64)0:10.9-lp151.2.3.1(noarch)0:10.9-lp151.2.3.1(i586|x86_64)0:4.9.5+git.187.71edee57d5a-lp151.2.6.1(x86_64)0:4.9.5+git.187.71edee57d5a-lp151.2.6.1(noarch)0:4.9.5+git.187.71edee57d5a-lp151.2.6.1(noarch)0:2.9.6-lp151.2.7.1(x86_64)0:10.10-lp151.2.6.1(x86_64)0:1.17.0-lp151.2.6.1(x86_64)0:1.4.4-lp151.3.6.1(noarch)0:1.4.4-lp151.3.6.1(x86_64)0:0.1.41-lp151.2.6.1(i586|x86_64)0:9.26a-lp151.3.3.1(i586|x86_64)0:4.9.5+git.210.ab0549acb05-lp151.2.9.1(x86_64)0:4.9.5+git.210.ab0549acb05-lp151.2.9.1(noarch)0:4.9.5+git.210.ab0549acb05-lp151.2.9.1(x86_64)0:18.12.3-lp151.2.4.1(noarch)0:18.12.3-lp151.2.4.1(noarch)0:1.3.15-lp151.3.3.1(noarch)0:1.0.3-lp151.2.3.1(i586|x86_64)0:2.40.1-lp151.6.3.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-lp151.8.3.1(i586|x86_64)0:7.2.5-lp151.6.6.1(noarch)0:7.2.5-lp151.6.6.1(i586|x86_64)0:7.2.5-lp151.6.9.1(noarch)0:7.2.5-lp151.6.9.1(i586|x86_64)0:7.2.5-lp151.6.13.1(noarch)0:7.2.5-lp151.6.13.1(i586|x86_64)0:7.2.5-lp151.6.19.2(noarch)0:7.2.5-lp151.6.19.2(i586|x86_64)0:7.2.5-lp151.6.28.1(noarch)0:7.2.5-lp151.6.28.1(x86_64)0:2019.01-lp151.6.13.1(i586|x86_64)0:1.1.32-lp151.3.3.1(x86_64)0:1.1.32-lp151.3.3.1(x86_64)0:2.3.1-lp151.2.3.1(x86_64)0:20191112a-lp151.2.12.1(x86_64)0:3.0.16-lp151.4.3.1(noarch)0:1.24-lp151.2.3.1(x86_64)0:3.6.0-lp151.2.6.1(noarch)0:2.2.4-lp151.2.3.1(x86_64)0:3.26.0+20180128.1bd86963-lp151.4.3.1(noarch)0:3.26.0+20180128.1bd86963-lp151.4.3.1(i586|x86_64)0:7.0.7.34-lp151.7.3.1(x86_64)0:7.0.7.34-lp151.7.3.1(noarch)0:7.0.7.34-lp151.7.3.1(x86_64)0:2.3.3-lp151.2.6.1(noarch)0:5.5-lp151.2.3.1(x86_64)0:1.5.6-lp151.4.3.1(i586|x86_64)0:7.0.7.34-lp151.7.6.1(x86_64)0:7.0.7.34-lp151.7.6.1(noarch)0:7.0.7.34-lp151.7.6.1(x86_64)0:60.7.2-lp151.2.7.1(x86_64)0:60.8.0-lp151.2.10.1(x86_64)0:68.1.1-lp151.2.13.1(x86_64)0:2.1.2-lp151.2.6.1(i586|x86_64)0:3.44.1-lp151.2.3.1(x86_64)0:3.44.1-lp151.2.3.1(x86_64)0:68.1.0-lp151.2.14.1(x86_64)0:68.3.0-lp151.2.21.1(x86_64)0:68.3.0-lp151.2.19.1(x86_64)0:68.2.0-lp151.2.18.2(x86_64)0:68-lp151.3.3.1(x86_64)0:68.2.1-lp151.2.16.1(noarch)0:4.9.0.1-lp151.2.3.1(x86_64)0:1.5.7-lp151.2.3.1(x86_64)0:3.1.1-lp151.7.3.3(noarch)0:1.0.0+-lp151.7.3.3(x86_64)0:3.1.1-lp151.7.3.2(noarch)0:1.12.0-lp151.7.3.3(noarch)0:8-lp151.7.3.3(x86_64)0:1.1.6-lp151.2.6.1(x86_64)0:1.0.8-lp151.2.3.1(i586|x86_64)0:2.0.5-lp151.2.5.1(x86_64)0:2.0.5-lp151.2.5.1(aarch64|ppc64le|s390x|x86_64)0:2.0.11-lp151.2.3.1(i586|x86_64)0:2.2.0-lp151.3.3.1(x86_64)0:2.2.0-lp151.3.3.1(noarch)0:2.2.0-lp151.3.3.1(i586|x86_64)0:17.9.0-lp151.3.3.1(i586|x86_64)0:4.9.5+git.176.375e1f05788-lp151.2.3.1(x86_64)0:4.9.5+git.176.375e1f05788-lp151.2.3.1(noarch)0:4.9.5+git.176.375e1f05788-lp151.2.3.1(i586|x86_64)0:0.3.3-lp151.2.3.1(i586|x86_64)0:1.34.2.1-lp151.6.3.1(x86_64)0:1.34.2.1-lp151.6.3.1(noarch)0:1.34.2.1-lp151.6.3.1(x86_64)0:4.11-lp151.2.15.2(x86_64)0:4.9-lp151.2.7.1(aarch64|ppc64le|s390x|x86_64)0:0.74.3-lp151.3.3.1(x86_64)0:0.103.0-lp151.2.12.1(x86_64)0:0.100.3-lp151.2.3.1(i586|x86_64)0:8.0.1568-lp151.5.3.1(x86_64)0:0.3.7-lp151.2.7.1(noarch)0:0.3.7-lp151.2.7.1(noarch)0:8.0.1568-lp151.5.3.1(i586|x86_64)0:1.12.2-lp151.4.3.1(x86_64)0:1.12.2-lp151.4.3.1(noarch)0:1.12.2-lp151.4.3.1(i586|x86_64)0:1.0.3+20190326.a521604-lp151.2.3.1(x86_64)0:1.0.3+20190326.a521604-lp151.2.3.1(aarch64|ppc64le|s390x|x86_64)0:1.7.4-lp151.2.3.1(noarch)0:1.7.4-lp151.2.3.1(x86_64)0:18.08.9-lp151.2.6.1(i586|x86_64)0:17.9.0-lp151.3.6.1(i586|x86_64)0:1.0.6-lp151.5.9.1(noarch)0:1.0.6-lp151.5.9.1(x86_64)0:1.0.6-lp151.5.9.1(i586|x86_64)0:1.8.2-lp151.9.4.1(x86_64)0:1.8.2-lp151.9.4.1(x86_64)0:1.3.29-lp151.4.17.1(noarch)0:4.9.4-lp151.2.12.1(i586|x86_64)0:2.35-lp151.3.9.1(x86_64)0:2.35-lp151.3.9.1(i586|x86_64)0:9.27-lp151.3.6.1(i586|x86_64)0:7.0.7.34-lp151.7.9.1(x86_64)0:7.0.7.34-lp151.7.9.1(noarch)0:7.0.7.34-lp151.7.9.1(aarch64|ppc64le|s390x|x86_64)0:1.1.3-lp151.2.3.1(i586|x86_64)0:2.2.5-lp151.6.3.1(noarch)0:2.2.5-lp151.6.3.1(x86_64)0:2019.01-lp151.6.3.1(i586|x86_64)0:1.1.32-lp151.3.6.1(x86_64)0:1.1.32-lp151.3.6.1(x86_64)0:4.2.3-lp151.5.3.1(i586|x86_64)0:10.16.0-lp151.2.3.1(noarch)0:10.16.0-lp151.2.3.1(i586|x86_64)0:8.15.1-lp151.2.3.1(noarch)0:8.15.1-lp151.2.3.1(x86_64)0:3.2.15-lp151.4.3.3(noarch)0:3.2.15-lp151.4.3.3(aarch64|ppc64le|s390x|x86_64)0:4.1.27-lp151.2.3.1(noarch)0:1.0.0-lp151.4.3.1(x86_64)0:3.0.16-lp151.4.4.1(noarch)0:2.16-lp151.3.3.1(noarch)0:1.04-lp151.3.3.1(i586|x86_64)0:1.1.36-lp151.3.3.1(x86_64)0:3.0.9.2-lp151.6.6.1(noarch)0:3.0.9.2-lp151.6.6.1(i586|x86_64)0:1.2.15-lp151.4.3.1(x86_64)0:1.2.15-lp151.4.3.1(i586|x86_64)0:2.0.8-lp151.4.6.1(x86_64)0:2.0.8-lp151.4.6.1(i586|x86_64)0:1.2.12+hg695-lp151.3.3.1(x86_64)0:1.2.12+hg695-lp151.3.3.1(i586|x86_64)0:2.4.16-lp151.2.6.1(i586|x86_64)0:1.8.2-lp151.9.7.1(x86_64)0:1.8.2-lp151.9.7.1(x86_64)0:4.1.5-lp151.2.3.1(x86_64)0:77.0.3865.75-lp151.2.30.1(x86_64)0:77.0.3865.90-lp151.2.33.1(x86_64)0:77.0.3865.120-lp151.2.36.1(x86_64)0:78.0.3904.70-lp151.2.39.1(i586|x86_64)0:20190901-lp151.10.3.1(x86_64)0:20190901-lp151.10.3.1(x86_64)0:78.0.3904.87-lp151.2.42.1(x86_64)0:65.0.3467.62-lp151.2.9.1(x86_64)0:78.0.3904.108-lp151.2.48.1(aarch64|x86_64)0:79.0.3945.79-lp151.2.51.1(aarch64|x86_64)0:79.0.3945.88-lp151.2.54.1(x86_64)0:4.88-lp151.4.6.1(x86_64)0:2.0.5+git0.d905f49a-lp151.2.3.1(i586|x86_64)0:7.4.1+r275405-lp151.2.6.1(x86_64)0:9.3.1+git1296-lp151.2.2(x86_64)0:9.3.1+git1296-lp151.2.1(x86_64)0:7.4.1+r275405-lp151.2.6.1(noarch)0:7.4.1+r275405-lp151.2.6.1(noarch)0:9.3.1+git1296-lp151.2.2(x86_64)0:2.7.2-lp151.3.3.1(x86_64)0:3.2.6a-lp151.4.9.1(i586|x86_64)0:1.8.22-lp151.5.3.1(aarch64|i586|ppc64le|s390x|x86_64)0:5.6.5-lp151.3.3.1(x86_64)0:5.6.5-lp151.3.3.1(x86_64)0:3.3.1-lp151.6.3.1(x86_64)0:20190805-lp151.3.3.1(i586|x86_64)0:2017+git1510945757.b2662641d5-lp151.11.3.1(noarch)0:2017+git1510945757.b2662641d5-lp151.11.3.1(x86_64)0:2017+git1510945757.b2662641d5-lp151.11.3.1(i586|x86_64)0:2017+git1510945757.b2662641d5-lp151.11.6.1(noarch)0:2017+git1510945757.b2662641d5-lp151.11.6.1(x86_64)0:2017+git1510945757.b2662641d5-lp151.11.6.1(i586|x86_64)0:2017+git1510945757.b2662641d5-lp151.11.9.1(noarch)0:2017+git1510945757.b2662641d5-lp151.11.9.1(x86_64)0:2017+git1510945757.b2662641d5-lp151.11.9.1(i586|x86_64)0:2017+git1510945757.b2662641d5-lp151.11.12.1(noarch)0:2017+git1510945757.b2662641d5-lp151.11.12.1(x86_64)0:2017+git1510945757.b2662641d5-lp151.11.12.1(x86_64)0:4.12.14-lp151.28.40.1(noarch)0:4.12.14-lp151.28.40.1(aarch64|i586|ppc64le|s390x|x86_64)0:5.55.0-lp151.2.5.1(x86_64)0:5.55.0-lp151.2.5.1(aarch64|i586|ppc64le|s390x|x86_64)0:4.14.38-lp151.9.5.1(noarch)0:4.14.38-lp151.9.5.1(noarch)0:5.55.0-lp151.2.5.1(x86_64)0:4.14.38-lp151.9.5.1(noarch)0:3.4.5-lp151.4.3.1(noarch)0:0.14.1-lp151.2.3.1(x86_64)0:1.11.13-lp151.2.9.1(x86_64)0:1.12.9-lp151.2.21.1(i586|x86_64)0:1.5.19-lp151.2.3.1(x86_64)0:1.5.19-lp151.2.3.1(noarch)0:1.5.19-lp151.2.3.1(noarch)0:0.13.3-lp151.3.3.1(x86_64)0:2.3.8-lp151.2.3.1(i586|x86_64)0:4.9.5+git.224.86a8e66adea-lp151.2.12.1(x86_64)0:4.9.5+git.224.86a8e66adea-lp151.2.12.1(noarch)0:4.9.5+git.224.86a8e66adea-lp151.2.12.1(i586|x86_64)0:2.12-lp151.3.3.1(noarch)0:2.12-lp151.3.3.1(i586|x86_64)0:9.27-lp151.3.9.1(i586|x86_64)0:0.8.7-lp151.2.9.1(x86_64)0:0.8.7-lp151.2.9.1(x86_64)0:4.12.14-lp151.28.36.1(noarch)0:4.12.14-lp151.28.36.1(i586|x86_64)0:4.9.5+git.243.e76c5cb3d97-lp151.2.15.1(x86_64)0:4.9.5+git.243.e76c5cb3d97-lp151.2.15.1(noarch)0:4.9.5+git.243.e76c5cb3d97-lp151.2.15.1(i586|x86_64)0:4.0.9-lp151.10.3.1(x86_64)0:4.0.9-lp151.10.3.1(i586|x86_64)0:7.0.7.34-lp151.7.12.1(x86_64)0:7.0.7.34-lp151.7.12.1(noarch)0:7.0.7.34-lp151.7.12.1(x86_64)0:3.1.1.1-lp151.7.12.1(noarch)0:1.0.0+-lp151.7.12.1(noarch)0:1.12.0-lp151.7.12.1(noarch)0:8-lp151.7.12.1(i586|x86_64)0:3.5.27-lp151.3.3.1(i586|x86_64)0:1.0.2p-lp151.5.10.1(x86_64)0:1.0.2p-lp151.5.10.1(i586|x86_64)0:1.1.0i-lp151.8.3.1(x86_64)0:1.1.0i-lp151.8.3.1(noarch)0:1.0.2p-lp151.5.10.1(noarch)0:1.1.0i-lp151.8.3.1(i586|x86_64)0:1.0.2p-lp151.5.13.1(x86_64)0:1.0.2p-lp151.5.13.1(i586|x86_64)0:1.1.0i-lp151.8.6.1(x86_64)0:1.1.0i-lp151.8.6.1(noarch)0:1.0.2p-lp151.5.13.1(noarch)0:1.1.0i-lp151.8.6.1(x86_64)0:3.2.2-lp151.3.3.1(noarch)0:3.2.2-lp151.3.3.1(i586|x86_64)0:1.0.2p-lp151.5.3.1(x86_64)0:1.0.2p-lp151.5.3.1(noarch)0:1.0.2p-lp151.5.3.1(i586|x86_64)0:8.17.0-lp151.2.12.1(noarch)0:8.17.0-lp151.2.12.1(noarch)0:15.0.14-lp151.2.3.1(i586|x86_64)0:0.9.10-lp151.7.3.1(x86_64)0:3.22.0-lp151.4.3.1(noarch)0:3.22.0-lp151.4.3.1(x86_64)0:1.9.0-lp151.4.3.1(noarch)0:1.9.0-lp151.4.3.1(x86_64)0:3.2.2-lp151.3.6.1(noarch)0:3.2.2-lp151.3.6.1(x86_64)0:1.3.4-lp151.2.3.1(x86_64)0:4.88-lp151.4.9.1(x86_64)0:6.2.1-lp151.3.3.1(i586|x86_64)0:2.2.5-lp151.3.6.1(x86_64)0:2.2.5-lp151.3.6.1(x86_64)0:0.100.3-lp151.2.6.1(i586|x86_64)0:2.7.14-lp151.10.10.2(x86_64)0:2.7.14-lp151.10.10.2(i586|x86_64)0:3.6.10-lp151.6.18.1(x86_64)0:3.6.10-lp151.6.18.1(i586|x86_64)0:2.7.14-lp151.10.10.1(x86_64)0:2.7.14-lp151.10.10.1(noarch)0:2.7.14-lp151.10.10.1(x86_64)0:1.6.8-lp151.2.3.1(x86_64)0:12.0.2-lp151.3.9.1(i586|x86_64)0:3.28.0-lp151.2.3.1(x86_64)0:3.28.0-lp151.2.3.1(noarch)0:3.28.0-lp151.2.3.1(x86_64)0:4.12.14-lp151.28.25.1(noarch)0:4.12.14-lp151.28.25.1(x86_64)0:7.08-lp151.6.3.1(noarch)0:7.08-lp151.6.3.1(x86_64)0:1.12.12-lp151.2.25.1(noarch)0:4.1.5-lp151.3.3.1(x86_64)0:3.26.2-lp151.4.3.1(noarch)0:3.26.2-lp151.4.3.1(i586|x86_64)0:1.6.2-lp151.3.3.1(x86_64)0:1.3.29-lp151.4.9.1(x86_64)0:4.12.14-lp151.28.59.1(noarch)0:4.12.14-lp151.28.59.1(x86_64)0:2.6.5-lp151.2.18.2(i586|x86_64)0:8.17.0-lp151.2.9.1(noarch)0:8.17.0-lp151.2.9.1(x86_64)0:0.59.0-lp151.3.3.1(noarch)0:1.4.3-lp151.3.3.1(x86_64)0:1.2.10-lp151.2.9.1(x86_64)0:19.03.5_ce-lp151.2.15.1(noarch)0:19.03.5_ce-lp151.2.15.1(x86_64)0:0.7.0.1+gitr2877_3eb39382bfa6-lp151.2.9.1(x86_64)0:1.0.0rc8+gitr3917_3e425f80a8c9-lp151.3.12.1(i586|x86_64)0:3.6.12-lp151.6.32.1(x86_64)0:3.6.12-lp151.6.32.1(i586|x86_64)0:3.53-lp151.2.23.1(x86_64)0:3.53-lp151.2.23.1(i586|x86_64)0:4.25-lp151.2.9.1(x86_64)0:4.25-lp151.2.9.1(x86_64)0:68.4.1-lp151.2.24.1(x86_64)0:68.4.1-lp151.2.22.2(i586|x86_64)0:8.33.1-lp151.6.10.1(x86_64)0:0.73-lp151.3.6.1(i586|x86_64)0:0.3.19-lp151.2.6.1(x86_64)0:0.3.19-lp151.2.6.1(x86_64)0:2.0.0~rc4-lp151.5.3.1(x86_64)0:2019.2.0-lp151.5.12.1(noarch)0:2019.2.0-lp151.5.12.1(x86_64)0:1.17-lp151.3.3.1(x86_64)0:1.6-lp151.3.3.1(i586|x86_64)0:1.9.0-lp151.6.6.1(x86_64)0:1.9.0-lp151.6.6.1(i586|x86_64)0:1.8.0-lp151.3.3.1(x86_64)0:1.8.0-lp151.3.3.1(aarch64|ppc64le|x86_64)0:2.4.3-lp151.3.3.1(noarch)0:1.9-lp151.6.3.1(noarch)0:9.0.31-lp151.3.12.1(noarch)0:1.2.17-lp151.5.3.1(i586|x86_64)0:6.1-lp151.6.3.1(x86_64)0:6.1-lp151.6.3.1(i586|x86_64)0:3.4.0-lp151.3.3.1(x86_64)0:80.0.3987.87-lp151.2.63.1(i586|x86_64)0:5.32-lp151.8.3.1(x86_64)0:5.32-lp151.8.3.1(noarch)0:5.32-lp151.8.3.1(x86_64)0:2.0.10+git0.ac198b92-lp151.2.6.1(i586|x86_64)0:2.7.17-lp151.10.17.1(x86_64)0:2.7.17-lp151.10.17.1(noarch)0:2.7.17-lp151.10.17.1(x86_64)0:0.6.0-lp151.4.3.1(x86_64)0:0.7.1-lp151.2.3.1(x86_64)0:0.8.4-lp151.2.3.1(x86_64)0:2.0.10-lp151.2.1(x86_64)0:0.7.6-lp151.5.1(x86_64)0:1.8.0-lp151.3.9.1(noarch)0:1.8.0-lp151.3.9.1(i586|x86_64)0:1.8.22-lp151.5.6.1(i586|x86_64)0:1.40.0-lp151.3.6.1(x86_64)0:1.40.0-lp151.3.6.1(i586|x86_64)0:3.5.27-lp151.3.6.1(i586|x86_64)0:0.3.14-lp151.4.6.1(x86_64)0:0.3.14-lp151.4.6.1(x86_64)0:3.1-lp151.3.3.1(i586|x86_64)0:0.7.10-lp151.2.10.1(i586|x86_64)0:17.19.0-lp151.2.10.1(i586|x86_64)0:1.14.33-lp151.2.10.1(noarch)0:1.14.33-lp151.2.10.1(i586|x86_64)0:10.2.31-lp151.2.12.1(noarch)0:10.2.31-lp151.2.12.1(i586|x86_64)0:0.6.60-lp151.2.6.1(i586|x86_64)0:0.6.60-lp151.2.9.1(x86_64)0:2.5.2-lp151.2.9.1(noarch)0:4.1.15-lp151.2.12.1(x86_64)0:2.3.10-lp151.3.3.1(i586|x86_64)0:1.6.8-lp151.8.3.1(x86_64)0:1.6.8-lp151.8.3.1(noarch)0:1.6.8-lp151.8.3.1(noarch)0:2.2.8-lp151.2.6.1(x86_64)0:2.6.1-lp151.3.3.1(x86_64)0:1.3.1-lp151.2.6.1(x86_64)0:0.97.3-lp151.4.3.1(noarch)0:0.97.3-lp151.4.3.1(x86_64)0:4.12.1_06-lp151.2.9.1(i586|x86_64)0:4.12.1_06-lp151.2.9.1(x86_64)0:2.6.1-lp151.2.3.1(x86_64)0:12.0.2-lp151.3.15.1(x86_64)0:4.12.14-lp151.28.44.1(noarch)0:4.12.14-lp151.28.44.1(x86_64)0:4.12.14-lp151.28.48.1(noarch)0:4.12.14-lp151.28.48.1(x86_64)0:3.40-lp151.2.3.1(x86_64)0:1.0.0rc8+gitr3917_3e425f80a8c9-lp151.3.15.1(i586|x86_64)0:7.0.7.34-lp151.7.15.1(x86_64)0:7.0.7.34-lp151.7.15.1(noarch)0:7.0.7.34-lp151.7.15.1(x86_64)0:1.3.29-lp151.4.14.1(i586|x86_64)0:2.9.7-lp151.5.12.1(x86_64)0:2.9.7-lp151.5.12.1(noarch)0:2.9.7-lp151.5.12.1(x86_64)0:0.9.3-lp151.2.3.1(i586|x86_64)0:0.8.7-lp151.3.3.1(x86_64)0:1.14.2-lp151.4.6.1(noarch)0:1.14.2-lp151.4.6.1(i586|x86_64)0:234-lp151.26.7.1(x86_64)0:234-lp151.26.7.1(noarch)0:234-lp151.26.7.1(i586|x86_64)0:2.9.7-lp151.5.9.1(x86_64)0:2.9.7-lp151.5.9.1(noarch)0:2.9.7-lp151.5.9.1(i586|x86_64)0:2.42.8-lp151.3.3.1(x86_64)0:2.42.8-lp151.3.3.1(noarch)0:2.42.8-lp151.3.3.1(x86_64)0:2.3.8-lp151.2.6.1(x86_64)0:68.6.0-lp151.2.33.1(x86_64)0:68.6.0-lp151.2.28.1(aarch64|x86_64)0:80.0.3987.149-lp151.2.73.1(x86_64)0:6.2.1-lp151.3.6.1(x86_64)0:0.7.5-lp151.2.6.1(x86_64)0:2.5.1.4-lp151.3.3.1(i586|x86_64)0:8.0.1568-lp151.5.6.1(noarch)0:8.0.1568-lp151.5.6.1(i586|x86_64)0:2.7.17-lp151.10.21.1(x86_64)0:2.7.17-lp151.10.21.1(noarch)0:2.7.17-lp151.10.21.1(i586|x86_64)0:2.7.17-lp151.10.29.1(x86_64)0:2.7.17-lp151.10.29.1(i586|x86_64)0:3.6.12-lp151.6.27.1(x86_64)0:3.6.12-lp151.6.27.1(noarch)0:2.7.17-lp151.10.29.1(noarch)0:10.0.1-lp151.3.6.1(noarch)0:40.5.0-lp151.2.3.1(i586|x86_64)0:1.639-lp151.3.13.1(x86_64)0:4.12.14-lp151.28.91.1(noarch)0:4.12.14-lp151.28.91.1(i586|x86_64)0:1.6.1-lp151.5.3.1(x86_64)0:1.6.1-lp151.5.3.1(i586|x86_64)0:1.5.3-lp151.6.3.1(i586|x86_64)0:62.2.0-lp151.6.3.1(x86_64)0:62.2.0-lp151.6.3.1(i586|x86_64)0:8.1.2-lp151.6.3.1(x86_64)0:8.1.2-lp151.6.3.1(noarch)0:8.0.19-lp151.3.3.1(i586|x86_64)0:3.1.2-lp151.3.3.1(x86_64)0:3.1.2-lp151.3.3.1(i586|x86_64)0:10.2.25-lp151.2.3.1(noarch)0:10.2.25-lp151.2.3.1(i586|x86_64)0:10.2.29-lp151.2.9.1(noarch)0:10.2.29-lp151.2.9.1(i586|x86_64)0:11.0.4.0-lp151.3.6.1(noarch)0:11.0.4.0-lp151.3.6.1(i586|x86_64)0:1.8.0.222-lp151.2.3.1(noarch)0:1.8.0.222-lp151.2.3.1(i586|x86_64)0:11.0.5.0-lp151.3.9.2(noarch)0:11.0.5.0-lp151.3.9.2(i586|x86_64)0:1.8.0.232-lp151.2.6.1(noarch)0:1.8.0.232-lp151.2.6.1(noarch)0:0.169.1-lp151.2.15.1(noarch)0:0.165.4-lp151.2.6.1(i586|x86_64)0:20181116-lp151.4.12.1(noarch)0:20181116-lp151.4.12.1(i586|x86_64)0:20181116-lp151.4.9.1(noarch)0:20181116-lp151.4.9.1(i586|x86_64)0:2.1.1-lp151.7.3.1(i586|x86_64)0:0.5.13-lp151.4.3.1(x86_64)0:0.5.13-lp151.4.3.1(x86_64)0:2.5.4-lp151.3.3.1(x86_64)0:2.1.29-lp151.3.3.1(i586|x86_64)0:4.3.1-lp151.2.3.1(noarch)0:4.3.1-lp151.2.3.1(x86_64)0:3.26.2+20180130.0d9c74212-lp151.7.3.1(noarch)0:3.26.2+20180130.0d9c74212-lp151.7.3.1(x86_64)0:1.16.1-lp151.3.3.1(i586|x86_64)0:4.5.2-lp151.6.3.1(noarch)0:4.5.2-lp151.6.3.1(noarch)0:20190513-lp151.3.3.1(i586|x86_64)0:18.3.2-lp151.23.9.1(x86_64)0:18.3.2-lp151.23.9.1(i586|x86_64)0:1.0.0-lp151.23.9.1(i586|x86_64)0:1.43.8-lp151.5.6.1(x86_64)0:1.43.8-lp151.5.6.1(x86_64)0:3.3.3-lp151.2.3.1(noarch)0:3.3.3-lp151.2.3.1(i586|x86_64)0:1.43.8-lp151.5.12.1(x86_64)0:1.43.8-lp151.5.12.1(i586|x86_64)0:7.60.0-lp151.5.3.1(x86_64)0:7.60.0-lp151.5.3.1(i586|x86_64)0:7.60.0-lp151.5.6.1(x86_64)0:7.60.0-lp151.5.6.1(x86_64)0:3.2.1-lp151.4.5.1(noarch)0:3.2.1-lp151.4.5.1(aarch64|x86_64)0:75.0.3770.90-lp151.2.9.3(x86_64)0:79.0.3945.117-lp151.2.57.2(i586|x86_64)0:20200101-lp151.10.6.1(x86_64)0:20200101-lp151.10.6.1(x86_64)0:76.0.3809.87-lp151.2.15.1(x86_64)0:76.0.3809.100-lp151.2.20.1(x86_64)0:76.0.3809.132-lp151.2.25.1(i586|x86_64)0:0.114-lp151.5.3.1(x86_64)0:0.114-lp151.5.3.1(noarch)0:0.114-lp151.5.3.1(i586|x86_64)0:2.24.2-lp151.2.3.1(x86_64)0:2.24.2-lp151.2.3.1(noarch)0:2.24.2-lp151.2.3.1(x86_64)0:1.16.1-lp151.5.3.1(i586|x86_64)0:4.3.5-lp151.6.3.1(i586|x86_64)0:9.11.2-lp151.11.6.1(x86_64)0:9.11.2-lp151.11.6.1(noarch)0:9.11.2-lp151.11.6.1(noarch)0:1.2.14-lp151.2.3.1(x86_64)0:1.2.14-lp151.2.3.1(aarch64|ppc64le|s390x|x86_64)0:2019.06.28-lp151.2.3.1(i586|x86_64)0:2.0.8-lp151.4.3.1(x86_64)0:2.0.8-lp151.4.3.1(x86_64)0:87.0.4280.66-lp151.2.156.1(i586|x86_64)0:2.26.2-lp151.2.9.1(x86_64)0:2.26.2-lp151.2.9.1(noarch)0:2.26.2-lp151.2.9.1(i586|x86_64)0:2.24.4-lp151.2.6.1(x86_64)0:2.24.4-lp151.2.6.1(noarch)0:2.24.4-lp151.2.6.1(i586|x86_64)0:2.2.7-lp151.6.3.1(x86_64)0:2.2.7-lp151.6.3.1(i586|x86_64)0:2.26.4-lp151.2.12.1(x86_64)0:2.26.4-lp151.2.12.1(noarch)0:2.26.4-lp151.2.12.1(i586|x86_64)0:1.39.2-lp151.3.3.1(x86_64)0:1.39.2-lp151.3.3.1(i586|x86_64)0:10.16.3-lp151.2.6.1(noarch)0:10.16.3-lp151.2.6.1(i586|x86_64)0:8.16.1-lp151.2.6.1(noarch)0:8.16.1-lp151.2.6.1(i586|x86_64)0:3.6.10-lp151.6.11.1(x86_64)0:3.6.10-lp151.6.11.1(i586|x86_64)0:4.2-lp151.4.3.1(i586|x86_64)0:1.5.1-lp151.4.3.1(noarch)0:20190618-lp151.2.6.1(x86_64)0:6.2.7.1-lp151.3.6.1(noarch)0:6.2.7.1-lp151.3.6.1(x86_64)0:0.5.2-lp151.3.3.1(x86_64)0:0.15.0-lp151.4.6.1(x86_64)0:0.3.15-lp151.2.3.1(noarch)0:0.3.15-lp151.2.3.1(x86_64)0:0.15.3-lp151.3.6.1(x86_64)0:6.3.3.2-lp151.3.9.1(noarch)0:6.3.3.2-lp151.3.9.1(noarch)0:1.5.0-lp151.2.1(noarch)0:20191016-lp151.2.6.1(i586|x86_64)0:20191016-lp151.2.6.1(x86_64)0:0.16.3-lp151.3.3.1(i586|x86_64)0:2.4.1-lp151.3.3.1(x86_64)0:2.4.1-lp151.3.3.1(i586|x86_64)0:1.12.5-lp151.3.3.1(x86_64)0:1.12.5-lp151.3.3.1(noarch)0:1.12.5-lp151.3.3.1(i586|x86_64)0:1.6.1-lp151.5.6.1(x86_64)0:1.6.1-lp151.5.6.1(x86_64)0:4.12.14-lp151.28.71.2(noarch)0:4.12.14-lp151.28.71.1(x86_64)0:4.12.14-lp151.28.71.1(x86_64)0:4.12.14-lp151.28.79.1(noarch)0:4.12.14-lp151.28.79.1(noarch)0:4.12.14-lp151.28.79.2(i586|x86_64)0:1.3.2-lp151.4.3.1(x86_64)0:1.3.2-lp151.4.3.1(noarch)0:1.3.2-lp151.4.3.1(x86_64)0:20200602-lp151.2.24.1(x86_64)0:4.12.3_04-lp151.2.21.1(i586|x86_64)0:4.12.3_04-lp151.2.21.1(i586|x86_64)0:5.48-lp151.8.12.1(noarch)0:5.48-lp151.8.12.1(x86_64)0:5.48-lp151.8.12.1(x86_64)0:81.0.4044.129-lp151.2.85.1(i586|x86_64)0:5.9.7-lp151.4.3.1(x86_64)0:5.9.7-lp151.4.3.1(noarch)0:5.9.7-lp151.4.3.1(i586|x86_64)0:2.28.1-lp151.2.15.2(x86_64)0:2.28.1-lp151.2.15.2(noarch)0:2.28.1-lp151.2.15.2(i586|i686|x86_64)0:2.26-lp151.19.3.1(x86_64)0:2.26-lp151.19.3.1(i586|x86_64)0:2.26-lp151.19.3.1(noarch)0:2.26-lp151.19.3.1(aarch64|ppc64le|s390x|x86_64)0:4.1.12-lp151.3.3.1(i586|x86_64)0:60.2-lp151.3.11.1(x86_64)0:60.2-lp151.3.11.1(noarch)0:60.2-lp151.3.11.1(i586|x86_64)0:5.26.1-lp151.9.6.1(x86_64)0:5.26.1-lp151.9.6.1(noarch)0:5.26.1-lp151.9.6.1(aarch64|ppc64le|s390x|x86_64)0:0.3.5.12-lp151.2.6.1(x86_64)0:2.5.8-lp151.4.9.1(noarch)0:2.5.8-lp151.4.9.1(noarch)0:1.6.1-lp151.6.3.1(i586|x86_64)0:4.9.5+git.317.6d82fb3918b-lp151.2.24.1(x86_64)0:4.9.5+git.317.6d82fb3918b-lp151.2.24.1(noarch)0:4.9.5+git.317.6d82fb3918b-lp151.2.24.1(i586|x86_64)0:2.02-lp151.21.21.4(noarch)0:2.02-lp151.21.21.4(x86_64)0:18.11.3-lp151.3.4.1(noarch)0:18.11.3-lp151.3.4.1(x86_64)0:18.11.3_k4.12.14_lp151.28.48-lp151.3.4.1(i586|x86_64)0:4.9.5+git.343.4bc358522a9-lp151.2.27.1(i586|x86_64)0:1.4.6-lp151.2.3.1(x86_64)0:4.9.5+git.343.4bc358522a9-lp151.2.27.1(x86_64)0:1.4.6-lp151.2.3.1(noarch)0:4.9.5+git.343.4bc358522a9-lp151.2.27.1(x86_64)0:0.8.6-lp151.2.6.1(x86_64)0:14.2.9.970+ged84cae0c9-lp151.2.19.1(noarch)0:14.2.9.970+ged84cae0c9-lp151.2.19.1(x86_64)0:0.4.7-lp151.2.12.1(x86_64)0:1.0.9-lp151.2.3.1(noarch)0:1.0.9-lp151.2.3.1(noarch)0:4.9.7-lp151.2.24.1(x86_64)0:2.3.10-lp151.2.9.1(x86_64)0:2.1.2-lp151.5.6.1(noarch)0:1.2.13-lp151.3.12.1(aarch64|ppc64le|s390x|x86_64)0:1.2.13-lp151.3.12.1(noarch)0:6.0.30-lp151.2.9.1(x86_64)0:4.3.5-lp151.3.3.1(i586|x86_64)0:8.17.0-lp151.2.15.1(noarch)0:8.17.0-lp151.2.15.1(x86_64)0:2.0.10+git0.ac198b92-lp151.2.9.1(i586|x86_64)0:6.1.2-lp151.4.3.1(x86_64)0:6.1.2-lp151.4.3.1(i586|x86_64)0:3.6.7-lp151.2.6.1(x86_64)0:3.6.7-lp151.2.6.1(i586|x86_64)0:3.4.1-lp151.2.3.2(x86_64)0:3.4.1-lp151.2.3.2(x86_64)0:3.2.5-lp151.2.12.1(aarch64|s390x|x86_64)0:0.24.0-lp151.3.3.2(noarch)0:0.24.0-lp151.3.3.2(x86_64)0:4.12.2_04-lp151.2.15.1(i586|x86_64)0:4.12.2_04-lp151.2.15.1(i586|x86_64)0:2.2.1-lp151.4.9.1(x86_64)0:2.2.1-lp151.4.9.1(aarch64|ppc64le|s390x|x86_64)0:3.0.31-lp151.2.6.1(noarch)0:3.0.31-lp151.2.6.1(x86_64)0:1.0.7-lp151.3.3.1(aarch64|ppc64le|s390x|x86_64)0:2.2.2-lp151.3.3.1(noarch)0:2.2.2-lp151.3.3.1(noarch)0:2.3.7-lp151.2.3.1(i586|x86_64)0:2.4.33-lp151.8.15.1(noarch)0:2.4.33-lp151.8.15.1(i586|x86_64)0:2.4.33-lp151.8.21.1(noarch)0:2.4.33-lp151.8.21.1(noarch)0:9.0.36-lp151.3.24.1(x86_64)0:0.9996-lp151.3.3.1(x86_64)0:2.3.11.3-lp151.2.15.1(x86_64)0:7.08-lp151.6.6.1(noarch)0:7.08-lp151.6.6.1(x86_64)0:2.1.29-lp151.3.11.1(i586|x86_64)0:2.4.46-lp151.10.9.1(x86_64)0:2.4.46-lp151.10.9.1(noarch)0:2.4.46-lp151.10.9.1(i586|x86_64)0:1.2-lp151.10.9.1(i586|x86_64)0:9.52-lp151.3.12.1(x86_64)0:0.2.8-lp151.3.3.1(noarch)0:20200107-lp151.2.15.1(x86_64)0:4.12.14-lp151.28.75.1(noarch)0:4.12.14-lp151.28.75.1(x86_64)0:68.8.0-lp151.2.45.1(x86_64)0:68.8.0-lp151.2.38.2(x86_64)0:68.9.0-lp151.2.41.1(x86_64)0:78.0.1-lp151.2.53.1(i586|x86_64)0:3.53.1-lp151.2.26.1(x86_64)0:3.53.1-lp151.2.26.1(x86_64)0:68.9.0-lp151.2.48.1(x86_64)0:68.10.0-lp151.2.44.2(x86_64)0:1.3.29-lp151.4.20.1(x86_64)0:2.3.10-lp151.2.12.1(x86_64)0:18.08.9-lp151.2.10.1(x86_64)0:1.3.0-lp151.3.3.1(x86_64)0:6.4.4.2-lp151.3.15.1(noarch)0:6.4.4.2-lp151.3.15.1(x86_64)0:6.4.5.2-lp151.3.18.1(noarch)0:6.4.5.2-lp151.3.18.1(x86_64)0:7.08-lp151.6.9.1(noarch)0:7.08-lp151.6.9.1(i586|x86_64)0:1.0.31-lp151.6.3.1(x86_64)0:1.0.31-lp151.6.3.1(i586|x86_64)0:3.1.8-lp151.3.12.1(x86_64)0:3.1.8-lp151.3.12.1(i586|x86_64)0:10.2.32-lp151.2.15.1(noarch)0:10.2.32-lp151.2.15.1(x86_64)0:1.2.13-lp151.2.12.1(x86_64)0:19.03.11_ce-lp151.2.18.1(noarch)0:19.03.11_ce-lp151.2.18.1(x86_64)0:0.7.0.1+gitr2902_153d0769a118-lp151.2.12.1(x86_64)0:1.0.0rc10+gitr3981_dc9208a3303f-lp151.3.21.1(x86_64)0:3.0.11.1-lp151.6.12.1(noarch)0:3.0.11.1-lp151.6.12.1(i586|x86_64)0:2.30.3-lp151.2.28.2(x86_64)0:2.30.3-lp151.2.28.2(noarch)0:2.30.3-lp151.2.28.2(x86_64)0:2.17.8-lp151.3.3.1(x86_64)0:3.103-lp151.3.3.1(i586|x86_64)0:2.28.3-lp151.2.21.1(x86_64)0:2.28.3-lp151.2.21.1(noarch)0:2.28.3-lp151.2.21.1(i586|x86_64)0:3.6.7-lp151.2.18.1(x86_64)0:3.6.7-lp151.2.18.1(i586|x86_64)0:1.5.3-lp151.6.6.1(i586|x86_64)0:62.2.0-lp151.6.6.1(x86_64)0:62.2.0-lp151.6.6.1(i586|x86_64)0:8.1.2-lp151.6.6.1(x86_64)0:8.1.2-lp151.6.6.1(x86_64)0:10.2.1+git583-lp151.2.2(i586|x86_64)0:7.5.0+r278197-lp151.2.15.1(x86_64)0:10.2.1+git583-lp151.2.1(noarch)0:10.2.1+git583-lp151.2.2(x86_64)0:7.5.0+r278197-lp151.2.15.1(noarch)0:7.5.0+r278197-lp151.2.15.1(x86_64)0:1.0-lp151.3.3.2(i586|x86_64)0:1.6.25-lp151.3.3.1(x86_64)0:1.6.25-lp151.3.3.1(noarch)0:2.1.49-lp151.2.10.1(noarch)0:9.0.36-lp151.3.27.1(noarch)0:9.0.36-lp151.3.33.1(aarch64|ppc64le|x86_64)0:2.12.1-lp151.2.3.4(x86_64)0:1.13.14-lp151.5.1(x86_64)0:1.14.7-lp151.13.1(x86_64)0:4.12-lp151.2.21.1(x86_64)0:1.10.1-lp151.2.3.1(noarch)0:1.10.1-lp151.2.3.1(x86_64)0:20201120-lp151.2.3.1(noarch)0:20201120-lp151.2.3.1(i586|x86_64)0:7.9p1-lp151.4.18.1(x86_64)0:7.9p1-lp151.4.18.1(aarch64|ppc64le|s390x|x86_64)0:4.0.14-lp151.2.6.1(x86_64)0:2.12-lp151.2.6.1(aarch64|ppc64le|s390x|x86_64)0:4.1.12-lp151.3.9.1(i586|x86_64)0:4.9.5+git.383.7b7f8f14df8-lp151.2.36.1(x86_64)0:4.9.5+git.383.7b7f8f14df8-lp151.2.36.1(noarch)0:4.9.5+git.383.7b7f8f14df8-lp151.2.36.1(i586|x86_64)0:6.9-lp151.4.7.1(i586|x86_64)0:1.6.5-lp151.4.6.1(x86_64)0:1.6.5-lp151.4.6.1(noarch)0:1.6.5-lp151.4.6.1(i586|x86_64)0:1.13-lp151.4.3.1(x86_64)0:1.13-lp151.4.3.1(noarch)0:1.13-lp151.4.3.1(i586|x86_64)0:1.20.3-lp151.4.3.1(x86_64)0:12.4-lp151.6.1(i586|x86_64)0:10.14-lp151.2.18.1(noarch)0:10.14-lp151.2.18.1(noarch)0:12.4-lp151.6.1(i586|x86_64)0:1.20.3-lp151.4.9.1(i586|x86_64)0:1.20.3-lp151.4.6.1(i586|x86_64)0:1.6.5-lp151.4.9.1(x86_64)0:1.6.5-lp151.4.9.1(noarch)0:1.6.5-lp151.4.9.1(x86_64)0:2.1.1-lp151.3.25.1(noarch)0:2.1.1-lp151.3.25.1(x86_64)0:18.11.9-lp151.3.8.1(noarch)0:18.11.9-lp151.3.8.1(x86_64)0:18.11.9_k4.12.14_lp151.28.67-lp151.3.8.1(i586|x86_64)0:1.639-lp151.3.7.1(noarch)0:1.0.18-lp151.3.3.1(i586|x86_64)0:11.0.8.0-lp151.3.19.1(noarch)0:11.0.8.0-lp151.3.19.1(i586|x86_64)0:1.8.0.272-lp151.2.15.1(noarch)0:1.8.0.272-lp151.2.15.1(x86_64)0:6.0.24-lp151.2.18.1(noarch)0:6.0.24-lp151.2.18.1(x86_64)0:6.0.24_k4.12.14_lp151.28.67-lp151.2.18.1(i586|x86_64)0:4.9.5+git.373.26895a83dbf-lp151.2.33.1(x86_64)0:4.9.5+git.373.26895a83dbf-lp151.2.33.1(noarch)0:4.9.5+git.373.26895a83dbf-lp151.2.33.1(i586|x86_64)0:3.1.11-lp151.3.15.1(x86_64)0:3.1.11-lp151.3.15.1(i586|x86_64)0:10.2.36-lp151.2.18.1(noarch)0:10.2.36-lp151.2.18.1(i586|x86_64)0:11.0.9.0-lp151.3.22.1(noarch)0:11.0.9.0-lp151.3.22.1(x86_64)0:3.0.1-lp151.3.3.1(noarch)0:3.0.1-lp151.3.3.1(x86_64)0:4.13-lp151.2.24.1(i586|x86_64)0:8.17.0-lp151.2.21.1(noarch)0:8.17.0-lp151.2.21.1(x86_64)0:2.1.2-lp151.5.9.1(i586|x86_64)0:1.2.1-lp151.4.3.1(x86_64)0:1.2.1-lp151.4.3.1(x86_64)0:4.2.3-lp151.5.6.1(x86_64)0:3.6.4-lp151.2.12.1(i586|x86_64)0:2.2.1-lp151.4.12.1(x86_64)0:2.2.1-lp151.4.12.1(x86_64)0:7.0.3-lp151.4.6.1(i586|x86_64)0:0.18.9-lp151.4.3.1(x86_64)0:78.1.0-lp151.2.61.1(x86_64)0:68.11.0-lp151.2.47.1(x86_64)0:78.2.0-lp151.2.65.1(x86_64)0:68.12.0-lp151.2.50.1(x86_64)0:78.3.0-lp151.2.69.1(x86_64)0:78.4.0-lp151.2.53.1(i586|x86_64)0:4.25.1-lp151.2.13.1(x86_64)0:4.25.1-lp151.2.13.1(x86_64)0:78.4.0-lp151.2.73.1(x86_64)0:78.7.0-lp151.2.69.1(i586|x86_64)0:2.02-lp151.21.27.1(noarch)0:2.02-lp151.21.27.1(x86_64)0:5.1.0-lp151.7.10.1(noarch)0:5.1.0-lp151.7.10.1(i586|x86_64)0:2.4.46-lp151.10.15.1(x86_64)0:2.4.46-lp151.10.15.1(noarch)0:2.4.46-lp151.10.15.1(i586|x86_64)0:1.2-lp151.10.15.1(i586|x86_64)0:9.52-lp151.3.15.1(aarch64|ppc64le|s390x|x86_64)0:3.17.8-lp151.2.6.1(noarch)0:3.17.8-lp151.2.6.1(x86_64)0:85.0.4183.102-lp151.2.133.1(x86_64)0:71.0.3770.228-lp151.2.30.1(x86_64)0:85.0.4183.121-lp151.2.136.1(x86_64)0:86.0.4240.75-lp151.2.144.1(x86_64)0:0.1807-lp151.2.6.1(x86_64)0:87.0.4280.141-lp151.2.165.1(x86_64)0:73.0.3856.344-lp151.2.42.1(x86_64)0:78.5.0-lp151.2.79.1(x86_64)0:78.5.0-lp151.2.59.1(x86_64)0:86.0.4240.111-lp151.2.147.1(i586|x86_64)0:2.10.1-lp151.4.6.1(x86_64)0:2.10.1-lp151.4.6.1(noarch)0:2.10.1-lp151.4.6.1(x86_64)0:72.0.3815.320-lp151.2.33.1(aarch64|x86_64)0:86.0.4240.183-lp151.2.150.1(aarch64|x86_64)0:86.0.4240.198-lp151.2.153.1(x86_64)0:72.0.3815.400-lp151.2.36.1(x86_64)0:87.0.4280.88-lp151.2.162.1(x86_64)0:73.0.3856.284-lp151.2.39.1(x86_64)0:78.6.0-lp151.2.82.1(x86_64)0:78.6.0-lp151.2.63.1(x86_64)0:78.6.1-lp151.2.85.1(x86_64)0:78.6.1-lp151.2.66.1(x86_64)0:88.0.4324.96-lp151.2.171.1(aarch64|ppc64le|s390x|x86_64)0:18.12.3-lp151.2.4.1(x86_64)0:2.5.5-lp151.3.3.1(noarch)0:2.5.5-lp151.3.3.1(x86_64)0:1.1.10-lp151.8.12.1(noarch)0:1.1.10-lp151.8.12.1(x86_64)0:3.26.2.1-lp151.16.10.1(noarch)0:3.26.2.1-lp151.16.10.1(i586|x86_64)0:2.2.1-lp151.4.15.1(x86_64)0:2.2.1-lp151.4.15.1(x86_64)0:1.13.15-lp151.8.1(x86_64)0:3000-lp151.5.30.1(noarch)0:3000-lp151.5.30.1(x86_64)0:14.2.5.382+g8881d33957-lp151.2.10.1(noarch)0:14.2.5.382+g8881d33957-lp151.2.10.1(i586|x86_64)0:234-lp151.26.13.1(x86_64)0:234-lp151.26.13.1(noarch)0:234-lp151.26.13.1(x86_64)0:10.12-lp151.2.9.1(x86_64)0:2.0.20-lp151.5.1(x86_64)0:1.1.2-lp151.8.1(noarch)0:20200727-lp151.2.10.1(x86_64)0:2.0.6-lp151.3.21.1(noarch)0:2.0.6-lp151.3.21.1(i586|x86_64)0:0.8.7-lp151.2.12.1(x86_64)0:0.8.7-lp151.2.12.1(i586|x86_64)0:5.1.2-lp151.2.13.1(aarch64|ppc64le|s390x|x86_64)0:4.1.8-lp151.2.9.1(x86_64)0:3.2.7-lp151.2.15.1(x86_64)0:5.9.7-lp151.4.6.1(noarch)0:5.9.7-lp151.4.6.1(i586|i686|x86_64)0:2.26-lp151.19.11.1(x86_64)0:2.26-lp151.19.11.1(i586|x86_64)0:2.26-lp151.19.11.1(noarch)0:2.26-lp151.19.11.1(noarch)0:9.0.36-lp151.3.39.1(x86_64)0:14.2.5.389+gb0f23ac248-lp151.2.13.1(noarch)0:14.2.5.389+gb0f23ac248-lp151.2.13.1(i586|x86_64)0:2.4.33-lp151.8.12.1(noarch)0:2.4.33-lp151.8.12.1(i586|x86_64)0:7.0.7.34-lp151.7.26.1(x86_64)0:7.0.7.34-lp151.7.26.1(noarch)0:7.0.7.34-lp151.7.26.1(i586|x86_64)0:1.43.1-lp151.5.13.1(noarch)0:1.43.1-lp151.5.13.1(x86_64)0:0.14.1-lp151.8.2(i586|x86_64)0:1.0.2p-lp151.5.20.1(x86_64)0:1.0.2p-lp151.5.20.1(i586|x86_64)0:1.1.0i-lp151.8.12.2(x86_64)0:1.1.0i-lp151.8.12.2(i586|x86_64)0:10.23.1-lp151.2.15.1(noarch)0:10.23.1-lp151.2.15.1(noarch)0:1.0.2p-lp151.5.20.1(noarch)0:1.1.0i-lp151.8.12.2(x86_64)0:3.1.1.1-lp151.7.15.2(noarch)0:1.0.0+-lp151.7.15.2(noarch)0:1.12.0-lp151.7.15.2(noarch)0:8-lp151.7.15.2(x86_64)0:0.4.5-lp151.2.9.1(noarch)0:2.7.4-lp151.6.8.1(x86_64)0:1.14.9-lp151.16.1(aarch64|ppc64le|s390x|x86_64)0:2.12.1-lp151.3.6.1(aarch64|ppc64le|s390x|x86_64)0:18.12.3-lp151.2.7.1(noarch)0:18.12.3-lp151.2.7.1(i586|x86_64)0:3.6.7-lp151.2.21.1(x86_64)0:3.6.7-lp151.2.21.1(i586|x86_64)0:2.9.7-lp151.5.15.1(x86_64)0:2.9.7-lp151.5.15.1(noarch)0:2.9.7-lp151.5.15.1(noarch)0:3.0.7-lp151.2.3.1(x86_64)0:3.6.3-lp151.2.9.1(i586|x86_64)0:0.4.15-lp151.4.3.1(x86_64)0:0.4.15-lp151.4.3.1(noarch)0:0.4.15-lp151.4.3.1(i586|x86_64)0:2.0.1+20190417.13d370ca9-lp151.2.16.4(noarch)0:2.0.1+20190417.13d370ca9-lp151.2.16.4(x86_64)0:14.2.13.450+g65ea1b614d-lp151.2.28.1(noarch)0:14.2.13.450+g65ea1b614d-lp151.2.28.1(x86_64)0:4.12.14-lp151.28.83.1(noarch)0:4.12.14-lp151.28.83.1(i586|x86_64)0:2.78-lp151.5.6.1(i586|x86_64)0:20170731-lp151.4.6.1(noarch)0:20170731-lp151.4.6.1(i586|x86_64)0:2.4.46-lp151.10.21.1(x86_64)0:2.4.46-lp151.10.21.1(noarch)0:2.4.46-lp151.10.21.1(i586|x86_64)0:1.2-lp151.10.21.1(x86_64)0:12.5-lp151.10.1(i586|x86_64)0:10.15-lp151.2.21.1(noarch)0:10.15-lp151.2.21.1(noarch)0:12.5-lp151.10.1(i586|x86_64)0:0.9.10-lp151.7.12.1(i586|x86_64)0:2.4.46-lp151.10.24.1(x86_64)0:2.4.46-lp151.10.24.1(noarch)0:2.4.46-lp151.10.24.1(i586|x86_64)0:1.2-lp151.10.24.1(i586|x86_64)0:11.0.6.0-lp151.3.12.1(noarch)0:11.0.6.0-lp151.3.12.1(i586|x86_64)0:1.8.0.242-lp151.2.9.1(noarch)0:1.8.0.242-lp151.2.9.1(i586|x86_64)0:2.7.17-lp151.10.25.1(x86_64)0:2.7.17-lp151.10.25.1(noarch)0:2.7.17-lp151.10.25.1(x86_64)0:1.9.0-lp151.4.9.1(noarch)0:1.9.0-lp151.4.9.1(noarch)0:1.24-lp151.2.9.1(x86_64)0:1.3.3-lp151.2.3.1(noarch)0:1.3.3-lp151.2.3.1(noarch)0:5.7.7-lp151.2.3.1(x86_64)0:3.2.8-lp151.2.18.1(x86_64)0:78.4.1-lp151.2.76.1(x86_64)0:78.4.2-lp151.2.56.1(x86_64)0:78.7.0-lp151.2.88.2(i586|x86_64)0:5.48-lp151.8.15.1(noarch)0:5.48-lp151.8.15.1(x86_64)0:5.48-lp151.8.15.1(x86_64)0:6.0.22-lp151.2.15.1(noarch)0:6.0.22-lp151.2.15.1(x86_64)0:6.0.22_k4.12.14_lp151.28.52-lp151.2.15.1(i586|x86_64)0:11.0.7.0-lp151.3.16.1(noarch)0:11.0.7.0-lp151.3.16.1(i586|x86_64)0:1.8.0.252-lp151.2.12.1(noarch)0:1.8.0.252-lp151.2.12.1(i586|x86_64)0:7.0.7.34-lp151.7.22.1(x86_64)0:7.0.7.34-lp151.7.22.1(noarch)0:7.0.7.34-lp151.7.22.1(x86_64)0:4.12.4_04-lp151.2.33.1(i586|x86_64)0:4.12.4_04-lp151.2.33.1(x86_64)0:4.12.3_10-lp151.2.27.1(i586|x86_64)0:4.12.3_10-lp151.2.27.1(x86_64)0:18.08.9-lp151.6.1(x86_64)0:14.2.16.402+g7d47dbaf4d-lp151.2.31.1(noarch)0:14.2.16.402+g7d47dbaf4d-lp151.2.31.1(x86_64)0:2.3.0-lp151.3.3.1(x86_64)0:0.18.0-lp151.3.6.1(i586|x86_64)0:1.16.3-lp151.2.15.1(x86_64)0:1.16.3-lp151.2.15.1(x86_64)0:1.14.12-lp151.22.1(x86_64)0:1.10.1-lp151.2.6.1(noarch)0:1.10.1-lp151.2.6.1(x86_64)0:1.53.3-lp151.3.6.1(noarch)0:1.53.3-lp151.3.6.1(aarch64|ppc64le|s390x|x86_64)0:1.20.1-lp151.3.3.1(x86_64)0:4.12.4_06-lp151.2.36.1(i586|x86_64)0:4.12.4_06-lp151.2.36.1(x86_64)0:2.4.0+git.1611141202.2fe6369e-lp151.2.21.1(noarch)0:4.2.0+git.1607075079.a25648d8-lp151.2.45.1(noarch)0:17.10.1-lp151.3.3.1(i586|x86_64)0:2.2.7-lp151.6.6.1(x86_64)0:2.2.7-lp151.6.6.1(i586|x86_64)0:2.28.2-lp151.2.18.1(x86_64)0:2.28.2-lp151.2.18.1(noarch)0:2.28.2-lp151.2.18.1(x86_64)0:0.9.6-lp151.4.6.1(x86_64)0:2.11-lp151.2.3.1(x86_64)0:1.8.18-lp151.4.3.1(noarch)0:1.8.18-lp151.4.3.1(x86_64)0:5.1.4-lp151.3.3.1(noarch)0:1.1.28-lp151.3.3.1(i586|x86_64)0:20170731-lp151.4.3.1(noarch)0:20170731-lp151.4.3.1(aarch64|ppc64le|s390x|x86_64)0:1.12.5-lp151.3.3.1(aarch64|x86_64)0:79.0.3945.130-lp151.2.60.4(x86_64)0:80.0.3987.122-lp151.2.66.1(x86_64)0:80.0.3987.132-lp151.2.69.1(x86_64)0:81.0.4044.92-lp151.2.77.1(x86_64)0:81.0.4044.113-lp151.2.80.1(x86_64)0:68.0.3618.63-lp151.2.15.1(x86_64)0:83.0.4103.97-lp151.2.96.1(x86_64)0:81.0.4044.138-lp151.2.88.1(x86_64)0:68.0.3618.104-lp151.2.18.1(x86_64)0:83.0.4103.106-lp151.2.101.1(x86_64)0:83.0.4103.116-lp151.2.106.1(x86_64)0:69.0.3686.49-lp151.2.21.1(x86_64)0:84.0.4147.89-lp151.2.109.1(x86_64)0:70.0.3728.71-lp151.2.24.1(x86_64)0:84.0.4147.105-lp151.2.112.1(x86_64)0:70.0.3728.133-lp151.2.27.1(x86_64)0:84.0.4147.125-lp151.2.115.1(x86_64)0:84.0.4147.135-lp151.2.120.1(x86_64)0:0.10-lp151.2.6.1(x86_64)0:68.5.0-lp151.2.25.1(x86_64)0:68.5.0-lp151.2.30.1(noarch)0:3.1.1-lp151.3.6.1(x86_64)0:68.6.1-lp151.2.39.1(x86_64)0:68.7.0-lp151.2.35.1(x86_64)0:68.7.0-lp151.2.42.1(noarch)0:3.5-lp151.5.3.1(x86_64)0:1.12.0-lp151.2.5.1(i586|x86_64)0:7.2.5-lp151.6.22.1(noarch)0:7.2.5-lp151.6.22.1(i586|x86_64)0:7.2.5-lp151.6.25.1(i586|x86_64)0:5.4.0-lp151.3.3.1(noarch)0:7.2.5-lp151.6.25.1(noarch)0:5.4.0-lp151.3.3.1(x86_64)0:7.2.5-lp151.6.32.1(noarch)0:7.2.5-lp151.6.32.1(x86_64)0:7.2.5-lp151.6.36.7(noarch)0:7.2.5-lp151.6.36.7(x86_64)0:7.2.5-lp151.6.39.1(noarch)0:7.2.5-lp151.6.39.1(noarch)0:1.2.12-lp151.3.9.1(aarch64|ppc64le|s390x|x86_64)0:1.2.12-lp151.3.9.1(x86_64)0:4.88-lp151.4.12.1(i586|x86_64)0:6.2.3-lp151.12.3.1(i586|x86_64)0:1.3.5-lp151.12.3.1(i586|x86_64)0:1.18-lp151.12.3.1(i586|x86_64)0:5.2.4-lp151.12.3.1(i586|x86_64)0:2.1.0beta2-lp151.12.3.1(noarch)0:2017.20170520.svn30357-lp151.12.3.1(i586|x86_64)0:2017.20170520-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn27321-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn12688-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn28038-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn44143-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn3006-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29036-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn43843-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn18790-lp151.12.3.1(noarch)0:2017.20170520.svn42679-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn16219-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn17794-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn15543-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25623-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn38300-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37223-lp151.12.3.1(noarch)0:2017.135.svn41616-lp151.8.6.1(noarch)0:2017.135.svn44385-lp151.8.6.1(noarch)0:2017.135.svn44515-lp151.8.6.1(noarch)0:2017.135.svn42330-lp151.8.6.1(noarch)0:2017.135.svn43356-lp151.8.6.1(noarch)0:2017.135.svn35830-lp151.8.6.1(noarch)0:2017.135.svn37105-lp151.8.6.1(noarch)0:2017.135.svn44177-lp151.8.6.1(noarch)0:2017.135.svn42992-lp151.8.6.1(noarch)0:2017.135.svn42268-lp151.8.6.1(noarch)0:2017.135.svn44496-lp151.8.6.1(noarch)0:2017.135.svn42675-lp151.8.6.1(noarch)0:2017.135.svn43009-lp151.8.6.1(noarch)0:2017.135.svn44401-lp151.8.6.1(noarch)0:2017.135.svn32550-lp151.8.6.1(noarch)0:2017.135.svn43650-lp151.8.6.1(noarch)0:2017.135.svn44414-lp151.8.6.1(noarch)0:2017.135.svn40375-lp151.8.6.1(noarch)0:2017.135.svn42045-lp151.8.6.1(noarch)0:2017.135.svn44192-lp151.8.6.1(noarch)0:2017.135.svn30372-lp151.8.6.1(noarch)0:2017.135.svn44554-lp151.8.6.1(noarch)0:2017.135.svn42106-lp151.8.6.1(noarch)0:2017.135.svn44371-lp151.8.6.1(noarch)0:2017.135.svn30962-lp151.8.6.1(noarch)0:2017.135.svn40587-lp151.8.6.1(noarch)0:2017.135.svn41614-lp151.8.6.1(noarch)0:2017.135.svn44544-lp151.8.6.1(noarch)0:2017.135.svn44500-lp151.8.6.1(noarch)0:2017.135.svn44396-lp151.8.6.1(noarch)0:2017.135.svn44297-lp151.8.6.1(noarch)0:2017.135.svn40561-lp151.8.6.1(noarch)0:2017.135.svn44395-lp151.8.6.1(noarch)0:2017.135.svn44460-lp151.8.6.1(noarch)0:2017.135.svn44485-lp151.8.6.1(noarch)0:2017.135.svn43059-lp151.8.6.1(i586|x86_64)0:2017.20170520.svn34112-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn30408-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn43866-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn33902-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn24061-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn23866-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29741-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn17399-lp151.12.3.1(noarch)0:2017.135-lp151.8.6.1(noarch)0:2017.20170520.svn37645-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn24759-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29031-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn8329-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn44515-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn40273-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn40987-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn21000-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29050-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn18336-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25860-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn14752-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn14758-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25997-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn13663-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn34971-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37813-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn32101-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn14050-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn30983-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn42296-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn42300-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn16420-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25012-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn32150-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn10937-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn27025-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn31696-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn26126-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn15093-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn41465-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29005-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn32346-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29053-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn34647-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn44549-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn43292-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37750-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn38769-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn23500-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn23661-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn23406-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn14428-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn8457-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn33688-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn18674-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn30534-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37026-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn10843-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37537-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn14387-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn17868-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn41779-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn40690-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25962-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn16181-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn39165-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29348-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn13364-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn22859-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn32405-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn7838-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29333-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn44206-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn29335-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn34996-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn31638-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn32919-lp151.12.3.1(noarch)0:2017.135.svn25923-lp151.8.6.1(noarch)0:2017.135.svn35799-lp151.8.6.1(noarch)0:2017.135.svn41515-lp151.8.6.1(noarch)0:2017.135.svn13822-lp151.8.6.1(noarch)0:2017.135.svn41825-lp151.8.6.1(noarch)0:2017.135.svn44187-lp151.8.6.1(i586|x86_64)0:2017.20170520.svn29688-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn38710-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn21215-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn43957-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn37771-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn13013-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn21802-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn15506-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn12782-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn33155-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn24062-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn43596-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn6898-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn25648-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn26326-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn23262-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn6897-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn44361-lp151.12.3.1(i586|x86_64)0:2017.20170520.svn34398-lp151.12.3.1(noarch)0:9.0.35-lp151.3.21.1(i586|x86_64)0:2.4.46-lp151.10.12.1(x86_64)0:2.4.46-lp151.10.12.1(noarch)0:2.4.46-lp151.10.12.1(i586|x86_64)0:1.2-lp151.10.12.1(x86_64)0:7.0.3-lp151.4.9.1(x86_64)0:7.0.2-lp151.4.3.1(x86_64)0:2.5.4-lp151.3.6.1(i586|x86_64)0:2.4.46-lp151.10.18.1(x86_64)0:2.4.46-lp151.10.18.1(noarch)0:2.4.46-lp151.10.18.1(i586|x86_64)0:1.2-lp151.10.18.1(x86_64)0:4.9.2-lp151.4.9.1(noarch)0:20.0.0-lp151.2.9.1(x86_64)0:5.1.4-lp151.4.3.1(i586|x86_64)0:7.60.0-lp151.5.12.1(x86_64)0:7.60.0-lp151.5.12.1(i586|x86_64)0:7.60.0-lp151.5.15.1(x86_64)0:7.60.0-lp151.5.15.1(i586|x86_64)0:1.17.0-lp151.3.6.1(x86_64)0:1.17.0-lp151.3.6.1(i586|x86_64)0:7.60.0-lp151.5.18.1(x86_64)0:7.60.0-lp151.5.18.1(x86_64)0:4.10-lp151.2.14.1(i586|x86_64)0:2.4.7-lp151.5.3.1(noarch)0:2.4.7-lp151.5.3.1(x86_64)0:19.4-lp151.2.15.1(x86_64)0:20201118-lp151.2.33.1(noarch)0:20190801-lp151.2.25.1(i586|x86_64)0:20190801-lp151.2.25.1(x86_64)0:20190801-lp151.2.25.1(aarch64|ppc64le|s390x|x86_64)0:2.1-lp151.3.3.1(noarch)0:2.1-lp151.3.3.1(aarch64|ppc64le|s390x|x86_64)0:1.3.6c-lp151.3.9.1(noarch)0:1.3.6c-lp151.3.9.1(noarch)0:9.0.35-lp151.3.18.1(i586|x86_64)0:2.28.4-lp151.2.24.3(x86_64)0:2.28.4-lp151.2.24.3(noarch)0:2.28.4-lp151.2.24.3(i586|x86_64)0:1.8.22-lp151.5.12.1(x86_64)0:1.14.14-lp151.28.1(x86_64)0:1.4.0-lp151.3.9.1(x86_64)0:1.10.1-lp151.2.15.1(noarch)0:1.10.1-lp151.2.15.1