Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13303 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
CVE-2019-13302 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
CVE-2019-13301 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jul 5, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
CVE-2019-13300 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
CVE-2019-13299 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
CVE-2019-13298 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
CVE-2019-13297 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
CVE-2019-13296 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 5, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
CVE-2019-13295 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jul 5, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CVE-2019-5052 4Canonical DebianLibsdl+1 more 5Backports Sle Debian LinuxLeap+2 more Nov 21, 2024 Jul 3, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to...Show more An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.Show less
CVE-2019-5051 4Canonical DebianLibsdl+1 more 5Backports Sle Debian LinuxLeap+2 more Nov 21, 2024 Jul 3, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can pro...Show more An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.Show less
CVE-2019-13164 4Canonical DebianOpensuse+1 more 4Debian Linux LeapQemu+1 more Nov 21, 2024 Jul 3, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
CVE-2019-13134 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 1, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
CVE-2019-13133 2Imagemagick Opensuse 2Imagemagick Leap Nov 21, 2024 Jul 1, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
CVE-2019-13118 7Apple CanonicalFedoraproject+4 more 25Active Iq Unified Manager Cloud BackupClustered Data Ontap+22 more May 28, 2026 Jul 1, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of...Show more In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.Show less
CVE-2019-13117 6Canonical DebianFedoraproject+3 more 6Debian Linux FedoraLeap+3 more May 28, 2026 Jul 1, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains...Show more In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.Show less
CVE-2019-13050 5F5 FedoraprojectGnupg+2 more 5Fedora GnupgLeap+2 more Nov 21, 2024 Jun 29, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver networ...Show more Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.Show less
CVE-2019-5840 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-5839 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
CVE-2019-5838 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome...Show more Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.Show less

Previous 1...535455...95 Next