Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-5814 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5813 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5811 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-5810 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-5809 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
CVE-2019-5808 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5807 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5806 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5805 4Debian FedoraprojectGoogle+1 more 5Backports ChromeDebian Linux+2 more Nov 21, 2024 Jun 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-12979 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jun 26, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
CVE-2019-12976 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jun 26, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
CVE-2019-12975 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Jun 26, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
CVE-2019-12973 4Debian OpensuseOracle+1 more 5Database Server Debian LinuxLeap+2 more Nov 21, 2024 Jun 26, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is s...Show more In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.Show less
CVE-2019-10164 4Fedoraproject OpensusePostgresql+1 more 4Enterprise Linux FedoraLeap+1 more Nov 21, 2024 Jun 26, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpos...Show more PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.Show less
CVE-2019-12972 3Canonical GnuOpensuse 3Binutils LeapUbuntu Linux Nov 21, 2024 Jun 26, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mish...Show more An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.Show less
CVE-2019-9836 2Amd Opensuse 2Leap Secure Encrypted Virtualization Firmware Nov 21, 2024 Jun 25, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.
CVE-2019-12817 6Canonical DebianFedoraproject+3 more 9Debian Linux Enterprise LinuxEnterprise Linux Eus+6 more Nov 21, 2024 Jun 25, 2019 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap abov...Show more arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.Show less
CVE-2018-20843 7Canonical DebianFedoraproject+4 more 9Debian Linux FedoraHospitality Res 3700+6 more May 30, 2025 Jun 24, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for de...Show more In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).Show less
CVE-2019-12904 2Gnupg Opensuse 2Leap Libgcrypt Nov 21, 2024 Jun 20, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an ass...Show more In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because there is no description of an attackShow less
CVE-2019-12900 6Bzip CanonicalDebian+3 more 6Bzip2 Debian LinuxFreebsd+3 more Jun 9, 2025 Jun 19, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Previous 1...555657...95 Next