Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-3858 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2019-3855 8Apple DebianFedoraproject+5 more 14Debian Linux Enterprise LinuxEnterprise Linux Desktop+11 more Nov 21, 2024 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execut...Show more An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.Show less
CVE-2019-9898 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
CVE-2019-9897 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
CVE-2019-9896 2Opensuse Putty 3Backports Sle LeapPutty Nov 21, 2024 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.
CVE-2019-9894 5Debian FedoraprojectNetapp+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
CVE-2019-8934 2Opensuse Qemu 2Leap Qemu Nov 21, 2024 Mar 21, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
CVE-2019-7222 7Canonical DebianFedoraproject+4 more 18Active Iq Performance Analytics Services Debian LinuxElement Software Management Node+15 more Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2019-7221 7Canonical DebianFedoraproject+4 more 15Active Iq Performance Analytics Services Debian LinuxElement Software Management Node+12 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-6778 4Canonical FedoraprojectOpensuse+1 more 4Fedora LeapQemu+1 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVE-2019-6690 5Canonical DebianOpensuse+2 more 5Backports Debian LinuxLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should...Show more python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component.Show less
CVE-2019-6454 8Canonical DebianFedoraproject+5 more 22Active Iq Performance Analytics Services Debian LinuxEnterprise Linux+19 more Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An un...Show more An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).Show less
CVE-2019-6116 6Artifex CanonicalDebian+3 more 11Debian Linux Enterprise Linux DesktopEnterprise Linux Server+8 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
CVE-2019-3862 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be ab...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2019-3859 5Debian FedoraprojectLibssh2+2 more 5Debian Linux FedoraLeap+2 more Dec 18, 2025 Mar 21, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Ser...Show more An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.Show less
CVE-2018-20615 4Canonical HaproxyOpensuse+1 more 5Enterprise Linux HaproxyLeap+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra byte...Show more An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.Show less
CVE-2018-19872 3Fedoraproject OpensuseQt 3Fedora LeapQt Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
CVE-2018-18849 4Canonical FedoraprojectOpensuse+1 more 4Fedora LeapQemu+1 more Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
CVE-2017-16232 3Libtiff OpensuseSuse 5Leap LibtiffLinux Enterprise Desktop+2 more Nov 21, 2024 Mar 21, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to...Show more LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issueShow less
CVE-2018-20177 3Debian OpensuseRdesktop 4Backports Debian LinuxLeap+1 more Nov 21, 2024 Mar 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code executi...Show more rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.Show less

Previous 1...626364...95 Next