Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-16846 4Canonical DebianOpensuse+1 more 6Ceph Ceph StorageDebian Linux+3 more Nov 21, 2024 Jan 15, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
CVE-2019-3811 4Debian FedoraprojectOpensuse+1 more 5Debian Linux Enterprise LinuxFedora+2 more Nov 21, 2024 Jan 15, 2019 N/A· v4 5.2 MEDIUM· v3 2.7 LOW· v2 A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that res...Show more A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.Show less
CVE-2019-6251 6Canonical FedoraprojectGnome+3 more 6Epiphany FedoraLeap+3 more Nov 21, 2024 Jan 14, 2019 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is...Show more WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.Show less
CVE-2019-6128 4Canonical DebianLibtiff+1 more 4Debian Linux LeapLibtiff+1 more Nov 21, 2024 Jan 11, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
CVE-2018-20549 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Dec 28, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
CVE-2018-20548 4Canonical FedoraprojectLibcaca Project+1 more 4Fedora LeapLibcaca+1 more Nov 21, 2024 Dec 28, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.
CVE-2018-20547 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Dec 28, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
CVE-2018-20546 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Dec 28, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
CVE-2018-20545 4Canonical FedoraprojectLibcaca Project+1 more 4Fedora LeapLibcaca+1 more Nov 21, 2024 Dec 28, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
CVE-2018-19873 4Canonical DebianOpensuse+1 more 5Backports Debian LinuxLeap+2 more Feb 11, 2025 Dec 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
CVE-2018-19871 2Opensuse Qt 2Leap Qt Nov 21, 2024 Dec 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
CVE-2018-19870 3Debian OpensuseQt 3Debian Linux LeapQt Nov 21, 2024 Dec 26, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
CVE-2018-19869 2Opensuse Qt 2Leap Qt Nov 21, 2024 Dec 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
CVE-2018-15518 3Debian OpensuseQt 3Debian Linux LeapQt Nov 21, 2024 Dec 26, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
CVE-2018-20482 3Debian GnuOpensuse 3Debian Linux LeapTar Nov 21, 2024 Dec 26, 2018 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file...Show more GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).Show less
CVE-2018-20467 4Canonical DebianImagemagick+1 more 4Debian Linux ImagemagickLeap+1 more Nov 21, 2024 Dec 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service...Show more In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.Show less
CVE-2018-20346 5Debian GoogleOpensuse+2 more 5Chrome Debian LinuxLeap+2 more Nov 21, 2024 Dec 21, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers...Show more SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.Show less
CVE-2018-20126 3Canonical OpensuseQemu 3Leap QemuUbuntu Linux Nov 21, 2024 Dec 20, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
CVE-2018-1000880 4Canonical FedoraprojectLibarchive+1 more 4Fedora LeapLibarchive+1 more Nov 21, 2024 Dec 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc....Show more libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.Show less
CVE-2018-1000879 3Fedoraproject LibarchiveOpensuse 3Fedora LeapLibarchive Nov 21, 2024 Dec 20, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_te...Show more libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file.Show less

Previous 1...676869...95 Next