Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-6954 3Canonical OpensuseSystemd Project 3Leap SystemdUbuntu Linux Jun 9, 2025 Feb 13, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a fil...Show more systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.Show less
CVE-2017-18078 3Debian OpensuseSystemd Project 3Debian Linux LeapSystemd Nov 21, 2024 Jan 29, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access rest...Show more systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.Show less
CVE-2015-1290 3Google OpensuseQt 3Chrome LeapQt Nov 21, 2024 Jan 9, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted...Show more The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.Show less
CVE-2017-5753 13Arm CanonicalDebian+10 more 308Atom C Atom EAtom X3+305 more May 28, 2026 Jan 4, 2018 N/A· v4 5.6 MEDIUM· v3 4.7 MEDIUM· v2 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-18017 9Arista CanonicalDebian+6 more 29Arx Caas PlatformCloud Magnum Orchestration+26 more Jan 3, 2025 Jan 3, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or poss...Show more The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.Show less
CVE-2017-17806 6Canonical DebianLinux+3 more 8Debian Linux LeapLeap+5 more May 13, 2026 Dec 20, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interfa...Show more The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.Show less
CVE-2017-17805 6Canonical DebianLinux+3 more 8Debian Linux LeapLeap+5 more May 13, 2026 Dec 20, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER)...Show more The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.Show less
CVE-2017-17740 4Mcafee OpenldapOpensuse+1 more 4Blockchain Platform LeapOpenldap+1 more May 13, 2026 Dec 18, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to ca...Show more contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.Show less
CVE-2016-1254 5Debian FedoraprojectOpensuse+2 more 6Debian Linux FedoraLeap+3 more May 13, 2026 Dec 5, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
CVE-2017-13088 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attac...Show more Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.Show less
CVE-2017-13087 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within...Show more Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.Show less
CVE-2017-13086 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2017-13084 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof fra...Show more Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-13082 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within ra...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-13081 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames fr...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.Show less
CVE-2017-13080 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13079 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames fro...Show more Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.Show less
CVE-2017-13078 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 5.3 MEDIUM· v3 2.9 LOW· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13077 7Canonical DebianFreebsd+4 more 12Debian Linux Enterprise Linux DesktopEnterprise Linux Server+9 more May 13, 2026 Oct 17, 2017 N/A· v4 6.8 MEDIUM· v3 5.4 MEDIUM· v2 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...Show more Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.Show less
CVE-2017-14491 12Arista ArubanetworksCanonical+9 more 21Arubaos Debian LinuxDiskstation Manager+18 more May 13, 2026 Oct 4, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

Previous 1...727374...95 Next