Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-13962 4Fedoraproject MumbleOpensuse+1 more 4Fedora LeapMumble+1 more Nov 21, 2024 Jun 9, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS s...Show more Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)Show less
CVE-2020-13844 2Arm Opensuse 8Cortex A32 Firmware Cortex A34 FirmwareCortex A35 Firmware+5 more Nov 21, 2024 Jun 8, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analys...Show more Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."Show less
CVE-2020-13696 5Canonical DebianFedoraproject+2 more 6Backports Sle Debian LinuxFedora+3 more Nov 21, 2024 Jun 8, 2020 N/A· v4 4.4 MEDIUM· v3 3.6 LOW· v2 An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. T...Show more An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.Show less
CVE-2020-12803 3Fedoraproject LibreofficeOpensuse 3Fedora LeapLibreoffice Nov 21, 2024 Jun 8, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements...Show more ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.Show less
CVE-2020-12802 3Fedoraproject LibreofficeOpensuse 3Fedora LeapLibreoffice Nov 21, 2024 Jun 8, 2020 N/A· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreO...Show more LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.Show less
CVE-2020-12723 5Fedoraproject NetappOpensuse+2 more 16Communications Billing And Revenue Management Communications Diameter Signaling RouterCommunications Eagle Application Processor+13 more Nov 21, 2024 Jun 5, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
CVE-2020-10878 5Fedoraproject NetappOpensuse+2 more 17Communications Billing And Revenue Management Communications Diameter Signaling RouterCommunications Eagle Application Processor+14 more Nov 21, 2024 Jun 5, 2020 N/A· v4 8.6 HIGH· v3 7.5 HIGH· v2 Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-10543 4Fedoraproject OpensuseOracle+1 more 15Communications Billing And Revenue Management Communications Diameter Signaling RouterCommunications Eagle Application Processor+12 more Nov 21, 2024 Jun 5, 2020 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVE-2020-13800 3Canonical OpensuseQemu 3Leap QemuUbuntu Linux Nov 21, 2024 Jun 4, 2020 N/A· v4 6.0 MEDIUM· v3 4.9 MEDIUM· v2 ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
CVE-2020-13817 4Fujitsu NetappNtp+1 more 25Cloud Backup Clustered Data OntapData Ontap+22 more May 5, 2025 Jun 4, 2020 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must...Show more ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.Show less
CVE-2020-6496 3Debian GoogleOpensuse 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Jun 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-6495 3Debian GoogleOpensuse 4Backports ChromeDebian Linux+1 more Nov 21, 2024 Jun 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Ch...Show more Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.Show less
CVE-2020-6494 3Debian GoogleOpensuse 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Jun 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6493 3Debian GoogleOpensuse 4Backports ChromeDebian Linux+1 more Nov 21, 2024 Jun 3, 2020 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-11080 6Debian FedoraprojectNghttp2+3 more 10Banking Extensibility Workbench Blockchain PlatformDebian Linux+7 more Nov 21, 2024 Jun 3, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 byt...Show more In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection.Show less
CVE-2020-13379 4Fedoraproject GrafanaNetapp+1 more 5Backports Sle E Series Performance AnalyzerFedora+2 more Nov 21, 2024 Jun 3, 2020 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result...Show more The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.Show less
CVE-2019-20810 3Canonical LinuxOpensuse 3Leap Linux KernelUbuntu Linux Nov 21, 2024 Jun 3, 2020 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
CVE-2020-13659 4Canonical DebianOpensuse+1 more 4Debian Linux LeapQemu+1 more Nov 21, 2024 Jun 2, 2020 N/A· v4 2.5 LOW· v3 1.9 LOW· v2 address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
CVE-2020-12867 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Jun 1, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
CVE-2020-11089 3Debian FreerdpOpensuse 3Debian Linux FreerdpLeap Nov 21, 2024 May 29, 2020 N/A· v4 5.5 MEDIUM· v3 6.0 MEDIUM· v2 In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_writ...Show more In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.Show less

Previous 1...171819...95 Next