Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-6613 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Jan 8, 2020 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVE-2020-6612 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Jan 8, 2020 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVE-2020-6611 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Jan 8, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVE-2020-6610 2Gnu Opensuse 3Backports LeapLibredwg Nov 21, 2024 Jan 8, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
CVE-2020-6609 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVE-2019-11745 6Canonical DebianMozilla+3 more 15Debian Linux Enterprise Linux Server AusFirefox+12 more Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploi...Show more When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.Show less
CVE-2019-20367 4Canonical DebianFreedesktop+1 more 4Debian Linux LeapLibbsd+1 more Nov 21, 2024 Jan 8, 2020 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
CVE-2019-5188 6Canonical DebianE2fsprogs Project+3 more 7Debian Linux E2fsprogsFedora+4 more Nov 21, 2024 Jan 8, 2020 N/A· v4 6.7 MEDIUM· v3 4.4 MEDIUM· v2 A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An...Show more A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.Show less
CVE-2019-18179 3Debian OpensuseOtrs 4Backports Sle Debian LinuxLeap+1 more Nov 21, 2024 Jan 6, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tick...Show more An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.Show less
CVE-2019-5846 2Google Opensuse 3Backports Sle ChromeLeap Nov 21, 2024 Jan 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5845 2Google Opensuse 3Backports Sle ChromeLeap Nov 21, 2024 Jan 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5844 2Google Opensuse 3Backports Sle ChromeLeap Nov 21, 2024 Jan 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-5496 2Fontforge Opensuse 2Fontforge Leap Nov 21, 2024 Jan 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.
CVE-2020-5395 3Fedoraproject FontforgeOpensuse 3Fedora FontforgeLeap Nov 21, 2024 Jan 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
CVE-2019-14864 3Debian OpensuseRedhat 8Ansible Ansible TowerBackports Sle+5 more Nov 21, 2024 Jan 2, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results e...Show more Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.Show less
CVE-2019-19927 2Linux Opensuse 2Leap Linux Kernel Nov 21, 2024 Dec 31, 2019 N/A· v4 6.0 MEDIUM· v3 3.6 LOW· v2 In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages...Show more In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.Show less
CVE-2019-20095 3Linux NetappOpensuse 148300 Firmware 8700 FirmwareA400 Firmware+11 more Nov 21, 2024 Dec 30, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory...Show more mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.Show less
CVE-2019-20053 2Opensuse Upx 3Backports LeapUpx Apr 11, 2025 Dec 27, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
CVE-2019-20015 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Dec 27, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
CVE-2019-20014 2Gnu Opensuse 3Backports Sle LeapLibredwg Nov 21, 2024 Dec 27, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.

Previous 1...343536...95 Next