#Vulnerabilities 96
Date Id Summary Products Score Patch Annotated
2020-02-04 CVE-2019-15613 A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. Nextcloud_server, Backports 8.0
2020-07-17 CVE-2020-15803 Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. Debian_linux, Fedora, Backports, Leap, Zabbix 6.1
2019-03-15 CVE-2018-20177 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. Debian_linux, Backports, Leap, Rdesktop 9.8
2019-07-30 CVE-2019-5460 Double Free in VLC versions <= 3.0.6 leads to a crash. Backports, Leap, Vlc_media_player 5.5
2019-08-02 CVE-2019-14524 An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. Backports, Leap, Schism_tracker 7.8
2019-05-14 CVE-2019-11328 An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host. Fedora, Backports, Leap, Singularity 8.8
2019-07-30 CVE-2019-10163 A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. Backports, Leap, Authoritative 4.3
2020-06-22 CVE-2020-14983 The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. Chocolate_doom, Crispy_doom, Backports, Leap 9.8
2020-01-23 CVE-2019-18899 The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1. Apt\-Cacher\-Ng, Backports 5.5
2019-12-24 CVE-2019-19950 In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. Debian_linux, Graphicsmagick, Backports, Leap 9.8