Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports
(Opensuse)| Repositories | https://github.com/rdesktop/rdesktop |
| #Vulnerabilities | 96 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-04 | CVE-2019-15613 | A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. | Nextcloud_server, Backports | 8.0 | ||
| 2020-07-17 | CVE-2020-15803 | Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | Debian_linux, Fedora, Backports, Leap, Zabbix | 6.1 | ||
| 2019-03-15 | CVE-2018-20177 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. | Debian_linux, Backports, Leap, Rdesktop | 9.8 | ||
| 2019-07-30 | CVE-2019-5460 | Double Free in VLC versions <= 3.0.6 leads to a crash. | Backports, Leap, Vlc_media_player | 5.5 | ||
| 2019-08-02 | CVE-2019-14524 | An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. | Backports, Leap, Schism_tracker | 7.8 | ||
| 2019-05-14 | CVE-2019-11328 | An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host. | Fedora, Backports, Leap, Singularity | 8.8 | ||
| 2019-07-30 | CVE-2019-10163 | A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. | Backports, Leap, Authoritative | 4.3 | ||
| 2020-06-22 | CVE-2020-14983 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. | Chocolate_doom, Crispy_doom, Backports, Leap | 9.8 | ||
| 2020-01-23 | CVE-2019-18899 | The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1. | Apt\-Cacher\-Ng, Backports | 5.5 | ||
| 2019-12-24 | CVE-2019-19950 | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | Debian_linux, Graphicsmagick, Backports, Leap | 9.8 |