Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports
(Opensuse)| Repositories | https://github.com/rdesktop/rdesktop |
| #Vulnerabilities | 97 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-25 | CVE-2019-13713 | Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Chrome, Backports | 6.5 | ||
| 2019-11-25 | CVE-2019-13723 | Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | Fedora, Chrome, Backports, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
| 2019-12-10 | CVE-2019-13730 | Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Suse_package_hub_for_suse_linux_enterprise, Backports, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
| 2020-02-04 | CVE-2019-15613 | A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. | Nextcloud_server, Backports | 8.0 | ||
| 2019-03-15 | CVE-2018-20177 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. | Debian_linux, Backports, Leap, Rdesktop | 9.8 | ||
| 2019-07-30 | CVE-2019-5460 | Double Free in VLC versions <= 3.0.6 leads to a crash. | Backports, Leap, Vlc_media_player | 5.5 | ||
| 2019-08-02 | CVE-2019-14524 | An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. | Backports, Leap, Schism_tracker | 7.8 | ||
| 2019-07-30 | CVE-2019-10163 | A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. | Backports, Leap, Authoritative | 4.3 | ||
| 2020-01-23 | CVE-2019-18899 | The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1. | Apt\-Cacher\-Ng, Backports | 5.5 | ||
| 2019-12-24 | CVE-2019-19950 | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | Debian_linux, Graphicsmagick, Backports, Leap | 9.8 |