Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports
(Opensuse)| Repositories | https://github.com/rdesktop/rdesktop |
| #Vulnerabilities | 97 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-13 | CVE-2020-6455 | Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6456 | Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. | Debian_linux, Fedora, Chrome, Backports, Leap | 6.5 | ||
| 2020-06-03 | CVE-2020-6493 | Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | Debian_linux, Chrome, Backports, Leap | 9.6 | ||
| 2020-06-03 | CVE-2020-6495 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | Debian_linux, Chrome, Backports, Leap | 6.5 | ||
| 2020-06-22 | CVE-2020-14983 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. | Chocolate_doom, Crispy_doom, Backports, Leap | 9.8 | ||
| 2020-07-17 | CVE-2020-15803 | Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | Debian_linux, Fedora, Backports, Leap, Zabbix | 6.1 | ||
| 2022-01-06 | CVE-2021-46141 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
| 2022-01-06 | CVE-2021-46142 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
| 2022-02-19 | CVE-2021-45082 | An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) | Cobbler, Fedora, Backports, Factory, Linux_enterprise_server | 7.8 | ||
| 2019-05-07 | CVE-2019-7443 | KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. | Fedora, Kauth, Backports, Leap | 8.1 |