Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports_sle
(Opensuse)| Repositories |
• https://github.com/opencontainers/runc
• https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 326 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-04 | CVE-2020-12641 | rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. | Backports_sle, Leap, Webmail | 9.8 | ||
| 2020-11-03 | CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Freetype, Chrome, Ontap_select_deploy_administration_utility, Backports_sle | 9.6 | ||
| 2020-11-03 | CVE-2020-16009 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Cefsharp, Debian_linux, Fedora, Chrome, Edge, Edge_chromium, Backports_sle, Leap | 8.8 | ||
| 2020-01-08 | CVE-2020-6609 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | Libredwg, Backports_sle, Leap | 8.8 | ||
| 2020-01-08 | CVE-2020-6611 | GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | Libredwg, Backports_sle, Leap | 6.5 | ||
| 2020-01-08 | CVE-2020-6612 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | Libredwg, Backports_sle, Leap | 8.1 | ||
| 2020-01-08 | CVE-2020-6613 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | Libredwg, Backports_sle, Leap | 8.1 | ||
| 2020-01-08 | CVE-2020-6614 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | Libredwg, Backports_sle, Leap | 8.1 | ||
| 2020-01-08 | CVE-2020-6615 | GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | Libredwg, Backports_sle, Leap | 6.5 | ||
| 2020-01-10 | CVE-2020-1765 | An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions. | Debian_linux, Backports_sle, Leap, Otrs | 5.3 |