Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-09 | CVE-2021-26675 | A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. | Debian_linux, Connman, Leap | 8.8 | ||
| 2019-02-04 | CVE-2019-7317 | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | Ubuntu_linux, Debian_linux, Xp7_command_view, Xp7_command_view_advanced_edition_suite, Libpng, Firefox_esr, Thunderbird, Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_management, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Snapmanager, Steelstore, Leap, Package_hub, Hyperion_infrastructure_technology, Java_se, Jdk, Mysql, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_scientific_computing, Enterprise_linux_workstation, Satellite | 5.3 | ||
| 2020-08-03 | CVE-2020-16116 | In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | Debian_linux, Fedora, Ark, Leap | 3.3 | ||
| 2020-09-02 | CVE-2020-24654 | In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | Ubuntu_linux, Debian_linux, Fedora, Ark, Leap | 3.3 | ||
| 2015-11-13 | CVE-2015-8126 | Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Libpng, Leap, Opensuse, Jdk, Jre, Linux, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2019-01-16 | CVE-2019-2422 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of... | Ubuntu_linux, Debian_linux, Oncommand_unified_manager, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite | 3.1 | ||
| 2019-04-23 | CVE-2019-2602 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of... | Leap, Jdk, Jre, Openshift_container_platform | 7.5 | ||
| 2019-04-23 | CVE-2019-2684 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE,... | Leap, Jdk, Jre, Openshift_container_platform | 5.9 | ||
| 2020-04-15 | CVE-2020-2756 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE,... | Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, Active_iq_unified_manager, E\-Series_santricity_os_controller, Snapmanager, Storagegrid, Leap, Jdk, Jre, Openjdk | 3.7 | ||
| 2020-04-15 | CVE-2020-2757 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE,... | Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, Active_iq_unified_manager, E\-Series_santricity_os_controller, Snapmanager, Storagegrid, Leap, Jdk, Jre, Openjdk | 3.7 |