Leap
(Opensuse)| Date | ID | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2020-06-18 | CVE-2020-14422 | Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. | Fedora, Leap, Python | N/A | |
| 2020-08-07 | CVE-2020-8026 | A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions. | Leap, Tumbleweed | N/A | |
| 2020-08-06 | CVE-2020-16845 | Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. | Go, Leap | N/A | |
| 2020-06-22 | CVE-2020-4032 | In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. | Fedora, Freerdp, Leap | N/A | |
| 2020-06-17 | CVE-2020-14402 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | Debian_linux, Libvncserver, Leap | N/A | |
| 2020-07-09 | CVE-2020-12402 | During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. | Fedora, Firefox, Leap | N/A | |
| 2020-05-15 | CVE-2020-11522 | libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | Ubuntu_linux, Freerdp, Leap | N/A | |
| 2020-06-09 | CVE-2020-10757 | A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux, Enterprise_mrg | N/A | |
| 2020-06-12 | CVE-2020-10732 | A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | Linux_kernel, Leap, Enterprise_linux | N/A | |
| 2020-07-07 | CVE-2020-10730 | A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability. | Fedora, Leap, Storage, Samba | N/A |