Leap
(Opensuse)| Date | ID | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2019-12-03 | CVE-2015-7542 | An issue exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. | Gwenhywfar, Debian_linux, Leap | N/A | |
| 2019-11-22 | CVE-2019-18622 | An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. | Fedora, Backports_sle, Leap, Phpmyadmin | N/A | |
| 2019-04-08 | CVE-2019-11010 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. | Debian_linux, Graphicsmagick, Leap | 6.5 | |
| 2019-04-08 | CVE-2019-11006 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet. | Debian_linux, Graphicsmagick, Leap | 9.1 | |
| 2019-04-08 | CVE-2019-11005 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value. | Graphicsmagick, Leap | 9.8 | |
| 2016-06-13 | CVE-2016-4579 | Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl." | Ubuntu_linux, Libksba, Leap | 7.5 | |
| 2016-06-13 | CVE-2016-4574 | Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356. | Ubuntu_linux, Libksba, Leap, Opensuse | 7.5 | |
| 2019-10-01 | CVE-2019-17069 | PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. | Leap, Putty | N/A | |
| 2019-10-01 | CVE-2019-17068 | PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. | Leap, Putty | N/A | |
| 2019-04-08 | CVE-2019-0217 | In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | Http_server, Ubuntu_linux, Debian_linux, Fedora, Clustered_data_ontap, Oncommand_unified_manager, Leap, Enterprise_manager_ops_center, Http_server, Retail_xstore_point_of_service, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A |