Leap - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Leap
(Opensuse)

Repositories

• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/ImageMagick/ImageMagick
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/madler/zlib

• https://github.com/libgd/libgd
• https://github.com/php/php-src
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/roundcube/roundcubemail
• https://github.com/tats/w3m
• https://github.com/golang/go
• https://github.com/dbry/WavPack
• https://github.com/git/git
• https://github.com/file/file
• https://github.com/dosfstools/dosfstools
• https://github.com/atheme/atheme
• https://github.com/quassel/quassel
• https://github.com/bcgit/bc-java
• https://github.com/esnet/iperf
• https://github.com/apache/httpd
• https://github.com/opencontainers/runc
• https://github.com/mm2/Little-CMS
• https://github.com/FFmpeg/FFmpeg
• https://github.com/uclouvain/openjpeg
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/mdadams/jasper
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/rdesktop/rdesktop
• https://github.com/ntp-project/ntp
• https://github.com/requests/requests
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/heimdal/heimdal
• https://github.com/erikd/libsndfile
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mysql/mysql-server
• https://github.com/WebKit/webkit
• https://github.com/liblouis/liblouis
• https://github.com/lavv17/lftp
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/ClusterLabs/pacemaker
• https://github.com/curl/curl
• https://github.com/vadz/libtiff
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/fragglet/lhasa
• https://github.com/TigerVNC/tigervnc
• https://github.com/stedolan/jq
• https://github.com/Matroska-Org/libmatroska
• https://github.com/the-tcpdump-group/tcpdump

#Vulnerabilities

1884

Date	Id	Summary	Products	Score	Patch	Annotated
2019-07-01	CVE-2019-13134	ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.	Imagemagick, Leap	5.5
2018-12-26	CVE-2018-20467	In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	6.5
2019-03-07	CVE-2019-7175	In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	7.5
2019-02-05	CVE-2019-7396	In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	7.5
2019-02-05	CVE-2019-7395	In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	7.5
2019-02-05	CVE-2019-7398	In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	7.5
2019-02-05	CVE-2019-7397	In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.	Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap	7.5
2017-02-15	CVE-2016-8866	The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.	Imagemagick, Leap, Opensuse	8.8
2020-03-19	CVE-2020-10648	Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.	U\-Boot, Leap	7.8
2019-11-28	CVE-2019-19318	In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,	Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap	4.4