Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-12 | CVE-2019-17358 | Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module. | Cacti, Debian_linux, Leap | N/A | ||
2020-01-08 | CVE-2019-17008 | When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Firefox, Firefox_esr, Thunderbird, Leap | N/A | ||
2020-01-08 | CVE-2019-17009 | When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Firefox, Firefox_esr, Thunderbird, Leap | N/A | ||
2016-03-13 | CVE-2016-2802 | The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2801 | The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2800 | The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2799 | Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2798 | The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2797 | The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 | ||
2016-03-13 | CVE-2016-2796 | Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | Firefox, Firefox_esr, Leap, Opensuse, Linux, Graphite2, Linux_enterprise | 8.8 |