Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-05-23 | CVE-2018-1125 | procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash. | Ubuntu_linux, Debian_linux, Leap, Procps\-Ng | N/A | ||
| 2018-05-23 | CVE-2018-1124 | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. | Ubuntu_linux, Debian_linux, Leap, Procps\-Ng, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Struxureware_data_center_expert | N/A | ||
| 2016-10-03 | CVE-2016-7445 | convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s. | Leap, Openjpeg | 7.5 | ||
| 2017-04-13 | CVE-2015-8567 | Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | Ubuntu_linux, Debian_linux, Fedora, Leap, Opensuse, Qemu, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2019-04-30 | CVE-2019-11627 | gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. | Debian_linux, Leap, Signing\-Party | N/A | ||
| 2017-03-20 | CVE-2017-6318 | saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | Leap, Sane\-Backends | 7.5 | ||
| 2018-11-26 | CVE-2018-19539 | An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. | Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server | 6.5 | ||
| 2018-11-23 | CVE-2018-19490 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function. | Debian_linux, Gnuplot, Leap | 7.8 | ||
| 2018-06-09 | CVE-2018-12085 | Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | Ubuntu_linux, Liblouis, Leap | 8.8 | ||
| 2018-06-04 | CVE-2018-11685 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. | Ubuntu_linux, Liblouis, Leap | 8.8 |