Leap - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Leap
(Opensuse)

Repositories

• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/ImageMagick/ImageMagick
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/madler/zlib

• https://github.com/libgd/libgd
• https://github.com/php/php-src
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/roundcube/roundcubemail
• https://github.com/tats/w3m
• https://github.com/golang/go
• https://github.com/dbry/WavPack
• https://github.com/git/git
• https://github.com/file/file
• https://github.com/dosfstools/dosfstools
• https://github.com/atheme/atheme
• https://github.com/quassel/quassel
• https://github.com/opencontainers/runc
• https://github.com/bcgit/bc-java
• https://github.com/mm2/Little-CMS
• https://github.com/FFmpeg/FFmpeg
• https://github.com/uclouvain/openjpeg
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/mdadams/jasper
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/apache/httpd
• https://github.com/rdesktop/rdesktop
• https://github.com/ntp-project/ntp
• https://github.com/requests/requests
• https://github.com/esnet/iperf
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/heimdal/heimdal
• https://github.com/erikd/libsndfile
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mysql/mysql-server
• https://github.com/WebKit/webkit
• https://github.com/liblouis/liblouis
• https://github.com/lavv17/lftp
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/ClusterLabs/pacemaker
• https://github.com/curl/curl
• https://github.com/vadz/libtiff
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/fragglet/lhasa
• https://github.com/TigerVNC/tigervnc
• https://github.com/stedolan/jq
• https://github.com/Matroska-Org/libmatroska
• https://github.com/the-tcpdump-group/tcpdump

#Vulnerabilities

1876

Date	Id	Summary	Products	Score	Patch	Annotated
2016-04-13	CVE-2015-8080	Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.	Debian_linux, Leap, Opensuse, Openstack, Redis	7.5
2019-04-23	CVE-2019-2627	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server....	Ubuntu_linux, Mariadb, Leap, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	4.9
2019-04-23	CVE-2019-2628	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability...	Ubuntu_linux, Mariadb, Leap, Mysql, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus	4.9
2020-01-15	CVE-2020-2574	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9...	Ubuntu_linux, Mariadb, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Leap, Mysql	5.9
2020-04-08	CVE-2019-20637	An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connection workspace, such as data structures associated with previous requests within this connection or VCL-related temporary headers.	Backports_sle, Leap, Varnish_cache, Varnish_cache	7.5
2020-05-15	CVE-2020-11522	libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.	Ubuntu_linux, Debian_linux, Freerdp, Leap	6.5
2020-05-15	CVE-2020-11523	libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.	Ubuntu_linux, Debian_linux, Freerdp, Leap	6.6
2020-05-15	CVE-2020-11524	libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.	Ubuntu_linux, Freerdp, Leap	6.6
2020-05-15	CVE-2020-11525	libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.	Ubuntu_linux, Debian_linux, Freerdp, Leap	2.2
2020-02-06	CVE-2020-8648	There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.	Brocade_fabric_operating_system_firmware, Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Cloud_backup, Hci_baseboard_management_controller, Solidfire_baseboard_management_controller, Leap	7.1