Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-02-05 | CVE-2018-18506 | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability... | Ubuntu_linux, Debian_linux, Firefox, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.9 | ||
| 2020-10-22 | CVE-2020-27560 | ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. | Debian_linux, Imagemagick, Leap | 3.3 | ||
| 2019-03-15 | CVE-2018-20177 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution. | Debian_linux, Backports, Leap, Rdesktop | 9.8 | ||
| 2019-07-30 | CVE-2018-20860 | libopenmpt before 0.3.13 allows a crash with malformed MED files. | Libopenmpt, Leap | 6.5 | ||
| 2019-07-30 | CVE-2019-14383 | J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. | Libopenmpt, Leap | 6.5 | ||
| 2019-07-30 | CVE-2019-5460 | Double Free in VLC versions <= 3.0.6 leads to a crash. | Backports, Leap, Vlc_media_player | 5.5 | ||
| 2019-08-02 | CVE-2019-14524 | An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465. | Backports, Leap, Schism_tracker | 7.8 | ||
| 2019-08-06 | CVE-2019-13106 | Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | U\-Boot, Leap | 7.8 | ||
| 2019-08-09 | CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | Leap, Werkzeug | 7.5 | ||
| 2019-08-18 | CVE-2019-15141 | WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. | Imagemagick, Leap | 6.5 |