Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-11 | CVE-2019-6128 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | Ubuntu_linux, Debian_linux, Libtiff, Leap | 8.8 | ||
| 2019-04-08 | CVE-2019-11007 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.1 | ||
| 2019-04-08 | CVE-2019-11008 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.8 | ||
| 2019-04-08 | CVE-2019-1787 | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an... | Clamav, Debian_linux, Leap | 5.5 | ||
| 2019-04-24 | CVE-2019-11505 | In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.8 | ||
| 2019-04-24 | CVE-2019-11506 | In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.8 | ||
| 2019-07-24 | CVE-2019-14250 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | Ubuntu_linux, Binutils, Leap | 5.5 | ||
| 2019-07-26 | CVE-2019-14275 | Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. | Debian_linux, Leap, Fig2dev | 5.5 | ||
| 2019-07-30 | CVE-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | Ubuntu_linux, Binutils, Hci_management_node, Solidfire, Leap | 5.5 | ||
| 2019-07-23 | CVE-2019-11717 | A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | Debian_linux, Firefox, Firefox_esr, Thunderbird, Suse_package_hub_for_suse_linux_enterprise, Leap | 5.3 |