Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-09 | CVE-2019-9637 | An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php | 7.5 | ||
| 2018-12-26 | CVE-2018-19870 | An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. | Debian_linux, Leap, Qt | 8.8 | ||
| 2018-12-26 | CVE-2018-15518 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. | Debian_linux, Leap, Qt | 8.8 | ||
| 2018-08-10 | CVE-2018-6556 | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. | Ubuntu_linux, Lxc, Leap, Caas_platform, Openstack_cloud, Suse_linux_enterprise_server | 3.3 | ||
| 2018-11-15 | CVE-2018-18954 | The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. | Ubuntu_linux, Leap, Qemu | 5.5 | ||
| 2016-01-13 | CVE-2016-1494 | The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack. | Fedora, Leap, Opensuse, Rsa | 5.3 | ||
| 2019-04-08 | CVE-2019-11009 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. | Debian_linux, Graphicsmagick, Leap | 8.1 | ||
| 2019-02-21 | CVE-2018-20783 | In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c. | Leap, Php | 7.5 | ||
| 2019-04-22 | CVE-2019-11235 | FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499. | Ubuntu_linux, Fedora, Freeradius, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2018-12-26 | CVE-2018-19871 | An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. | Leap, Qt | 6.5 |