Product:

Leap

(Opensuse)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/ImageMagick/ImageMagick
https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/madler/zlib
https://github.com/libgd/libgd
https://github.com/php/php-src
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/roundcube/roundcubemail
https://github.com/tats/w3m
https://github.com/golang/go
https://github.com/dbry/WavPack
https://github.com/git/git
https://github.com/file/file
https://github.com/dosfstools/dosfstools
https://github.com/atheme/atheme
https://github.com/quassel/quassel
https://github.com/bcgit/bc-java
https://github.com/esnet/iperf
https://github.com/apache/httpd
https://github.com/opencontainers/runc
https://github.com/mm2/Little-CMS
https://github.com/FFmpeg/FFmpeg
https://github.com/uclouvain/openjpeg
https://git.kernel.org/pub/scm/git/git.git
https://github.com/mdadams/jasper
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/rdesktop/rdesktop
https://github.com/ntp-project/ntp
https://github.com/requests/requests
https://github.com/lighttpd/lighttpd1.4
https://github.com/heimdal/heimdal
https://github.com/erikd/libsndfile
https://github.com/FreeRDP/FreeRDP
https://github.com/mysql/mysql-server
https://github.com/WebKit/webkit
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/ClusterLabs/pacemaker
https://github.com/curl/curl
https://github.com/vadz/libtiff
https://github.com/libimobiledevice/libimobiledevice
https://github.com/fragglet/lhasa
https://github.com/TigerVNC/tigervnc
https://github.com/stedolan/jq
https://github.com/Matroska-Org/libmatroska
https://github.com/the-tcpdump-group/tcpdump
#Vulnerabilities 1884
Date Id Summary Products Score Patch Annotated
2019-04-30 CVE-2019-11627 gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. Debian_linux, Leap, Signing\-Party N/A
2017-03-20 CVE-2017-6318 saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. Leap, Sane\-Backends 7.5
2018-11-26 CVE-2018-19539 An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server 6.5
2018-11-23 CVE-2018-19490 An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function. Debian_linux, Gnuplot, Leap 7.8
2018-06-09 CVE-2018-12085 Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Ubuntu_linux, Liblouis, Leap 8.8
2018-06-04 CVE-2018-11685 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. Ubuntu_linux, Liblouis, Leap 8.8
2018-06-04 CVE-2018-11684 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. Ubuntu_linux, Liblouis, Leap 8.8
2018-06-04 CVE-2018-11683 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Ubuntu_linux, Liblouis, Leap 8.8
2018-05-25 CVE-2018-11440 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. Ubuntu_linux, Liblouis, Leap 8.8
2017-08-07 CVE-2014-3462 The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes". Encfs, Leap, Opensuse N/A