Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-07-09 | CVE-2020-12416 | A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78. | Firefox, Leap | 8.8 | ||
| 2020-07-09 | CVE-2020-12417 | Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 8.8 | ||
| 2020-07-09 | CVE-2020-12420 | When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap | 8.8 | ||
| 2020-04-02 | CVE-2020-11494 | An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 4.4 | ||
| 2020-04-28 | CVE-2020-12243 | In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | Mac_os_x, Brocade_fabric_operating_system, Ubuntu_linux, Debian_linux, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Steelstore_cloud_integrated_storage, Openldap, Leap, Solaris, Zfs_storage_appliance_kit | 7.5 | ||
| 2020-06-03 | CVE-2019-20810 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. | Ubuntu_linux, Linux_kernel, Leap | 5.5 | ||
| 2020-09-17 | CVE-2020-0432 | In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807 | Android, Leap | 7.8 | ||
| 2020-07-09 | CVE-2020-12426 | Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78. | Firefox, Leap | 8.8 | ||
| 2020-01-21 | CVE-2019-18932 | log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations. | Backports_sle, Leap, Squid_analysis_report_generator | 7.0 | ||
| 2020-05-15 | CVE-2020-11521 | libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 6.6 |