Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-05 | CVE-2019-13308 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 8.8 | ||
| 2019-07-05 | CVE-2019-13310 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. | Ubuntu_linux, Imagemagick, Leap | 6.5 | ||
| 2019-07-23 | CVE-2019-11720 | Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68. | Firefox, Leap | 6.1 | ||
| 2019-07-23 | CVE-2019-11721 | The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68. | Firefox, Leap | 6.5 | ||
| 2019-08-12 | CVE-2019-14980 | In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. | Imagemagick, Leap | 6.5 | ||
| 2019-01-11 | CVE-2019-6128 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | Ubuntu_linux, Debian_linux, Libtiff, Leap | 8.8 | ||
| 2019-04-08 | CVE-2019-11007 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.1 | ||
| 2019-04-08 | CVE-2019-11008 | In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.8 | ||
| 2019-04-08 | CVE-2019-1787 | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an... | Clamav, Debian_linux, Leap | 5.5 | ||
| 2019-04-24 | CVE-2019-11505 | In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c. | Ubuntu_linux, Debian_linux, Graphicsmagick, Backports_sle, Leap | 8.8 |