Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-13619

Exploit
  • EPSS 9.82%
  • Veröffentlicht 17.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:22

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

6.5

CVE-2019-13626

Exploit
  • EPSS 0.69%
  • Veröffentlicht 17.07.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:23

SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.

9.8

CVE-2019-9848

  • EPSS 86.56%
  • Veröffentlicht 17.07.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:25

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, w...

4.3

CVE-2019-9849

  • EPSS 3.56%
  • Veröffentlicht 17.07.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:26

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem...

8.1

CVE-2019-13616

Exploit
  • EPSS 6.76%
  • Veröffentlicht 16.07.2019 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:22

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

7.8

CVE-2019-1010006

Exploit
  • EPSS 0.53%
  • Veröffentlicht 15.07.2019 02:15:10
  • Zuletzt bearbeitet 21.11.2024 04:17:54

Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer ov...

7.8

CVE-2019-13602

  • EPSS 0.54%
  • Veröffentlicht 14.07.2019 21:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:19

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact...

9.8

CVE-2019-12525

  • EPSS 55.25%
  • Veröffentlicht 11.07.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t...

5.9

CVE-2019-12529

  • EPSS 16.21%
  • Veröffentlicht 11.07.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be...

9.8

CVE-2019-12838

  • EPSS 4.57%
  • Veröffentlicht 11.07.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:41

SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.