Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-13619

Exploit
  • EPSS 9.82%
  • Published 17.07.2019 20:15:11
  • Last modified 21.11.2024 04:25:22

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

6.5

CVE-2019-13626

Exploit
  • EPSS 0.69%
  • Published 17.07.2019 16:15:12
  • Last modified 21.11.2024 04:25:23

SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.

9.8

CVE-2019-9848

  • EPSS 86.56%
  • Published 17.07.2019 12:15:10
  • Last modified 21.11.2024 04:52:25

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, w...

4.3

CVE-2019-9849

  • EPSS 3.56%
  • Published 17.07.2019 12:15:10
  • Last modified 21.11.2024 04:52:26

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem...

8.1

CVE-2019-13616

Exploit
  • EPSS 6.76%
  • Published 16.07.2019 17:15:12
  • Last modified 21.11.2024 04:25:22

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

7.8

CVE-2019-1010006

Exploit
  • EPSS 0.53%
  • Published 15.07.2019 02:15:10
  • Last modified 21.11.2024 04:17:54

Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer ov...

7.8

CVE-2019-13602

  • EPSS 0.54%
  • Published 14.07.2019 21:15:11
  • Last modified 21.11.2024 04:25:19

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact...

9.8

CVE-2019-12525

  • EPSS 55.25%
  • Published 11.07.2019 19:15:13
  • Last modified 21.11.2024 04:23:02

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t...

5.9

CVE-2019-12529

  • EPSS 16.21%
  • Published 11.07.2019 19:15:13
  • Last modified 21.11.2024 04:23:02

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be...

9.8

CVE-2019-12838

  • EPSS 4.57%
  • Published 11.07.2019 13:15:10
  • Last modified 21.11.2024 04:23:41

SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.