Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-13844

  • EPSS 0.08%
  • Published 08.06.2020 23:15:10
  • Last modified 21.11.2024 05:01:59

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line specula...

4.4

CVE-2020-13696

  • EPSS 0.04%
  • Published 08.06.2020 17:15:10
  • Last modified 21.11.2024 05:01:45

An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker wi...

6.5

CVE-2020-12803

  • EPSS 1.17%
  • Published 08.06.2020 16:15:10
  • Last modified 21.11.2024 05:00:19

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which...

5.3

CVE-2020-12802

  • EPSS 0.47%
  • Published 08.06.2020 16:15:09
  • Last modified 21.11.2024 05:00:19

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem...

7.5

CVE-2020-12723

  • EPSS 0.18%
  • Published 05.06.2020 15:15:10
  • Last modified 21.11.2024 05:00:08

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

8.2

CVE-2020-10543

  • EPSS 3.94%
  • Published 05.06.2020 14:15:10
  • Last modified 21.11.2024 04:55:32

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

8.6

CVE-2020-10878

  • EPSS 0.11%
  • Published 05.06.2020 14:15:10
  • Last modified 21.11.2024 04:56:16

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

6

CVE-2020-13800

  • EPSS 0.1%
  • Published 04.06.2020 16:15:12
  • Last modified 21.11.2024 05:01:53

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

7.4

CVE-2020-13817

  • EPSS 0.38%
  • Published 04.06.2020 13:15:11
  • Last modified 05.05.2025 17:15:59

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated ...

7.5

CVE-2020-11080

  • EPSS 0.74%
  • Published 03.06.2020 23:15:11
  • Last modified 21.11.2024 04:56:44

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings e...