Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-6467

  • EPSS 2.05%
  • Published 21.05.2020 04:15:11
  • Last modified 21.11.2024 05:35:47

Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2020-6468

  • EPSS 42.47%
  • Published 21.05.2020 04:15:11
  • Last modified 21.11.2024 05:35:47

Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.6

CVE-2020-6469

  • EPSS 0.7%
  • Published 21.05.2020 04:15:11
  • Last modified 21.11.2024 05:35:47

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

6.1

CVE-2020-6470

  • EPSS 1.16%
  • Published 21.05.2020 04:15:11
  • Last modified 21.11.2024 05:35:47

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.

8.8

CVE-2020-13249

  • EPSS 0.46%
  • Published 20.05.2020 19:15:09
  • Last modified 21.11.2024 05:00:52

libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any My...

7

CVE-2020-9484

  • EPSS 93.33%
  • Published 20.05.2020 19:15:09
  • Last modified 21.11.2024 05:40:44

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the Persiste...

7.7

CVE-2020-10725

  • EPSS 0.68%
  • Published 20.05.2020 14:15:11
  • Last modified 21.11.2024 04:55:56

A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that ...

4.4

CVE-2020-10726

  • EPSS 0.15%
  • Published 20.05.2020 14:15:11
  • Last modified 21.11.2024 04:55:56

A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), whi...

7.5

CVE-2020-13164

  • EPSS 1.83%
  • Published 19.05.2020 22:15:12
  • Last modified 21.11.2024 05:00:47

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

6.7

CVE-2020-10722

  • EPSS 0.13%
  • Published 19.05.2020 19:15:09
  • Last modified 21.11.2024 04:55:55

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.