Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-17498

Exploit
  • EPSS 0.23%
  • Veröffentlicht 13.08.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:08:13

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

4.3

CVE-2020-17489

Exploit
  • EPSS 0.15%
  • Veröffentlicht 11.08.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:08:13

An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password show...

3.8

CVE-2020-16092

  • EPSS 0.05%
  • Veröffentlicht 11.08.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:06:45

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in ...

7.8

CVE-2020-17367

  • EPSS 0.14%
  • Veröffentlicht 11.08.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:57

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.

9.8

CVE-2020-17368

  • EPSS 4.49%
  • Veröffentlicht 11.08.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:57

Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.

6.5

CVE-2020-15655

  • EPSS 0.23%
  • Veröffentlicht 10.08.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:05:57

A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbi...

9.3

CVE-2020-15656

  • EPSS 0.84%
  • Veröffentlicht 10.08.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:05:57

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firef...

9.3

CVE-2020-15659

  • EPSS 0.93%
  • Veröffentlicht 10.08.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:05:57

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

7.5

CVE-2020-9490

  • EPSS 75.82%
  • Veröffentlicht 07.08.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:45

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via ...

9.8

CVE-2020-11984

Exploit
  • EPSS 76.31%
  • Veröffentlicht 07.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:02

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE