Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2020-10723

  • EPSS 0.13%
  • Veröffentlicht 19.05.2020 19:15:09
  • Zuletzt bearbeitet 21.11.2024 04:55:55

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out...

7.5

CVE-2020-10995

  • EPSS 0.09%
  • Veröffentlicht 19.05.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:32

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritat...

5.4

CVE-2020-10135

Exploit
  • EPSS 32.77%
  • Veröffentlicht 19.05.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:54:53

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adj...

7.5

CVE-2020-12244

  • EPSS 0.09%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:22

An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.

7.5

CVE-2020-12662

  • EPSS 13.33%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:00

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

7.5

CVE-2020-12663

  • EPSS 12.63%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:01

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

5.9

CVE-2020-8617

  • EPSS 92.63%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:07

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local se...

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12801

  • EPSS 0.21%
  • Veröffentlicht 18.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:19

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.