Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2019-20382

  • EPSS 0.18%
  • Veröffentlicht 05.03.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:20

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.

5.5

CVE-2020-10029

Exploit
  • EPSS 0.05%
  • Veröffentlicht 04.03.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 04:54:40

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl...

9.8

CVE-2020-10018

  • EPSS 2.04%
  • Veröffentlicht 02.03.2020 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:54:39

WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memor...

2.5

CVE-2020-8013

  • EPSS 0.06%
  • Veröffentlicht 02.03.2020 17:15:19
  • Zuletzt bearbeitet 21.11.2024 05:38:13

A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneo...

9.8

CVE-2019-18902

  • EPSS 2.82%
  • Veröffentlicht 02.03.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 04:33:48

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Se...

9.8

CVE-2019-18903

  • EPSS 2.82%
  • Veröffentlicht 02.03.2020 17:15:18
  • Zuletzt bearbeitet 21.11.2024 04:33:48

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Se...

7.8

CVE-2019-18897

  • EPSS 0.1%
  • Veröffentlicht 02.03.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:48

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue aff...

5.5

CVE-2019-18901

  • EPSS 0.1%
  • Veröffentlicht 02.03.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:48

A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 064...

7

CVE-2019-3698

Exploit
  • EPSS 0.18%
  • Veröffentlicht 28.02.2020 14:15:09
  • Zuletzt bearbeitet 21.11.2024 04:42:21

UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges...

7.5

CVE-2020-9431

Exploit
  • EPSS 4.4%
  • Veröffentlicht 27.02.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.