Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-9428

Exploit
  • EPSS 8.18%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

7.5

CVE-2020-9429

  • EPSS 0.59%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.

7.5

CVE-2020-9430

Exploit
  • EPSS 3.61%
  • Veröffentlicht 27.02.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:37

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.

7.5

CVE-2020-7062

Exploit
  • EPSS 0.89%
  • Veröffentlicht 27.02.2020 21:15:19
  • Zuletzt bearbeitet 21.11.2024 05:36:35

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upl...

5.3

CVE-2020-7063

Exploit
  • EPSS 0.23%
  • Veröffentlicht 27.02.2020 21:15:19
  • Zuletzt bearbeitet 21.11.2024 05:36:35

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on th...

6.1

CVE-2020-3867

  • EPSS 0.36%
  • Veröffentlicht 27.02.2020 21:15:18
  • Zuletzt bearbeitet 21.11.2024 05:31:51

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted ...

9.3

CVE-2020-3868

  • EPSS 0.28%
  • Veröffentlicht 27.02.2020 21:15:18
  • Zuletzt bearbeitet 21.11.2024 05:31:52

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing ...

6.5

CVE-2020-3862

  • EPSS 0.22%
  • Veröffentlicht 27.02.2020 21:15:17
  • Zuletzt bearbeitet 21.11.2024 05:31:51

A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website ...

8.8

CVE-2020-3865

  • EPSS 0.47%
  • Veröffentlicht 27.02.2020 21:15:17
  • Zuletzt bearbeitet 21.11.2024 05:31:51

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing ...

5.3

CVE-2020-7041

  • EPSS 1.79%
  • Veröffentlicht 27.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:36:32

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.