Suse

Package Hub

40 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-13764

Exploit
  • EPSS 38.69%
  • Veröffentlicht 10.12.2019 22:15:15
  • Zuletzt bearbeitet 21.11.2024 04:25:40

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2019-13745

Exploit
  • EPSS 2.41%
  • Veröffentlicht 10.12.2019 22:15:14
  • Zuletzt bearbeitet 21.11.2024 04:25:37

Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

8.8

CVE-2019-13734

  • EPSS 5.9%
  • Veröffentlicht 10.12.2019 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:25:36

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2019-11730

  • EPSS 34.65%
  • Veröffentlicht 23.07.2019 14:15:16
  • Zuletzt bearbeitet 21.11.2024 04:21:40

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents...

9.8

CVE-2019-11709

  • EPSS 3.93%
  • Veröffentlicht 23.07.2019 14:15:15
  • Zuletzt bearbeitet 21.11.2024 04:21:38

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to r...

6.5

CVE-2019-5798

  • EPSS 1.37%
  • Veröffentlicht 23.05.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:45:30

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

5.3

CVE-2018-16876

  • EPSS 1.03%
  • Veröffentlicht 03.01.2019 15:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:30

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

7.8

CVE-2018-16837

  • EPSS 0.04%
  • Veröffentlicht 23.10.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:24

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear te...

7.8

CVE-2018-10875

  • EPSS 0.06%
  • Veröffentlicht 13.07.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:11

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

9.3

CVE-2016-1646

Warnung Exploit
  • EPSS 71.72%
  • Veröffentlicht 29.03.2016 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or po...