Vulnerabilities > Opensuse > Backports SLE > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-24 | CVE-2019-3693 | Link Following vulnerability in multiple products A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. | 7.8 |
2020-01-24 | CVE-2019-3692 | Link Following vulnerability in multiple products The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. | 7.8 |
2020-01-21 | CVE-2020-7040 | Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. | 8.1 |
2020-01-10 | CVE-2020-6377 | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-01-10 | CVE-2019-13767 | Use After Free vulnerability in multiple products Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-12-20 | CVE-2019-19918 | Out-of-bounds Write vulnerability in multiple products Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | 7.8 |
2019-12-20 | CVE-2019-19917 | Classic Buffer Overflow vulnerability in multiple products Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | 7.8 |
2019-12-10 | CVE-2019-13764 | Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-12-10 | CVE-2019-13734 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-11-25 | CVE-2019-13706 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 7.8 |