Vulnerabilities > Opensuse > Backports SLE > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-13702 | Improper Privilege Management vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. | 7.8 |
| 2019-11-25 | CVE-2019-13700 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-11-25 | CVE-2019-13699 | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-10-08 | CVE-2019-14846 | In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. | 7.8 |
| 2019-09-09 | CVE-2019-16159 | Out-of-bounds Write vulnerability in multiple products BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. | 7.5 |
| 2019-09-08 | CVE-2016-10937 | Improper Certificate Validation vulnerability in multiple products IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. | 7.5 |
| 2019-08-07 | CVE-2019-14744 | OS Command Injection vulnerability in multiple products In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. | 7.8 |
| 2019-07-31 | CVE-2019-5060 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. | 8.8 |
| 2019-07-31 | CVE-2019-5059 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. | 8.8 |
| 2019-07-31 | CVE-2019-5058 | Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. | 8.8 |