Vulnerabilities > Opensuse > Backports
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2020-6610 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | 4.3 |
| 2019-12-27 | CVE-2019-20053 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file. | 4.3 |
| 2019-12-24 | CVE-2019-19953 | Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. | 9.1 |
| 2019-12-24 | CVE-2019-19951 | Out-of-bounds Write vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. | 9.8 |
| 2019-12-24 | CVE-2019-19950 | Use After Free vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. | 9.8 |
| 2019-12-10 | CVE-2019-13730 | Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-12-03 | CVE-2019-5163 | Missing Authentication for Critical Function vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. | 4.3 |
| 2019-11-25 | CVE-2019-13723 | Use After Free vulnerability in multiple products Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-11-25 | CVE-2019-13713 | Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2019-11-25 | CVE-2019-13711 | Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 5.3 |