Vulnerabilities > Opensuse > Backports > High

DATE CVE VULNERABILITY TITLE RISK
2019-05-23 CVE-2019-5792 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
network
low complexity
google opensuse CWE-190
8.8
8.8
2019-05-23 CVE-2019-5791 Type Confusion vulnerability in multiple products
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google opensuse CWE-843
8.8
8.8
2019-05-23 CVE-2019-5790 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google opensuse CWE-190
8.8
8.8
2019-05-23 CVE-2019-5789 Use After Free vulnerability in multiple products
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
8.8
2019-05-23 CVE-2019-5788 Use After Free vulnerability in multiple products
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
8.8
2019-05-23 CVE-2019-5787 Use After Free vulnerability in multiple products
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
8.8
2019-05-14 CVE-2019-11328 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g.
network
low complexity
sylabs fedoraproject opensuse CWE-732
8.8
8.8
2019-05-07 CVE-2019-7443 Improper Input Validation vulnerability in multiple products
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp.
network
high complexity
kde opensuse fedoraproject CWE-20
8.1
8.1