Vulnerabilities > Opensuse > Leap > 15.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-06 | CVE-2020-14303 | Excessive Iteration vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. | 7.5 |
| 2020-07-05 | CVE-2020-15466 | Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. | 7.5 |
| 2020-06-30 | CVE-2020-15396 | Race Condition vulnerability in multiple products In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. | 7.8 |
| 2020-06-30 | CVE-2017-18922 | Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical | 9.8 |
| 2020-06-29 | CVE-2020-15393 | Memory Leak vulnerability in multiple products In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | 5.5 |
| 2020-06-29 | CVE-2020-4067 | In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. | 7.5 |
| 2020-06-26 | CVE-2020-11996 | A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. | 7.5 |
| 2020-06-26 | CVE-2020-15306 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before v2.5.2. | 5.5 |
| 2020-06-26 | CVE-2020-15305 | Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. | 5.5 |
| 2020-06-26 | CVE-2020-15304 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. | 5.5 |