Vulnerabilities > Opensuse > Leap > 15.2

DATE CVE VULNERABILITY TITLE RISK
2020-10-01 CVE-2020-15673 Use After Free vulnerability in multiple products
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2.
network
low complexity
mozilla debian opensuse CWE-416
8.8
8.8
2020-09-30 CVE-2020-14374 A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk opensuse canonical
8.8
8.8
2020-09-30 CVE-2020-14378 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop.
local
low complexity
dpdk opensuse canonical CWE-191
3.3
3.3
2020-09-30 CVE-2020-14377 A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk canonical opensuse
7.1
7.1
2020-09-30 CVE-2020-14376 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
high complexity
dpdk opensuse canonical CWE-120
7.8
7.8
2020-09-30 CVE-2020-14375 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
high complexity
dpdk opensuse canonical CWE-367
7.8
7.8
2020-09-30 CVE-2020-26154 Classic Buffer Overflow vulnerability in multiple products
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
network
low complexity
libproxy-project fedoraproject debian opensuse CWE-120
critical
 9.8
9.8
2020-09-27 CVE-2020-26117 Improper Certificate Validation vulnerability in multiple products
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions.
network
low complexity
tigervnc debian opensuse CWE-295
8.1
8.1
2020-09-25 CVE-2020-15211 In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors.
network
high complexity
google opensuse
4.8
4.8
2020-09-25 CVE-2020-15210 Out-of-bounds Write vulnerability in multiple products
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption.
network
high complexity
google opensuse CWE-787
6.5
6.5