Vulnerabilities > Opensuse > Leap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-26 | CVE-2019-12972 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 5.5 |
| 2019-06-25 | CVE-2019-9836 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation. | 5.0 |
| 2019-06-25 | CVE-2019-12817 | Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. | 7.0 |
| 2019-06-24 | CVE-2018-20843 | XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611 | 7.5 |
| 2019-06-20 | CVE-2019-12904 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. | 5.9 |
| 2019-06-19 | CVE-2019-12900 | Out-of-bounds Write vulnerability in multiple products BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | 9.8 |
| 2019-06-19 | CVE-2019-11040 | Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. | 6.4 |
| 2019-06-19 | CVE-2019-11039 | Out-of-bounds Read vulnerability in multiple products Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. | 6.4 |
| 2019-06-19 | CVE-2019-11038 | Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. | 5.3 |
| 2019-06-17 | CVE-2019-8323 | Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. | 5.0 |