Vulnerabilities > Opensuse > Leap

DATE CVE VULNERABILITY TITLE RISK
2019-04-17 CVE-2019-9494 Information Exposure Through Discrepancy vulnerability in multiple products
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns.
5.9
2019-04-11 CVE-2019-9628 Improper Handling of Exceptional Conditions vulnerability in multiple products
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class.
network
low complexity
xmltooling-project canonical opensuse CWE-755
5.0
2019-04-10 CVE-2019-11068 libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code.
network
low complexity
xmlsoft canonical debian fedoraproject oracle netapp opensuse
critical
9.8
2019-04-09 CVE-2019-3880 Path Traversal vulnerability in multiple products
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API.
network
low complexity
samba debian redhat fedoraproject opensuse CWE-22
5.4
2019-04-09 CVE-2019-10903 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash.
7.5
2019-04-09 CVE-2019-10901 NULL Pointer Dereference vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash.
7.5
2019-04-09 CVE-2019-10899 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash.
7.5
2019-04-09 CVE-2019-10896 Out-of-bounds Write vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash.
7.5
2019-04-09 CVE-2019-10895 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash.
7.5
2019-04-09 CVE-2019-10894 Reachable Assertion vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash.
7.5