Vulnerabilities > Opensuse > Leap
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-28 | CVE-2019-3698 | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. | 6.9 |
2020-02-27 | CVE-2020-9431 | Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. | 7.5 |
2020-02-27 | CVE-2020-9430 | Improper Input Validation vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9429 | NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-9428 | Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. | 7.5 |
2020-02-27 | CVE-2020-7063 | Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. | 5.0 |
2020-02-27 | CVE-2020-7062 | NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. | 4.3 |
2020-02-27 | CVE-2020-3868 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
2020-02-27 | CVE-2020-3867 | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 4.3 |
2020-02-27 | CVE-2020-3865 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 6.8 |