Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-21	CVE-2019-19344	Use After Free vulnerability in multiple products There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer. network low complexity samba canonical synology opensuse CWE-416	6.5
2020-01-21	CVE-2019-18932	Link Following vulnerability in multiple products log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. local squid-analysis-report-generator-project opensuse CWE-59	4.4
2020-01-21	CVE-2019-14902	There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers. network low complexity samba canonical opensuse debian	5.4
2020-01-21	CVE-2019-20386	Memory Leak vulnerability in multiple products An issue was discovered in button_open in login/logind-button.c in systemd before 243. low complexity systemd-project canonical fedoraproject opensuse netapp CWE-401	2.4
2020-01-17	CVE-2019-17361	Command Injection vulnerability in multiple products In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. network low complexity saltstack debian opensuse canonical CWE-77 critical	9.8
2020-01-16	CVE-2020-7039	Out-of-bounds Write vulnerability in multiple products tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. network libslirp-project qemu debian opensuse CWE-787	6.8
2020-01-16	CVE-2020-7106	Cross-site Scripting vulnerability in multiple products Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). network low complexity cacti debian opensuse suse fedoraproject CWE-79	6.1
2020-01-16	CVE-2020-7044	Off-by-one Error vulnerability in multiple products In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-193	7.5
2020-01-15	CVE-2020-2659	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). network oracle debian canonical netapp opensuse redhat	4.3
2020-01-15	CVE-2020-2654	Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). network oracle redhat debian canonical netapp mcafee opensuse	4.3