Vulnerabilities > Opensuse > Leap
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-04 | CVE-2015-8980 | Improper Input Validation vulnerability in multiple products The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. | 9.8 |
2019-11-04 | CVE-2019-18683 | Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. | 7.0 |
2019-11-01 | CVE-2019-6470 | There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. | 7.5 |
2019-10-31 | CVE-2019-5010 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. | 7.5 |
2019-10-31 | CVE-2019-18425 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. | 9.8 |
2019-10-31 | CVE-2019-18424 | OS Command Injection vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. | 6.8 |
2019-10-31 | CVE-2019-18421 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. | 7.5 |
2019-10-24 | CVE-2019-17596 | Interpretation Conflict vulnerability in multiple products Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. | 7.5 |
2019-10-21 | CVE-2019-17498 | Integer Overflow or Wraparound vulnerability in multiple products In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. | 8.1 |
2019-10-21 | CVE-2019-18218 | Out-of-bounds Write vulnerability in multiple products cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | 7.8 |