Vulnerabilities > Opensuse > Leap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-03 | CVE-2018-14464 | Out-of-bounds Read vulnerability in multiple products The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | 7.5 |
| 2019-10-03 | CVE-2018-14463 | Out-of-bounds Read vulnerability in multiple products The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | 7.5 |
| 2019-10-03 | CVE-2018-14462 | Out-of-bounds Read vulnerability in multiple products The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | 7.5 |
| 2019-10-03 | CVE-2018-14461 | Out-of-bounds Read vulnerability in multiple products The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | 7.5 |
| 2019-10-01 | CVE-2019-17069 | Use After Free vulnerability in multiple products PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. | 7.5 |
| 2019-10-01 | CVE-2019-17068 | Injection vulnerability in multiple products PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to be affected by malicious clipboard content. | 5.0 |
| 2019-10-01 | CVE-2019-17055 | Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 3.3 |
| 2019-09-30 | CVE-2019-16276 | HTTP Request Smuggling vulnerability in multiple products Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 7.5 |
| 2019-09-30 | CVE-2019-16995 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. | 7.8 |
| 2019-09-30 | CVE-2019-16994 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. | 4.7 |