Vulnerabilities > Opensuse > Leap > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-04-23 CVE-2020-11945 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 5.0.2.
network
low complexity
squid-cache debian opensuse fedoraproject canonical CWE-190
critical
 9.8
9.8
2020-04-22 CVE-2019-20787 Integer Overflow or Wraparound vulnerability in multiple products
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
network
low complexity
teeworlds opensuse CWE-190
critical
 9.8
9.8
2020-04-15 CVE-2019-12519 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid through 4.7.
network
low complexity
squid-cache debian canonical opensuse CWE-787
critical
 9.8
9.8
2020-03-24 CVE-2020-10938 Integer Overflow or Wraparound vulnerability in multiple products
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
network
low complexity
graphicsmagick debian opensuse CWE-190
critical
 9.8
9.8
2020-03-24 CVE-2020-1747 A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader.
network
low complexity
pyyaml fedoraproject opensuse oracle
critical
 9.8
9.8
2020-03-02 CVE-2020-10018 Use After Free vulnerability in multiple products
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. 		9.8
9.8
2020-03-02 CVE-2019-18902 Use After Free vulnerability in multiple products
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution.
network
low complexity
suse opensuse CWE-416
critical
 9.8
9.8
2020-03-02 CVE-2019-18903 Use After Free vulnerability in multiple products
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution.
network
low complexity
suse opensuse CWE-416
critical
 9.8
9.8
2020-02-27 CVE-2020-7043 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2.
network
low complexity
openfortivpn-project fedoraproject opensuse CWE-295
critical
 9.1
9.1
2020-02-24 CVE-2020-1938 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat.
network
low complexity
apache fedoraproject oracle debian opensuse blackberry netapp
critical
 9.8
9.8