Vulnerabilities > Opensuse > Leap > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-06 CVE-2019-9855 Channel and Path Errors vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
libreoffice opensuse CWE-417
critical
 9.8
9.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8
2019-08-15 CVE-2019-9850 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-08-15 CVE-2019-9851 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-07-29 CVE-2019-14271 Improper Initialization vulnerability in multiple products
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
network
low complexity
docker debian opensuse CWE-665
critical
 9.8
9.8
2019-07-23 CVE-2019-11709 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7.
network
low complexity
mozilla opensuse suse debian CWE-787
critical
 9.8
9.8
2019-07-23 CVE-2019-11710 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 67.
network
low complexity
mozilla opensuse CWE-787
critical
 9.8
9.8
2019-07-18 CVE-2019-13962 Out-of-bounds Read vulnerability in multiple products
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
network
low complexity
videolan opensuse debian canonical CWE-125
critical
 9.8
9.8
2019-07-17 CVE-2019-9848 Code Injection vulnerability in multiple products
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc.
network
low complexity
libreoffice canonical fedoraproject debian opensuse CWE-94
critical
 9.8
9.8
2019-07-11 CVE-2019-12525 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7.
network
low complexity
squid-cache debian opensuse fedoraproject canonical CWE-787
critical
 9.8
9.8