Vulnerabilities > Opensuse > Leap > High

DATE CVE VULNERABILITY TITLE RISK
2019-05-23 CVE-2019-5789 Use After Free vulnerability in multiple products
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
2019-05-23 CVE-2019-5788 Use After Free vulnerability in multiple products
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
2019-05-23 CVE-2019-5787 Use After Free vulnerability in multiple products
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse CWE-416
8.8
2019-05-16 CVE-2019-3839 It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. 7.8
2019-05-15 CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack.
network
high complexity
heimdal-project fedoraproject opensuse debian
7.4
2019-05-15 CVE-2019-8936 NULL Pointer Dereference vulnerability in multiple products
NTP through 4.2.8p12 has a NULL Pointer Dereference.
network
low complexity
netapp fedoraproject opensuse hpe ntp CWE-476
7.5
2019-05-14 CVE-2019-11328 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g.
network
low complexity
sylabs fedoraproject opensuse CWE-732
8.8
2019-05-13 CVE-2019-12083 Out-of-bounds Write vulnerability in multiple products
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety.
network
high complexity
rust-lang fedoraproject opensuse CWE-787
8.1
2019-05-08 CVE-2019-11494 NULL Pointer Dereference vulnerability in multiple products
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command.
network
low complexity
dovecot fedoraproject opensuse CWE-476
7.5
2019-05-08 CVE-2019-11499 In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.
network
low complexity
dovecot fedoraproject opensuse
7.5