Vulnerabilities > Opensuse > Leap > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-09 | CVE-2021-26676 | gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. | 3.3 |
2020-10-22 | CVE-2020-27560 | Divide By Zero vulnerability in multiple products ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. | 3.3 |
2020-10-21 | CVE-2020-14779 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 3.7 |
2020-10-21 | CVE-2020-14796 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). | 2.6 |
2020-10-21 | CVE-2020-14798 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). | 2.6 |
2020-09-30 | CVE-2020-14377 | Out-of-bounds Read vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 3.6 |
2020-09-30 | CVE-2020-14378 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. | 3.3 |
2020-09-24 | CVE-2020-26088 | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 2.1 |
2020-09-13 | CVE-2020-25284 | Incorrect Authorization vulnerability in multiple products The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. | 1.9 |
2020-09-02 | CVE-2020-24654 | Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | 3.3 |