Vulnerabilities > Opensuse > Leap > Low

DATE CVE VULNERABILITY TITLE RISK
2021-02-09 CVE-2021-26676 gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
low complexity
intel debian opensuse
3.3
3.3
2020-10-22 CVE-2020-27560 Divide By Zero vulnerability in multiple products
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
local
low complexity
imagemagick debian opensuse CWE-369
3.3
3.3
2020-10-21 CVE-2020-14779 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
network
high complexity
oracle debian fedoraproject opensuse netapp
3.7
3.7
2020-10-21 CVE-2020-14796 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp opensuse debian
2.6
2.6
2020-10-21 CVE-2020-14798 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian opensuse
2.6
2.6
2020-09-30 CVE-2020-14377 Out-of-bounds Read vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk canonical opensuse CWE-125
3.6
3.6
2020-09-30 CVE-2020-14378 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop.
local
low complexity
dpdk opensuse canonical CWE-191
3.3
3.3
2020-09-24 CVE-2020-26088 Incorrect Default Permissions vulnerability in multiple products
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
local
low complexity
linux debian opensuse canonical CWE-276
2.1
2.1
2020-09-13 CVE-2020-25284 Incorrect Authorization vulnerability in multiple products
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. 		1.9
1.9
2020-09-02 CVE-2020-24654 Link Following vulnerability in multiple products
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. 		3.3
3.3