Vulnerabilities > Opensuse > Leap > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	2.6
2019-01-16	CVE-2019-2422	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp redhat debian opensuse hp	3.1
2019-01-16	CVE-2019-2426	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). network high complexity oracle netapp opensuse hp	3.7
2019-01-15	CVE-2018-14662	Improper Authorization vulnerability in multiple products It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. low complexity redhat debian opensuse canonical CWE-285	2.7
2018-12-26	CVE-2018-20482	Infinite Loop vulnerability in multiple products GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root). local gnu debian opensuse CWE-835	1.9
2018-12-20	CVE-2018-20126	Missing Release of Resource after Effective Lifetime vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. local low complexity qemu canonical opensuse CWE-772	2.1
2018-12-06	CVE-2018-19665	Integer Overflow or Wraparound vulnerability in multiple products The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. low complexity qemu opensuse CWE-190	2.7
2018-11-15	CVE-2018-18954	Out-of-bounds Read vulnerability in multiple products The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. local low complexity qemu canonical opensuse CWE-125	2.1
2018-08-10	CVE-2018-6556	Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. local low complexity canonical linuxcontainers suse opensuse CWE-417	2.1
2018-07-10	CVE-2018-1129	Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. low complexity redhat ceph debian opensuse CWE-287	3.3