Vulnerabilities > Opensuse > Leap > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2019-17021 | Race Condition vulnerability in multiple products During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. | 5.3 |
| 2020-01-08 | CVE-2020-6615 | NULL Pointer Dereference vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | 6.5 |
| 2020-01-08 | CVE-2020-6611 | NULL Pointer Dereference vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | 6.5 |
| 2020-01-08 | CVE-2020-6610 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | 6.5 |
| 2020-01-08 | CVE-2019-5188 | Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. | 6.7 |
| 2020-01-06 | CVE-2019-18179 | An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. | 4.3 |
| 2020-01-03 | CVE-2019-5846 | Out-of-bounds Write vulnerability in multiple products Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-03 | CVE-2019-5845 | Out-of-bounds Write vulnerability in multiple products Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-03 | CVE-2019-5844 | Out-of-bounds Write vulnerability in multiple products Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-02 | CVE-2019-14864 | Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. | 6.5 |