Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2019-05-30 CVE-2019-8457 Out-of-bounds Read vulnerability in multiple products
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
network
low complexity
sqlite canonical opensuse fedoraproject CWE-125
critical
 9.8
9.8
2019-05-29 CVE-2019-12450 Incorrect Default Permissions vulnerability in multiple products
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress.
network
low complexity
gnome debian redhat canonical opensuse fedoraproject CWE-276
critical
 9.8
9.8
2019-05-29 CVE-2019-12449 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
network
low complexity
gnome canonical opensuse fedoraproject CWE-755
5.7
5.7
2019-05-29 CVE-2019-12447 An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
network
low complexity
gnome canonical opensuse fedoraproject
7.3
7.3
2019-05-28 CVE-2019-5436 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. 		7.8
7.8
2019-05-23 CVE-2019-5804 Argument Injection or Modification vulnerability in multiple products
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.
local
low complexity
google opensuse CWE-88
5.5
5.5
2019-05-23 CVE-2019-5803 Improper Input Validation vulnerability in multiple products
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
network
low complexity
google opensuse CWE-20
6.5
6.5
2019-05-23 CVE-2019-5802 Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
network
low complexity
google opensuse
6.5
6.5
2019-05-23 CVE-2019-5801 Improper Input Validation vulnerability in multiple products
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
network
low complexity
google opensuse CWE-20
6.5
6.5
2019-05-23 CVE-2019-5800 Improper Input Validation vulnerability in multiple products
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
network
low complexity
google opensuse CWE-20
6.5
6.5