Vulnerabilities > Opensuse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-13703 | Authentication Bypass by Spoofing vulnerability in multiple products Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2019-11-25 | CVE-2019-13702 | Improper Privilege Management vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. | 7.8 |
| 2019-11-25 | CVE-2019-13701 | Authentication Bypass by Spoofing vulnerability in multiple products Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2019-11-25 | CVE-2019-13700 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-11-25 | CVE-2019-13699 | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-11-25 | CVE-2019-10214 | Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. | 5.9 |
| 2019-11-22 | CVE-2019-18622 | SQL Injection vulnerability in multiple products An issue was discovered in phpMyAdmin before 4.9.2. | 9.8 |
| 2019-11-22 | CVE-2019-10206 | Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. | 6.5 |
| 2019-11-19 | CVE-2019-18934 | OS Command Injection vulnerability in multiple products Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. | 7.3 |
| 2019-11-18 | CVE-2019-19083 | Memory Leak vulnerability in multiple products Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). | 4.7 |