Vulnerabilities > Opensuse > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-13753 | Improper Input Validation vulnerability in multiple products The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. | 10.0 |
| 2020-06-30 | CVE-2017-18922 | Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical | 9.8 |
| 2020-06-29 | CVE-2019-3681 | Unspecified vulnerability in Opensuse OSC 0.162.115.9.1/0.169.0/0.169.13.20.1 A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. | 9.8 |
| 2020-06-22 | CVE-2020-14983 | Classic Buffer Overflow vulnerability in multiple products The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. | 9.8 |
| 2020-06-19 | CVE-2020-8165 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | 9.8 |
| 2020-06-18 | CVE-2017-9104 | Resource Exhaustion vulnerability in multiple products An issue was discovered in adns before 1.5.2. | 9.8 |
| 2020-06-18 | CVE-2017-9103 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. | 9.8 |
| 2020-06-18 | CVE-2017-9109 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. | 9.8 |
| 2020-06-03 | CVE-2020-6493 | Use After Free vulnerability in multiple products Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2020-05-26 | CVE-2020-6831 | Out-of-bounds Write vulnerability in multiple products A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. | 9.8 |