Opensuse Leap vulnerabilities

CVE-2020-8933 [CRITICAL] CWE-276 CVE-2020-8933: A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allo A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an lxc container, it is possible to attach the host OS

CVE-2020-8907 [CRITICAL] CWE-276 CVE-2020-8907: A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allo A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and mount the host OS. Within docker, it is possible to modi

CVE-2020-8903 [HIGH] CWE-276 CVE-2020-8903: A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allo A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the systemd journal. Using the DHCP XID, it is then possible

CVE-2020-4031 [HIGH] CWE-416 CVE-2020-4031: In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

CVE-2020-4032 [MEDIUM] CWE-681 CVE-2020-4032: In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_ In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.

CVE-2020-11095 [MEDIUM] CWE-125 CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory locati In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.

CVE-2020-11097 [MEDIUM] CWE-125 CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory locati In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.

CVE-2020-11098 [MEDIUM] CWE-125 CVE-2020-11098: In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.

CVE-2020-4030 [MEDIUM] CWE-125 CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass s In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.

CVE-2020-11096 [MEDIUM] CWE-125 CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.

CVE-2020-11099 [MEDIUM] CWE-125 CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_licen In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.

CVE-2020-4033 [MEDIUM] CWE-125 CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.

CVE-2020-14954 [MEDIUM] CWE-74 CVE-2020-14954: Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

CVE-2020-8165 [CRITICAL] CWE-502 CVE-2020-8165: A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.

CVE-2020-8164 [HIGH] CWE-502 CVE-2020-8164: A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which c A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.

CVE-2017-9104 [CRITICAL] CWE-400 CVE-2017-9104: An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.

CVE-2017-9103 [CRITICAL] CWE-119 CVE-2017-9103: An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__f An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling program, leaking aspects of the contents of some of its

CVE-2017-9109 [CRITICAL] CWE-119 CVE-2017-9109: An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first R An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (o

CVE-2017-9108 [HIGH] CWE-119 CVE-2017-9108: An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashin

CVE-2020-14416 [MEDIUM] CWE-362 CVE-2020-14416: In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.