Opensuse Leap vulnerabilities

CVE-2020-11863 [MEDIUM] CVE-2020-11863: libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).

CVE-2020-11864 [MEDIUM] CVE-2020-11864: libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).

CVE-2020-12771 [MEDIUM] CWE-667 CVE-2020-12771: An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/b An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

CVE-2020-12767 [MEDIUM] CWE-369 CVE-2020-12767: exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

CVE-2020-12769 [MEDIUM] CWE-662 CVE-2020-12769: An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

CVE-2020-10690 [MEDIUM] CWE-416 CVE-2020-10690: There is a use-after-free in kernel versions before 5.5 due to a race condition between the release There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition

CVE-2020-10704 [HIGH] CWE-674 CVE-2020-10704: A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba han A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samb

CVE-2020-12672 [HIGH] CWE-787 CVE-2020-12672: GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

CVE-2020-12108 [MEDIUM] CWE-74 CVE-2020-12108: /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.

CVE-2020-12653 [HIGH] CWE-787 CVE-2020-12653: An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drive An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.

CVE-2020-12656 [MEDIUM] CWE-401 CVE-2020-12656: gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel mod

CVE-2020-12641 [CRITICAL] CWE-78 CVE-2020-12641: rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via she rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

CVE-2020-12640 [CRITICAL] CWE-22 CVE-2020-12640: Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via director Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

CVE-2020-10700 [MEDIUM] CWE-416 CVE-2020-10700: A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

CVE-2020-12625 [MEDIUM] CWE-79 CVE-2020-12625: An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vul An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.

CVE-2020-10683 [CRITICAL] CWE-611 CVE-2020-10683: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, whi dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

CVE-2020-11651 [CRITICAL] CVE-2020-11651: An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master pr An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

CVE-2020-11652 [MEDIUM] CWE-22 CVE-2020-11652: An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master pr An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.

CVE-2020-11022 [MEDIUM] CWE-79 CVE-2020-11022: In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sa In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-12243 [HIGH] CWE-674 CVE-2020-12243: In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).