Opensuse Leap vulnerabilities

CVE-2020-2907 [HIGH] CWE-20 CVE-2020-2907: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualB

CVE-2020-2929 [HIGH] CVE-2020-2929: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Succes

CVE-2020-2816 [HIGH] CVE-2020-2816: Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that ar Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification acc

CVE-2020-2911 [HIGH] CVE-2020-2911: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Whi

CVE-2020-2905 [HIGH] CVE-2020-2905: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While

CVE-2020-2958 [HIGH] CVE-2020-2958: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Whi

CVE-2020-2959 [HIGH] CVE-2020-2959: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via MLD to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM Virtua

CVE-2020-2830 [MEDIUM] CVE-2020-2830: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). S Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successfu

CVE-2020-2814 [MEDIUM] CVE-2020-2814: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can res

CVE-2020-2781 [MEDIUM] CVE-2020-2781: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supporte Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vu

CVE-2020-2812 [MEDIUM] CVE-2020-2812: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Sup Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vul

CVE-2020-2767 [MEDIUM] CVE-2020-2767: Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that ar Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to

CVE-2020-2951 [MEDIUM] CVE-2020-2951: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Whil

CVE-2019-12521 [MEDIUM] CWE-193 CVE-2019-12521: An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements i An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Hea

CVE-2020-2743 [MEDIUM] CWE-125 CVE-2020-2743: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM Virtual

CVE-2020-2910 [MEDIUM] CVE-2020-2910: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerabili

CVE-2020-2760 [MEDIUM] CVE-2020-2760: Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorize

CVE-2020-2894 [MEDIUM] CVE-2020-2894: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Whi

CVE-2020-2752 [MEDIUM] CVE-2020-2752: Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions tha Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can res

CVE-2020-2800 [MEDIUM] CVE-2020-2800: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTT Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embed