Opensuse Leap vulnerabilities

CVE-2020-26934 [MEDIUM] CWE-79 CVE-2020-26934: phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a cra phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.

CVE-2020-11800 [CRITICAL] CVE-2020-11800: Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary co Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.

CVE-2020-14355 [MEDIUM] CWE-120 CVE-2020-14355: Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression

CVE-2020-26164 [MEDIUM] CWE-400 CVE-2020-26164: In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send craf In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

CVE-2020-25862 [HIGH] CWE-354 CVE-2020-25862: In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. Th In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

CVE-2020-25863 [HIGH] CVE-2020-25863: In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector coul In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

CVE-2020-25643 [HIGH] CWE-20 CVE-2020-25643: A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corru A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well

CVE-2020-25866 [HIGH] CWE-476 CVE-2020-25866: In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dere In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.

CVE-2020-25637 [MEDIUM] CWE-415 CVE-2020-25637: A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsi A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash t

CVE-2020-25641 [MEDIUM] CWE-835 CVE-2020-25641: A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero- A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of se

CVE-2020-8228 [MEDIUM] CWE-840 CVE-2020-8228: A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

CVE-2020-7069 [MEDIUM] CWE-20 CVE-2020-7069: In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.

CVE-2020-7070 [MEDIUM] CWE-20 CVE-2020-7070: In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processin In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. S

CVE-2020-15678 [HIGH] CWE-416 CVE-2020-15678: When recursing through graphical layers while scrolling, an iterator may have become invalid, result When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVE-2020-15673 [HIGH] CWE-416 CVE-2020-15673: Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of t Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVE-2020-15676 [MEDIUM] CWE-79 CVE-2020-15676: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVE-2020-15677 [MEDIUM] CWE-601 CVE-2020-15677: By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site d By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

CVE-2020-26154 [CRITICAL] CWE-120 CVE-2020-26154: url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrate url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-14376 [HIGH] CWE-120 CVE-2020-14376: A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking w A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-14375 [HIGH] CWE-367 CVE-2020-14375: A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, an A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to