Opensuse Leap vulnerabilities
1,896 known vulnerabilities affecting opensuse/leap.
Total CVEs
1,896
CISA KEV
18
actively exploited
Public exploits
57
Exploited in wild
19
Severity breakdown
CRITICAL202HIGH798MEDIUM803LOW93
Vulnerabilities
Page 53 of 95
CVE-2019-13619HIGHCVSS 7.5v15.0v15.12019-07-17
CVE-2019-13619 [HIGH] CWE-119 CVE-2019-13619: In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and relate
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
nvd
CVE-2019-13626MEDIUMCVSS 6.5v15.0v15.12019-07-17
CVE-2019-13626 [MEDIUM] CWE-125 CVE-2019-13626: SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.
nvd
CVE-2019-9849MEDIUMCVSS 4.3v15.0v15.12019-07-17
CVE-2019-9849 [MEDIUM] CVE-2019-9849: LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior t
nvd
CVE-2019-13616HIGHCVSS 8.1v15.0v15.12019-07-16
CVE-2019-13616 [HIGH] CWE-125 CVE-2019-13616: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
nvd
CVE-2019-1010006HIGHCVSS 7.8v15.0v15.12019-07-15
CVE-2019-1010006 [HIGH] CWE-190 CVE-2019-1010006: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The comp
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
nvd
CVE-2019-13602HIGHCVSS 7.8v15.0v15.12019-07-14
CVE-2019-13602 [HIGH] CWE-191 CVE-2019-13602: An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
nvd
CVE-2019-12838CRITICALCVSS 9.8v15.0v15.12019-07-11
CVE-2019-12838 [CRITICAL] CWE-89 CVE-2019-12838: SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
nvd
CVE-2019-12525CRITICALCVSS 9.8v15.0v15.12019-07-11
CVE-2019-12525 [CRITICAL] CWE-787 CVE-2019-12525: An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length m
nvd
CVE-2019-12529MEDIUMCVSS 5.9v15.0v15.12019-07-11
CVE-2019-12529 [MEDIUM] CWE-125 CVE-2019-12529: An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. W
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decodin
nvd
CVE-2019-13454MEDIUMCVSS 6.5v15.0v15.12019-07-09
CVE-2019-13454 [MEDIUM] CWE-369 CVE-2019-13454: ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/l
ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
nvd
CVE-2019-13305HIGHCVSS 7.8v15.0v15.12019-07-05
CVE-2019-13305 [HIGH] CWE-193 CVE-2019-13305: ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
nvd
CVE-2019-13304HIGHCVSS 7.8v15.0v15.12019-07-05
CVE-2019-13304 [HIGH] CWE-787 CVE-2019-13304: ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
nvd
CVE-2019-13299HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13299 [HIGH] CWE-125 CVE-2019-13299: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixe
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
nvd
CVE-2019-13303HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13303 [HIGH] CWE-125 CVE-2019-13303: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeIma
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
nvd
CVE-2019-13308HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13308 [HIGH] CWE-787 CVE-2019-13308: ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
nvd
CVE-2019-13297HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13297 [HIGH] CWE-125 CVE-2019-13297: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThre
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
nvd
CVE-2019-13295HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13295 [HIGH] CWE-125 CVE-2019-13295: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThre
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
nvd
CVE-2019-13302HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13302 [HIGH] CWE-125 CVE-2019-13302: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
nvd
CVE-2019-13298HIGHCVSS 8.8v15.0v15.12019-07-05
CVE-2019-13298 [HIGH] CWE-787 CVE-2019-13298: ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixel
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
nvd
CVE-2019-13306HIGHCVSS 7.8v15.0v15.12019-07-05
CVE-2019-13306 [HIGH] CWE-193 CVE-2019-13306: ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
nvd