Opensuse Leap vulnerabilities

CVE-2019-5832 [MEDIUM] CVE-2019-5832: Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a r Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2019-5823 [MEDIUM] CWE-601 CVE-2019-5823: Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2019-5818 [MEDIUM] CWE-908 CVE-2019-5818: Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obt Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

CVE-2019-5839 [MEDIUM] CWE-20 CVE-2019-5839: Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote atta Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.

CVE-2019-5840 [MEDIUM] CWE-362 CVE-2019-5840: Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remot Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2019-5835 [MEDIUM] CWE-125 CVE-2019-5835: Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attack Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVE-2019-5834 [MEDIUM] CWE-346 CVE-2019-5834: Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attack Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2019-10164 [HIGH] CWE-121 CVE-2019-10164: PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based b PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

CVE-2019-12979 [HIGH] CWE-665 CVE-2019-12979: ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings funct ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

CVE-2019-12975 [MEDIUM] CWE-401 CVE-2019-12975: ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

CVE-2019-12972 [MEDIUM] CWE-125 CVE-2019-12972: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.

CVE-2019-12976 [MEDIUM] CWE-401 CVE-2019-12976: ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.

CVE-2019-12973 [MEDIUM] CVE-2019-12973: In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.

CVE-2019-12817 [HIGH] CWE-787 CVE-2019-12817: arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected.

CVE-2019-9836 [MEDIUM] CWE-327 CVE-2019-9836: Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (P Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.

CVE-2018-20843 [HIGH] CWE-611 CVE-2018-20843: In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colo In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

CVE-2019-12904 [MEDIUM] CWE-668 CVE-2019-12904: In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel att In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because the

CVE-2019-11040 [CRITICAL] CWE-125 CVE-2019-11040: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() functio When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVE-2019-11039 [CRITICAL] CWE-125 CVE-2019-11039: Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3. Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.

CVE-2019-12900 [CRITICAL] CWE-787 CVE-2019-12900: BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.