Opensuse Leap vulnerabilities

1,896 known vulnerabilities affecting opensuse/leap.

Total CVEs

1,896

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL202HIGH798MEDIUM803LOW93

Vulnerabilities

Page 66 of 95

CVE-2019-7663MEDIUMCVSS 6.5v15.02019-02-09

CVE-2019-7663 [MEDIUM] CVE-2019-7663: An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/ti An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.

nvd

CVE-2019-7665MEDIUMCVSS 5.5v15.0v15.12019-02-09

CVE-2019-7665 [MEDIUM] CWE-125 CVE-2019-7665: In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in el In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.

nvd

CVE-2019-7638HIGHCVSS 8.8v15.0v42.32019-02-08

CVE-2019-7638 [HIGH] CWE-125 CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

nvd

CVE-2019-7637HIGHCVSS 8.8v15.0v15.1+1 more2019-02-08

CVE-2019-7637 [HIGH] CWE-787 CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

nvd

CVE-2019-7636HIGHCVSS 8.1v15.0v42.32019-02-08

CVE-2019-7636 [HIGH] CWE-125 CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

nvd

CVE-2019-7635HIGHCVSS 8.1v15.0v15.1+1 more2019-02-08

CVE-2019-7635 [HIGH] CWE-125 CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

nvd

CVE-2019-7574HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7574 [HIGH] CWE-125 CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

nvd

CVE-2019-7578HIGHCVSS 8.1v15.0v42.32019-02-07

CVE-2019-7578 [HIGH] CWE-125 CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

nvd

CVE-2019-7572HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7572 [HIGH] CWE-125 CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_AD SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

nvd

CVE-2019-7573HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7573 [HIGH] CWE-125 CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

nvd

CVE-2019-7577HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7577 [HIGH] CWE-125 CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_Lo SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

nvd

CVE-2019-7576HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7576 [HIGH] CWE-125 CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-rea SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).

nvd

CVE-2019-7575HIGHCVSS 8.8v15.0v42.32019-02-07

CVE-2019-7575 [HIGH] CWE-787 CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

nvd

CVE-2019-7548HIGHCVSS 7.8v15.0v15.12019-02-06

CVE-2019-7548 [HIGH] CWE-89 CVE-2019-7548: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

nvd

CVE-2019-3820MEDIUMCVSS 4.3v15.0v15.1+1 more2019-02-06

CVE-2019-3820 [MEDIUM] CWE-285 CVE-2019-3820: It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict a It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

nvd

CVE-2018-8795CRITICALCVSS 9.8v15.12019-02-05

CVE-2018-8795 [CRITICAL] CWE-680 CVE-2018-8795: rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

nvd

CVE-2018-8793CRITICALCVSS 9.8v15.12019-02-05

CVE-2018-8793 [CRITICAL] CWE-122 CVE-2018-8793: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_r rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.

nvd

CVE-2018-8800CRITICALCVSS 9.8v15.12019-02-05

CVE-2018-8800 [CRITICAL] CWE-122 CVE-2018-8800: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_cli rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.

nvd

CVE-2018-8797CRITICALCVSS 9.8v15.12019-02-05

CVE-2018-8797 [CRITICAL] CWE-122 CVE-2018-8797: rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function proces rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.

nvd

CVE-2018-8794CRITICALCVSS 9.8v15.12019-02-05

CVE-2018-8794 [CRITICAL] CWE-680 CVE-2018-8794: rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bou rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

nvd

← Previous66 / 95Next →