Suse Linux Enterprise Server vulnerabilities

CVE-2019-18901 [MEDIUM] CWE-59 CVE-2019-18901: A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb pa A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE

CVE-2020-8013 [LOW] CWE-59 CVE-2020-8013: A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12 A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation i

CVE-2014-1947 [HIGH] CWE-787 CVE-2014-1947: Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and e Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.

CVE-2006-7246 [MEDIUM] CWE-295 CVE-2006-7246: NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

CVE-2015-5239 [MEDIUM] CWE-835 CVE-2015-5239: Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial o Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

CVE-2010-3782 [HIGH] CWE-863 CVE-2010-3782: obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api impleme obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.

CVE-2012-6639 [HIGH] CWE-269 CVE-2012-6639: An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVE-2016-5285 [HIGH] CWE-476 CVE-2016-5285: A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missin A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

CVE-2019-11038 [MEDIUM] CWE-457 CVE-2019-11038: When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the s

CVE-2017-16232 [HIGH] CWE-772 CVE-2017-16232: LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of s LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

CVE-2018-16874 [HIGH] CWE-20 CVE-2018-16874: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traver In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cm

CVE-2018-16873 [HIGH] CWE-20 CVE-2018-16873: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code exec In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://

CVE-2018-19540 [HIGH] CWE-787 CVE-2018-19540: An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14 An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0

CVE-2018-19543 [HIGH] CWE-125 CVE-2018-19543: An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the fu An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

CVE-2018-19541 [HIGH] CWE-125 CVE-2018-19541: An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14 An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0

CVE-2018-19542 [MEDIUM] CWE-476 CVE-2018-19542: An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_de An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

CVE-2018-19539 [MEDIUM] CWE-617 CVE-2018-19539: An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_rea An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.

CVE-2018-18873 [MEDIUM] CWE-476 CVE-2018-18873: An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_pu An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

CVE-2018-18584 [MEDIUM] CWE-787 CVE-2018-18584: In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer i In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

CVE-2018-18585 [MEDIUM] CWE-476 CVE-2018-18585: chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).