CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

Opensuse » Backports » Sle-15 * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-16709 401 2019-09-23 2022-01-01
4.3
 None Remote Medium Not required None None Partial
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
2 CVE-2019-14524 787 Overflow 2019-08-02 2023-03-03
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.
3 CVE-2019-13723 787 2019-11-25 2022-10-14
6.8
 None Remote Medium Not required Partial Partial Partial
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
4 CVE-2019-11328 732 2019-05-14 2023-02-28
9.0
 None Remote Low ??? Complete Complete Complete
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.
5 CVE-2019-10163 770 2019-07-30 2023-02-03
4.0
 None Remote Low ??? None None Partial
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.
6 CVE-2019-5840 362 Bypass 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required None Partial None
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
7 CVE-2019-5839 20 Bypass 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required None Partial None
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
8 CVE-2019-5837 +Info 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required Partial None None
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
9 CVE-2019-5836 787 Overflow 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
10 CVE-2019-5835 125 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required Partial None None
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
11 CVE-2019-5833 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required None Partial None
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
12 CVE-2019-5832 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required Partial None None
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
13 CVE-2019-5831 787 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
14 CVE-2019-5830 2019-06-27 2022-07-29
4.3
 None Remote Medium Not required Partial None None
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
15 CVE-2019-5829 190 Overflow 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
16 CVE-2019-5828 416 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
17 CVE-2019-5827 787 Overflow 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
18 CVE-2019-5824 787 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
19 CVE-2019-5822 Bypass 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
20 CVE-2019-5821 787 Overflow 2019-06-27 2022-07-29
6.8
 None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
21 CVE-2019-5460 415 2019-07-30 2023-03-03
4.3
 None Remote Medium Not required None None Partial
Double Free in VLC versions <= 3.0.6 leads to a crash.
Total number of vulnerabilities : 21   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.