Product:

Backports

(Opensuse)
Repositories https://github.com/rdesktop/rdesktop
#Vulnerabilities 96
Date Id Summary Products Score Patch Annotated
2019-05-07 CVE-2019-7443 KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. Fedora, Kauth, Backports, Leap 8.1
2019-05-14 CVE-2019-11328 An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host. Fedora, Backports, Leap, Singularity 8.8
2019-05-23 CVE-2019-5787 Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome, Backports, Leap 8.8
2019-05-23 CVE-2019-5788 An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chrome, Backports, Leap 8.8
2019-05-23 CVE-2019-5789 An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chrome, Backports, Leap 8.8
2019-05-23 CVE-2019-5790 An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chrome, Backports, Leap 8.8