Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports
(Opensuse)| Repositories | https://github.com/rdesktop/rdesktop |
| #Vulnerabilities | 96 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-22 | CVE-2020-14983 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. | Chocolate_doom, Crispy_doom, Backports, Leap | 9.8 | ||
| 2020-07-17 | CVE-2020-15803 | Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | Debian_linux, Fedora, Backports, Leap, Zabbix | 6.1 | ||
| 2022-01-06 | CVE-2021-46141 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
| 2022-01-06 | CVE-2021-46142 | An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports, Factory, Leap, Uriparser | 5.5 | ||
| 2022-02-19 | CVE-2021-45082 | An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) | Cobbler, Fedora, Backports, Factory, Linux_enterprise_server | 7.8 | ||
| 2019-05-07 | CVE-2019-7443 | KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. | Fedora, Kauth, Backports, Leap | 8.1 | ||
| 2019-05-14 | CVE-2019-11328 | An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host. | Fedora, Backports, Leap, Singularity | 8.8 | ||
| 2019-05-23 | CVE-2019-5787 | Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Chrome, Backports, Leap | 8.8 | ||
| 2019-05-23 | CVE-2019-5788 | An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | Chrome, Backports, Leap | 8.8 | ||
| 2019-05-23 | CVE-2019-5789 | An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | Chrome, Backports, Leap | 8.8 |