Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-23 | CVE-2019-5800 | Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5801 | Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5802 | Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | Chrome, Backports_sle, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5803 | Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5804 | Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. | Chrome, Backports, Leap | 5.5 | ||
| 2019-05-28 | CVE-2019-5436 | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | Debian_linux, Traffix_signaling_delivery_controller, Fedora, Libcurl, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_manager_ops_center, Mysql_server, Oss_support_tools | 7.8 | ||
| 2019-05-29 | CVE-2019-12447 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. | Ubuntu_linux, Fedora, Gvfs, Leap | 7.3 | ||
| 2019-05-29 | CVE-2019-12449 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. | Ubuntu_linux, Fedora, Gvfs, Leap | 5.7 | ||
| 2019-05-29 | CVE-2019-12450 | file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. | Ubuntu_linux, Debian_linux, Fedora, Glib, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus | 9.8 | ||
| 2019-05-30 | CVE-2019-8457 | SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. | Ubuntu_linux, Fedora, Leap, Sqlite | 9.8 |