Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-23 | CVE-2019-5798 | Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | Ubuntu_linux, Debian_linux, Chrome, Backports, Leap, Enterprise_linux, Package_hub | 6.5 | ||
| 2019-05-23 | CVE-2019-5799 | Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5800 | Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5801 | Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5802 | Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | Chrome, Backports_sle, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5803 | Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Chrome, Backports, Leap | 6.5 | ||
| 2019-05-23 | CVE-2019-5804 | Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. | Chrome, Backports, Leap | 5.5 | ||
| 2019-05-28 | CVE-2019-5436 | A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | Debian_linux, Traffix_signaling_delivery_controller, Fedora, Libcurl, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_manager_ops_center, Mysql_server, Oss_support_tools | 7.8 | ||
| 2019-05-29 | CVE-2019-12447 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. | Ubuntu_linux, Fedora, Gvfs, Leap | 7.3 | ||
| 2019-05-29 | CVE-2019-12449 | An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. | Ubuntu_linux, Fedora, Gvfs, Leap | 5.7 |