Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-22 | CVE-2020-4031 | In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2. | Ubuntu_linux, Debian_linux, Fedora, Freerdp, Leap | 7.5 | ||
| 2020-06-22 | CVE-2020-4032 | In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. | Ubuntu_linux, Debian_linux, Fedora, Freerdp, Leap | 4.3 | ||
| 2020-06-22 | CVE-2020-4033 | In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2. | Ubuntu_linux, Debian_linux, Fedora, Freerdp, Leap | 6.5 | ||
| 2020-06-24 | CVE-2020-12861 | A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. | Ubuntu_linux, Leap, Sane_backends | 8.8 | ||
| 2020-06-24 | CVE-2020-12862 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. | Ubuntu_linux, Debian_linux, Leap, Sane_backends | 4.3 | ||
| 2020-06-24 | CVE-2020-12863 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | Ubuntu_linux, Debian_linux, Leap, Sane_backends | 4.3 | ||
| 2020-06-24 | CVE-2020-12864 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. | Ubuntu_linux, Leap, Sane_backends | 4.3 | ||
| 2020-06-24 | CVE-2020-12865 | A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | Ubuntu_linux, Debian_linux, Leap, Sane_backends | 8.0 | ||
| 2020-06-24 | CVE-2020-12866 | A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | Ubuntu_linux, Leap, Sane_backends | 5.7 | ||
| 2020-06-24 | CVE-2020-15025 | ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. | 8300_firmware, 8700_firmware, A400_firmware, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Steelstore_cloud_integrated_storage, Ntp, Leap, Zfs_storage_appliance_kit | 4.9 |