Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-21 | CVE-2020-6488 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6489 | Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6490 | Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6491 | Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-13112 | An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. | Ubuntu_linux, Debian_linux, Libexif, Leap | 9.1 | ||
| 2020-05-21 | CVE-2020-13114 | An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. | Ubuntu_linux, Libexif, Leap | 7.5 | ||
| 2020-05-21 | CVE-2020-13113 | An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. | Ubuntu_linux, Debian_linux, Libexif, Leap | 8.2 | ||
| 2020-05-21 | CVE-2020-12693 | Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user. | Debian_linux, Fedora, Leap, Slurm | 8.1 | ||
| 2020-05-22 | CVE-2020-13396 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 7.1 | ||
| 2020-05-22 | CVE-2020-13397 | An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. | Ubuntu_linux, Debian_linux, Freerdp, Leap | 5.5 |