Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-24 | CVE-2019-6486 | Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks. | Debian_linux, Go, Leap | 8.2 | ||
| 2019-02-01 | CVE-2019-7308 | kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. | Ubuntu_linux, Linux_kernel, Leap | 5.6 | ||
| 2019-02-04 | CVE-2019-1000019 | libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. | Ubuntu_linux, Debian_linux, Fedora, Libarchive, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2019-02-04 | CVE-2019-1000020 | libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file. | Ubuntu_linux, Debian_linux, Fedora, Libarchive, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2019-02-07 | CVE-2019-7572 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-07 | CVE-2019-7573 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-07 | CVE-2019-7574 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-07 | CVE-2019-7575 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-07 | CVE-2019-7576 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-07 | CVE-2019-7577 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 |