Filtered by vendor Opensuse
Subscribe
Search
Total
844 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5057 | 2 Libsdl, Opensuse | 3 Sdl2 Image, Backports Sle, Leap | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2019-5058 | 2 Libsdl, Opensuse | 3 Sdl2 Image, Backports Sle, Leap | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2019-5060 | 2 Libsdl, Opensuse | 3 Sdl2 Image, Backports Sle, Leap | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2019-5052 | 4 Canonical, Debian, Libsdl and 1 more | 5 Ubuntu Linux, Debian Linux, Sdl2 Image and 2 more | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability. | |||||
| CVE-2016-9842 | 7 Apple, Canonical, Debian and 4 more | 18 Iphone Os, Mac Os X, Tvos and 15 more | 2022-06-22 | 6.8 MEDIUM | 8.8 HIGH |
| The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |||||
| CVE-2016-9840 | 7 Apple, Canonical, Debian and 4 more | 18 Iphone Os, Mac Os X, Tvos and 15 more | 2022-06-22 | 6.8 MEDIUM | 8.8 HIGH |
| inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |||||
| CVE-2015-7547 | 10 Canonical, Debian, F5 and 7 more | 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more | 2022-06-20 | 6.8 MEDIUM | 8.1 HIGH |
| Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | |||||
| CVE-2019-5163 | 2 Opensuse, Shadowsocks | 3 Backports, Leap, Shadowsocks-libev | 2022-06-17 | 4.3 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability. | |||||
| CVE-2019-5164 | 2 Opensuse, Shadowsocks | 3 Backports Sle, Leap, Shadowsocks-libev | 2022-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability. | |||||
| CVE-2020-25829 | 2 Opensuse, Powerdns | 3 Backports Sle, Leap, Recursor | 2022-06-15 | 5.0 MEDIUM | 7.5 HIGH |
| An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process). | |||||
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | |||||
| CVE-2018-20546 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-06-13 | 5.8 MEDIUM | 8.1 HIGH |
| There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. | |||||
| CVE-2018-20545 | 4 Canonical, Fedoraproject, Libcaca Project and 1 more | 4 Ubuntu Linux, Fedora, Libcaca and 1 more | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. | |||||
| CVE-2019-13565 | 7 Apple, Canonical, Debian and 4 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. | |||||
| CVE-2020-8620 | 4 Canonical, Isc, Netapp and 1 more | 4 Ubuntu Linux, Bind, Steelstore Cloud Integrated Storage and 1 more | 2022-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. | |||||
| CVE-2020-4031 | 4 Canonical, Fedoraproject, Freerdp and 1 more | 4 Ubuntu Linux, Fedora, Freerdp and 1 more | 2022-06-01 | 4.3 MEDIUM | 7.5 HIGH |
| In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2. | |||||
| CVE-2019-9771 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c. | |||||
| CVE-2019-9773 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension. | |||||
| CVE-2019-9772 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec. | |||||
| CVE-2019-9777 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec. | |||||
| CVE-2019-9776 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779). | |||||
| CVE-2019-9778 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec. | |||||
| CVE-2019-9779 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776). | |||||
| CVE-2019-9770 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension. | |||||
| CVE-2019-10185 | 3 Debian, Icedtea-web Project, Opensuse | 3 Debian Linux, Icedtea-web, Leap | 2022-05-25 | 6.4 MEDIUM | 8.6 HIGH |
| It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. | |||||
| CVE-2019-10181 | 3 Debian, Icedtea-web Project, Opensuse | 3 Debian Linux, Icedtea-web, Leap | 2022-05-25 | 6.8 MEDIUM | 8.1 HIGH |
| It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox. | |||||
| CVE-2020-8813 | 4 Cacti, Fedoraproject, Opensuse and 1 more | 5 Cacti, Fedora, Suse Linux Enterprise Server and 2 more | 2022-05-24 | 9.3 HIGH | 8.8 HIGH |
| graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. | |||||
| CVE-2020-8201 | 3 Fedoraproject, Nodejs, Opensuse | 3 Fedora, Node.js, Leap | 2022-05-24 | 5.8 MEDIUM | 7.4 HIGH |
| Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. | |||||
| CVE-2020-8252 | 3 Fedoraproject, Nodejs, Opensuse | 3 Fedora, Node.js, Leap | 2022-05-24 | 4.6 MEDIUM | 7.8 HIGH |
| The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes. | |||||
| CVE-2020-8233 | 2 Opensuse, Ui | 14 Backports Sle, Leap, Edgeswitch Firmware and 11 more | 2022-05-24 | 9.0 HIGH | 8.8 HIGH |
| A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. | |||||
| CVE-2020-8164 | 3 Debian, Opensuse, Rubyonrails | 4 Debian Linux, Backports Sle, Leap and 1 more | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | |||||
| CVE-2021-26675 | 3 Debian, Intel, Opensuse | 3 Debian Linux, Connman, Leap | 2022-05-23 | 5.8 MEDIUM | 8.8 HIGH |
| A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. | |||||
| CVE-2019-2602 | 3 Opensuse, Oracle, Redhat | 4 Leap, Jdk, Jre and 1 more | 2022-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2020-6097 | 3 Atftp Project, Debian, Opensuse | 3 Atftp, Debian Linux, Leap | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | |||||
| CVE-2020-6095 | 2 Gstreamer Project, Opensuse | 3 Gst-rtsp-server, Backports Sle, Leap | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2020-13935 | 7 Apache, Canonical, Debian and 4 more | 18 Tomcat, Ubuntu Linux, Debian Linux and 15 more | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. | |||||
| CVE-2020-10878 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 17 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 14 more | 2022-05-12 | 7.5 HIGH | 8.6 HIGH |
| Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. | |||||
| CVE-2020-10543 | 4 Fedoraproject, Opensuse, Oracle and 1 more | 15 Fedora, Leap, Communications Billing And Revenue Management and 12 more | 2022-05-12 | 6.4 MEDIUM | 8.2 HIGH |
| Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. | |||||
| CVE-2020-11080 | 5 Debian, Fedoraproject, Nghttp2 and 2 more | 9 Debian Linux, Fedora, Nghttp2 and 6 more | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection. | |||||
| CVE-2020-12723 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | |||||
| CVE-2022-21949 | 1 Opensuse | 1 Open Build Service | 2022-05-10 | 9.0 HIGH | 8.8 HIGH |
| A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in certain operations. This can be used to gain information from the server that can be abused to escalate to Admin privileges on OBS. This issue affects: SUSE Open Build Service Open Build Service versions prior to 2.10.13. | |||||
| CVE-2021-41819 | 6 Debian, Fedoraproject, Opensuse and 3 more | 9 Debian Linux, Fedora, Factory and 6 more | 2022-05-08 | 5.0 MEDIUM | 7.5 HIGH |
| CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | |||||
| CVE-2019-10895 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation. | |||||
| CVE-2019-10899 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. | |||||
| CVE-2020-6448 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-11741 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2022-05-03 | 6.9 MEDIUM | 8.8 HIGH |
| An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out. | |||||
| CVE-2020-6454 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-05-03 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | |||||
| CVE-2020-11739 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2022-05-03 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to re-order the memory access with the preceding ones. In other words, the unlock may be seen by another processor before all the memory accesses within the "critical" section. As a consequence, it may be possible to have a writer executing a critical section at the same time as readers or another writer. In other words, many of the assumptions (e.g., a variable cannot be modified after a check) in the critical sections are not safe anymore. The read-write locks are used in hypercalls (such as grant-table ones), so a malicious guest could exploit the race. For instance, there is a small window where Xen can leak memory if XENMAPSPACE_grant_table is used concurrently. A malicious guest may be able to leak memory, or cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded. | |||||
| CVE-2020-15567 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2022-05-03 | 4.4 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable. | |||||
| CVE-2020-12416 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2022-05-03 | 9.3 HIGH | 8.8 HIGH |
| A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78. | |||||