Opensuse - Backports CVE

Filtered by vendor Opensuse Subscribe

Filtered by product Backports

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 23 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-5823	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2022-07-29	5.8 MEDIUM	5.4 MEDIUM
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-5830	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2022-07-29	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5832	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2022-07-29	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5833	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Android and 3 more	2022-07-29	4.3 MEDIUM	4.3 MEDIUM
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
CVE-2019-5835	3 Fedoraproject, Google, Opensuse	4 Fedora, Chrome, Backports and 1 more	2022-07-29	4.3 MEDIUM	6.5 MEDIUM
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2019-5837	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2022-07-29	4.3 MEDIUM	6.5 MEDIUM
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5839	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2022-07-29	4.3 MEDIUM	4.3 MEDIUM
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
CVE-2019-5840	5 Apple, Debian, Fedoraproject and 2 more	6 Iphone Os, Debian Linux, Fedora and 3 more	2022-07-29	4.3 MEDIUM	4.3 MEDIUM
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-46142	4 Debian, Fedoraproject, Opensuse and 1 more	7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more	2022-02-05	4.3 MEDIUM	5.5 MEDIUM
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
CVE-2021-46141	4 Debian, Fedoraproject, Opensuse and 1 more	7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more	2022-02-05	4.3 MEDIUM	5.5 MEDIUM
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
CVE-2019-16709	3 Canonical, Imagemagick, Opensuse	4 Ubuntu Linux, Imagemagick, Backports and 1 more	2022-01-01	4.3 MEDIUM	6.5 MEDIUM
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVE-2019-13711	2 Google, Opensuse	2 Chrome, Backports	2022-01-01	5.0 MEDIUM	5.3 MEDIUM
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13713	2 Google, Opensuse	2 Chrome, Backports	2022-01-01	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13707	2 Google, Opensuse	2 Chrome, Backports	2022-01-01	4.3 MEDIUM	5.5 MEDIUM
Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.
CVE-2019-13705	2 Google, Opensuse	2 Chrome, Backports	2022-01-01	4.3 MEDIUM	4.3 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.
CVE-2019-20053	2 Opensuse, Upx Project	3 Backports, Leap, Upx	2022-01-01	4.3 MEDIUM	5.5 MEDIUM
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
CVE-2020-5202	3 Apt-cacher-ng Project, Debian, Opensuse	4 Apt-cacher-ng, Debian Linux, Backports and 1 more	2022-01-01	2.1 LOW	5.5 MEDIUM
apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.
CVE-2019-15624	3 Nextcloud, Opensuse, Suse	3 Nextcloud Server, Backports, Suse Linux Enterprise Server	2022-01-01	4.0 MEDIUM	4.9 MEDIUM
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
CVE-2020-6610	2 Gnu, Opensuse	3 Libredwg, Backports, Leap	2022-01-01	4.3 MEDIUM	6.5 MEDIUM
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
CVE-2019-5838	3 Fedoraproject, Google, Opensuse	4 Fedora, Chrome, Backports and 1 more	2021-07-21	4.3 MEDIUM	4.3 MEDIUM
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
CVE-2019-5834	3 Fedoraproject, Google, Opensuse	4 Fedora, Chrome, Backports and 1 more	2021-07-21	4.3 MEDIUM	6.5 MEDIUM
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5818	3 Fedoraproject, Google, Opensuse	4 Fedora, Chrome, Backports and 1 more	2020-08-24	4.3 MEDIUM	6.5 MEDIUM
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
CVE-2019-5814	3 Fedoraproject, Google, Opensuse	4 Fedora, Chrome, Backports and 1 more	2020-08-24	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Vulnerabilities (CVE)

CVSS v3 Filter

Search