The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SLES

computer threat bulletin CVE-2019-16713

ImageMagick: memory leak via PingImage

Synthesis of the vulnerability

An attacker can create a memory leak via PingImage() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/11/2019.
Identifiers: CVE-2019-16713, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, USN-4192-1, VIGILANCE-VUL-30786.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via PingImage() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2019-16712

ImageMagick: memory leak via WritePS3Image

Synthesis of the vulnerability

An attacker can create a memory leak via WritePS3Image() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/11/2019.
Identifiers: CVE-2019-16712, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, VIGILANCE-VUL-30785.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via WritePS3Image() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2019-16711

ImageMagick: memory leak via Huffman2DEncodeImage

Synthesis of the vulnerability

An attacker can create a memory leak via Huffman2DEncodeImage() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/11/2019.
Identifiers: CVE-2019-16711, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, USN-4192-1, VIGILANCE-VUL-30784.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via Huffman2DEncodeImage() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2019-16710

ImageMagick: memory leak via AcquireMagickMemory

Synthesis of the vulnerability

An attacker can create a memory leak via AcquireMagickMemory() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/11/2019.
Identifiers: CVE-2019-16710, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, USN-4192-1, VIGILANCE-VUL-30783.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via AcquireMagickMemory() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-16708

ImageMagick: memory leak via XCreateImage

Synthesis of the vulnerability

An attacker can create a memory leak via XCreateImage() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/11/2019.
Identifiers: CVE-2019-16708, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, USN-4192-1, VIGILANCE-VUL-30782.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via XCreateImage() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-18423

Xen: denial of service via add-to-physmap

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via add-to-physmap of Xen, in order to trigger a denial of service on the host system.
Severity: 1/4.
Creation date: 31/10/2019.
Identifiers: CERTFR-2019-AVI-541, CVE-2019-18423, SUSE-SU-2019:2961-1, VIGILANCE-VUL-30759, XSA-301.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via add-to-physmap of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2019-18420

Xen: assertion error via VCPUOP_initialise

Synthesis of the vulnerability

An attacker, inside a guest system, can force an assertion error via VCPUOP_initialise() of Xen, in order to trigger a denial of service on the host system.
Severity: 1/4.
Creation date: 31/10/2019.
Identifiers: CERTFR-2019-AVI-541, CERTFR-2019-AVI-543, CTX263477, CVE-2019-18420, openSUSE-SU-2019:2506-1, SUSE-SU-2019:2960-1, SUSE-SU-2019:2961-1, SUSE-SU-2019:2962-1, VIGILANCE-VUL-30757, XSA-296.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can force an assertion error via VCPUOP_initialise() of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2019-14857

mod_auth_openidc: open redirect via Logout Backslashes Url

Synthesis of the vulnerability

An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Severity: 1/4.
Creation date: 28/10/2019.
Identifiers: CVE-2019-14857, DLA-1996-1, FEDORA-2019-23638d42f3, FEDORA-2019-7b06f18a10, openSUSE-SU-2019:2499-1, SUSE-SU-2019:2934-1, SUSE-SU-2019:2935-1, VIGILANCE-VUL-30724.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce CVE-2019-16709

ImageMagick: memory leak via XCreateImage

Synthesis of the vulnerability

An attacker can create a memory leak via XCreateImage() of ImageMagick, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 16/10/2019.
Identifiers: CVE-2019-16709, openSUSE-SU-2019:2317-1, openSUSE-SU-2019:2321-1, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, USN-4192-1, VIGILANCE-VUL-30642.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a memory leak via XCreateImage() of ImageMagick, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2018-20651

libbfd: NULL pointer dereference via elf_link_add_object_symbols

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via elf_link_add_object_symbols() of libbfd, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 15/10/2019.
Identifiers: CVE-2018-20651, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, SSB-439005, SUSE-SU-2019:2650-1, VIGILANCE-VUL-30625.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via elf_link_add_object_symbols() of libbfd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SLES: