The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of openSUSE Leap

SUSE LE: file corruption via trousers
A local attacker can create a symbolic link during the installation or the update of the trousers package, in order to alter the pointed file, with root privileges...
1157651, CVE-2019-18898, openSUSE-SU-2020:0015-1, SUSE-SU-2019:3349-1, VIGILANCE-VUL-31195
Apache Tomcat: privilege escalation via FORM authentication session fixation
An attacker can bypass restrictions via FORM authentication session fixation of Apache Tomcat, in order to escalate his privileges...
CERTFR-2019-AVI-643, CVE-2019-17563, DSA-4596-1, K24551552, openSUSE-SU-2020:0038-1, SUSE-SU-2020:0029-1, SUSE-SU-2020:0226-1, VIGILANCE-VUL-31188
Xen: denial of service via Debug Exceptions Blocked States
An attacker can trigger a fatal error via Debug Exceptions Blocked States of Xen, in order to trigger a denial of service...
CERTFR-2019-AVI-628, CERTFR-2019-AVI-630, CTX266932, CVE-2019-19583, DSA-4602-1, FEDORA-2019-2e12bd3a9a, openSUSE-SU-2020:0011-1, SUSE-SU-2019:3296-1, SUSE-SU-2019:3297-1, SUSE-SU-2019:3309-1, SUSE-SU-2019:3310-1, SUSE-SU-2019:3338-1, VIGILANCE-VUL-31124, XSA-308
Linux kernel: memory leak via netdev_register_kobject
An attacker can create a memory leak via netdev_register_kobject() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2019-AVI-612, CERTFR-2019-AVI-635, CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2020-AVI-029, CVE-2019-15916, openSUSE-SU-2019:2675-1, RHSA-2019:3309-01, RHSA-2019:3517-01, SSB-439005, SUSE-SU-2019:3200-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3294-1, SUSE-SU-2019:3295-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3371-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3381-1, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31092
OpenSSL: information disclosure via Montgomery Squaring rsaz_512_sqr Overflow
An attacker can bypass access restrictions to data via Montgomery Squaring rsaz_512_sqr() Overflow of OpenSSL, in order to obtain sensitive information...
CERTFR-2019-AVI-611, CVE-2019-1551, DSA-4594-1, openSUSE-SU-2020:0062-1, SSA:2019-354-01, SSB-439005, SUSE-SU-2020:0002-1, SUSE-SU-2020:0028-1, SUSE-SU-2020:0064-1, SUSE-SU-2020:0069-1, SUSE-SU-2020:0099-1, VIGILANCE-VUL-31088
OpenCV: denial of service via cv-HOGDescriptor-getDescriptorSize
An attacker can trigger a fatal error via cv::HOGDescriptor::getDescriptorSize() of OpenCV, in order to trigger a denial of service...
CVE-2019-15939, openSUSE-SU-2019:2671-1, SUSE-SU-2019:3192-1, VIGILANCE-VUL-31080
Linux kernel: information disclosure via drivers/net/can/usb/peak_usb/pcan_usb_pro.c
A local attacker can read a memory fragment via drivers/net/can/usb/peak_usb/pcan_usb_pro.c of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2019-AVI-655, CERTFR-2020-AVI-029, CVE-2019-19536, DLA-2068-1, openSUSE-SU-2019:2675-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2019:3389-1, SUSE-SU-2020:0093-1, VIGILANCE-VUL-31055
Linux kernel: information disclosure via drivers/net/can/usb/peak_usb/pcan_usb_core.c
A local attacker can read a memory fragment via drivers/net/can/usb/peak_usb/pcan_usb_core.c of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2019-AVI-655, CERTFR-2020-AVI-005, CERTFR-2020-AVI-013, CERTFR-2020-AVI-029, CERTFR-2020-AVI-046, CVE-2019-19534, DLA-2068-1, openSUSE-SU-2019:2675-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2019:3389-1, SUSE-SU-2020:0093-1, USN-4225-1, USN-4225-2, USN-4226-1, USN-4227-1, USN-4227-2, USN-4228-1, USN-4228-2, VIGILANCE-VUL-31053
GNOME Dia: infinite loop via Filename Encoding
An attacker can trigger an infinite loop via Filename Encoding of GNOME Dia, in order to trigger a denial of service...
428, CVE-2019-19451, openSUSE-SU-2020:0021-1, SUSE-SU-2019:3390-1, SUSE-SU-2019:3391-1, VIGILANCE-VUL-31033
Linux kernel: information disclosure via Powerpc Spectre-RSB
An attacker can bypass access restrictions to data via Powerpc Spectre-RSB of the Linux kernel, in order to obtain sensitive information...
CERTFR-2019-AVI-612, CERTFR-2019-AVI-639, CERTFR-2019-AVI-652, CERTFR-2020-AVI-005, CERTFR-2020-AVI-013, CERTFR-2020-AVI-029, CERTFR-2020-AVI-046, CERTFR-2020-AVI-051, CVE-2019-18660, FEDORA-2019-124a241044, FEDORA-2019-b86a7bdba0, openSUSE-SU-2019:2675-1, RHSA-2020:0174-01, SSA:2020-008-01, SUSE-SU-2019:3200-1, SUSE-SU-2019:3289-1, SUSE-SU-2019:3316-1, SUSE-SU-2019:3317-1, SUSE-SU-2019:3371-1, SUSE-SU-2019:3372-1, SUSE-SU-2019:3379-1, SUSE-SU-2019:3381-1, SUSE-SU-2020:0093-1, USN-4225-1, USN-4225-2, USN-4226-1, USN-4227-1, USN-4227-2, USN-4228-1, USN-4228-2, VIGILANCE-VUL-31018
Our database contains other pages. You can request a free trial to read them.

Display information about openSUSE Leap: