Vulnerabilities (CVE)

Filtered by vendor Suse Subscribe
Filtered by product Package Hub
Total 35 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6381 6 Debian, Fedoraproject, Google and 3 more 11 Debian Linux, Fedora, Android and 8 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-24368 3 Debian, Icinga, Suse 4 Debian Linux, Icinga Web 2, Linux Enterprise and 1 more 2024-11-21 4.3 MEDIUM 7.5 HIGH
Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.
CVE-2019-5798 6 Canonical, Debian, Google and 3 more 7 Ubuntu Linux, Debian Linux, Chrome and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-19926 8 Debian, Netapp, Opensuse and 5 more 12 Debian Linux, Cloud Backup, Backports Sle and 9 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
CVE-2019-19925 8 Debian, Netapp, Opensuse and 5 more 12 Debian Linux, Cloud Backup, Backports Sle and 9 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
CVE-2019-19923 8 Debian, Netapp, Opensuse and 5 more 12 Debian Linux, Cloud Backup, Backports Sle and 9 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
CVE-2019-19880 8 Debian, Netapp, Opensuse and 5 more 12 Debian Linux, Cloud Backup, Backports Sle and 9 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
CVE-2019-15623 3 Nextcloud, Opensuse, Suse 3 Nextcloud Server, Backports Sle, Package Hub 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
CVE-2019-13764 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13745 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13734 8 Canonical, Debian, Fedoraproject and 5 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-11709 4 Debian, Mozilla, Opensuse and 1 more 7 Debian Linux, Firefox, Firefox Esr and 4 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2018-16876 4 Canonical, Debian, Redhat and 1 more 10 Ubuntu Linux, Debian Linux, Ansible and 7 more 2024-11-21 3.5 LOW 5.3 MEDIUM
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
CVE-2018-16837 3 Debian, Redhat, Suse 5 Debian Linux, Ansible Engine, Ansible Tower and 2 more 2024-11-21 2.1 LOW 7.8 HIGH
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
CVE-2018-10875 4 Canonical, Debian, Redhat and 1 more 11 Ubuntu Linux, Debian Linux, Ansible Engine and 8 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.