Opensuse Backports
97 CVEs affecting Opensuse Backports. Latest disclosed: 2022-02-19. Critical: 8, High: 40.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-14983 | Critical | 9.8 | 2020-06-22 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user… |
CVE-2020-10938 | Critical | 9.8 | 2020-03-24 | GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. |
CVE-2019-19951 | Critical | 9.8 | 2019-12-24 | In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c. |
CVE-2019-19950 | Critical | 9.8 | 2019-12-24 | In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. |
CVE-2018-20177 | Critical | 9.8 | 2019-03-15 | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results… |
CVE-2018-19873 | Critical | 9.8 | 2018-12-26 | An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. |
CVE-2020-6493 | Critical | 9.6 | 2020-06-03 | Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially pe… |
CVE-2019-19953 | Critical | 9.1 | 2019-12-24 | In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c. |
CVE-2020-6455 | High | 8.8 | 2020-04-13 | Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2020-6452 | High | 8.8 | 2020-04-13 | Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2020-6443 | High | 8.8 | 2020-04-13 | Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to… |
CVE-2020-6439 | High | 8.8 | 2020-04-13 | Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. |
CVE-2019-13730 | High | 8.8 | 2019-12-10 | Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2019-13723 | High | 8.8 | 2019-11-25 | Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploi… |
CVE-2019-5836 | High | 8.8 | 2019-06-27 | Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2019-5831 | High | 8.8 | 2019-06-27 | Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2019-5829 | High | 8.8 | 2019-06-27 | Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a… |
CVE-2019-5828 | High | 8.8 | 2019-06-27 | Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via… |
CVE-2019-5827 | High | 8.8 | 2019-06-27 | Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HT… |
CVE-2019-5824 | High | 8.8 | 2019-06-27 | Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pa… |