OpenSuse Backports

An issue was discovered in Cobbler before 3.3.1

CVE-2021-45082 7.8 - High - February 19, 2022

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

Command Injection

An issue was discovered in uriparser before 0.9.6

CVE-2021-46142 5.5 - Medium - January 06, 2022

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

Dangling pointer

An issue was discovered in uriparser before 0.9.6

CVE-2021-46141 5.5 - Medium - January 06, 2022

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

Dangling pointer

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1

CVE-2020-15803 6.1 - Medium - July 17, 2020

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

XSS

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value

CVE-2020-14983 9.8 - Critical - June 22, 2020

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.

Classic Buffer Overflow

Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97

CVE-2020-6493 9.6 - Critical - June 03, 2020

Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Dangling pointer

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97

CVE-2020-6495 6.5 - Medium - June 03, 2020

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

Incorrect Default Permissions

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92

CVE-2020-6432 4.3 - Medium - April 13, 2020

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92

CVE-2020-6431 4.3 - Medium - April 13, 2020

Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.

Incorrect Default Permissions

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92

CVE-2020-6456 6.5 - Medium - April 13, 2020

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.

Incorrect Default Permissions

Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92

CVE-2020-6455 8.8 - High - April 13, 2020

Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Out-of-bounds Read

Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162

CVE-2020-6452 8.8 - High - April 13, 2020

Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92

CVE-2020-6446 6.5 - Medium - April 13, 2020

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Incorrect Default Permissions

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92

CVE-2020-6445 6.5 - Medium - April 13, 2020

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Incorrect Default Permissions

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92

CVE-2020-6443 8.8 - High - April 13, 2020

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.

Insufficient Verification of Data Authenticity

Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92

CVE-2020-6442 4.3 - Medium - April 13, 2020

Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Exposure of Resource to Wrong Sphere

Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92

CVE-2020-6441 4.3 - Medium - April 13, 2020

Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.

Incorrect Default Permissions

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92

CVE-2020-6440 4.3 - Medium - April 13, 2020

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92

CVE-2020-6439 8.8 - High - April 13, 2020

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.

Incorrect Default Permissions

Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92

CVE-2020-6437 4.3 - Medium - April 13, 2020

Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92

CVE-2020-6435 4.3 - Medium - April 13, 2020

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92

CVE-2020-6433 4.3 - Medium - April 13, 2020

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.

CVE-2020-10938 9.8 - Critical - March 24, 2020

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.

Memory Corruption

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149

CVE-2020-6425 5.4 - Medium - March 23, 2020

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.

Improper Input Validation

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7

CVE-2020-10592 7.5 - High - March 23, 2020

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.

Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may

CVE-2020-0561 7.8 - High - February 13, 2020

Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper Initialization

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

CVE-2019-15613 8 - High - February 04, 2020

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

Insufficient Verification of Data Authenticity

Improper Input Validation in Nextcloud Server 15.0.7

CVE-2019-15624 4.9 - Medium - February 04, 2020

Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.

Improper Input Validation

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges

CVE-2019-18899 5.5 - Medium - January 23, 2020

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.

Improper Privilege Management

apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port

CVE-2020-5202 5.5 - Medium - January 21, 2020

apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

CVE-2020-6610 6.5 - Medium - January 08, 2020

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

Allocation of Resources Without Limits or Throttling

An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95

CVE-2019-20053 5.5 - Medium - December 27, 2019

An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.

Buffer Overflow

In GraphicsMagick 1.4 snapshot-20191208 Q8

CVE-2019-19953 9.1 - Critical - December 24, 2019

In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.

Out-of-bounds Read

In GraphicsMagick 1.4 snapshot-20190423 Q8

CVE-2019-19951 9.8 - Critical - December 24, 2019

In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.

Memory Corruption

In GraphicsMagick 1.4 snapshot-20190403 Q8

CVE-2019-19950 9.8 - Critical - December 24, 2019

In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.

Dangling pointer

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79

CVE-2019-13730 8.8 - High - December 10, 2019

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2

CVE-2019-5163 7.5 - High - December 03, 2019

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.

Missing Authentication for Critical Function

Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108

CVE-2019-13723 8.8 - High - November 25, 2019

Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70

CVE-2019-13705 4.3 - Medium - November 25, 2019

Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.

Improper Privilege Management

Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70

CVE-2019-13707 5.5 - Medium - November 25, 2019

Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.

Improper Input Validation

Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70

CVE-2019-13711 5.3 - Medium - November 25, 2019

Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70

CVE-2019-13713 6.5 - Medium - November 25, 2019

Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c

CVE-2019-16709 6.5 - Medium - September 23, 2019

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.

Memory Leak

An issue was discovered in Schism Tracker through 20190722

CVE-2019-14524 7.8 - High - August 02, 2019

An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.

Memory Corruption

A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8

CVE-2019-10163 4.3 - Medium - July 30, 2019

A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.

Allocation of Resources Without Limits or Throttling

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

CVE-2019-5459 7.1 - High - July 30, 2019

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

Integer underflow

Double Free in VLC versions <= 3.0.6 leads to a crash.

CVE-2019-5460 5.5 - Medium - July 30, 2019

Double Free in VLC versions <= 3.0.6 leads to a crash.

Double-free

Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108

CVE-2019-5816 8.8 - High - June 27, 2019

Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.

Improper Control of a Resource Through its Lifetime

Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108

CVE-2019-5805 6.5 - Medium - June 27, 2019

Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Memory Corruption

Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108

CVE-2019-5806 8.8 - High - June 27, 2019

Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108

CVE-2019-5807 8.8 - High - June 27, 2019

Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Use after free in Blink in Google Chrome prior to 74.0.3729.108

CVE-2019-5808 8.8 - High - June 27, 2019

Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Use after free in file chooser in Google Chrome prior to 74.0.3729.108

CVE-2019-5809 8.8 - High - June 27, 2019

Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.

Dangling pointer

Information leak in autofill in Google Chrome prior to 74.0.3729.108

CVE-2019-5810 6.5 - Medium - June 27, 2019

Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Cleartext Storage of Sensitive Information

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108

CVE-2019-5811 8.8 - High - June 27, 2019

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

Use after free in V8 in Google Chrome prior to 74.0.3729.108

CVE-2019-5813 8.8 - High - June 27, 2019

Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Uninitialized data in media in Google Chrome prior to 74.0.3729.108

CVE-2019-5818 6.5 - Medium - June 27, 2019

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

Use of Uninitialized Resource

Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80

CVE-2019-5830 6.5 - Medium - June 27, 2019

Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Integer overflow in download manager in Google Chrome prior to 75.0.3770.80

CVE-2019-5829 8.8 - High - June 27, 2019

Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Integer Overflow or Wraparound

Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80

CVE-2019-5828 8.8 - High - June 27, 2019

Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Dangling pointer

Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80

CVE-2019-5840 4.3 - Medium - June 27, 2019

Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Race Condition

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131

CVE-2019-5827 8.8 - High - June 27, 2019

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Parameter passing error in media in Google Chrome prior to 74.0.3729.131

CVE-2019-5824 8.8 - High - June 27, 2019

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108

CVE-2019-5823 5.4 - Medium - June 27, 2019

Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Open Redirect

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108

CVE-2019-5822 8.8 - High - June 27, 2019

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108

CVE-2019-5821 8.8 - High - June 27, 2019

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Memory Corruption

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108

CVE-2019-5820 8.8 - High - June 27, 2019

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Memory Corruption

Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108

CVE-2019-5819 7.8 - High - June 27, 2019

Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.

Improper Input Validation

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108

CVE-2019-5817 8.8 - High - June 27, 2019

Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108

CVE-2019-5814 6.5 - Medium - June 27, 2019

Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Session Riding

Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80

CVE-2019-5831 8.8 - High - June 27, 2019

Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80

CVE-2019-5832 6.5 - Medium - June 27, 2019

Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80

CVE-2019-5833 4.3 - Medium - June 27, 2019

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.

Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80

CVE-2019-5834 6.5 - Medium - June 27, 2019

Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

Origin Validation Error

Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80

CVE-2019-5835 6.5 - Medium - June 27, 2019

Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Out-of-bounds Read

Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80

CVE-2019-5836 8.8 - High - June 27, 2019

Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80

CVE-2019-5837 6.5 - Medium - June 27, 2019

Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80

CVE-2019-5838 4.3 - Medium - June 27, 2019

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.

AuthZ

Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80

CVE-2019-5839 4.3 - Medium - June 27, 2019

Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.

Improper Input Validation

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75

CVE-2019-5790 8.8 - High - May 23, 2019

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

Integer Overflow or Wraparound

Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75

CVE-2019-5787 8.8 - High - May 23, 2019

Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Memory Corruption

An integer overflow

CVE-2019-5788 8.8 - High - May 23, 2019

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Integer Overflow or Wraparound

An integer overflow

CVE-2019-5789 8.8 - High - May 23, 2019

An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Integer Overflow or Wraparound

Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75

CVE-2019-5791 8.8 - High - May 23, 2019

Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Out-of-bounds Read

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75

CVE-2019-5792 8.8 - High - May 23, 2019

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.

Integer Overflow or Wraparound

Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75

CVE-2019-5793 6.5 - Medium - May 23, 2019

Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.

Improper Input Validation

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75

CVE-2019-5795 8.8 - High - May 23, 2019

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.

Integer Overflow or Wraparound

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75

CVE-2019-5798 6.5 - Medium - May 23, 2019

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Out-of-bounds Read

Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75

CVE-2019-5799 6.5 - Medium - May 23, 2019

Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Improper Input Validation

Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75

CVE-2019-5800 6.5 - Medium - May 23, 2019

Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Improper Input Validation

Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75

CVE-2019-5801 6.5 - Medium - May 23, 2019

Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

Improper Input Validation

Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75

CVE-2019-5803 6.5 - Medium - May 23, 2019

Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Improper Input Validation

Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75

CVE-2019-5804 5.5 - Medium - May 23, 2019

Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.

Argument Injection

An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g

CVE-2019-11328 8.8 - High - May 14, 2019

An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.

Incorrect Permission Assignment for Critical Resource

rdesktop versions up to and including v1.8.3 contain an Integer Overflow

CVE-2018-20177 9.8 - Critical - March 15, 2019

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.

Memory Corruption

An issue was discovered in Qt before 5.11.3

CVE-2018-19873 9.8 - Critical - December 26, 2018

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.

Buffer Overflow