Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 42.3 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-5788
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux before 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
1 EDB exploit
8.8
CVSSv3
CVE-2019-5789
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows before 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
1 EDB exploit
8.8
CVSSv3
CVE-2019-5790
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome before 73.0.3683.75 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2019-5816
Process lifetime issue in Chrome in Google Chrome on Android before 74.0.3729.108 allowed a remote malicious user to potentially persist an exploited process via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Fedoraproject Fedora 29
Opensuse Backports Sle-15
Opensuse Leap 15.1
7.5
CVSSv3
CVE-2018-20783
In PHP prior to 5.6.39, 7.x prior to 7.0.33, 7.1.x prior to 7.1.25, and 7.2.x prior to 7.2.13, a buffer over-read in PHAR reading functions may allow an malicious user to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related ...
Php Php
Opensuse Leap 42.3
1 Github repository
7.5
CVSSv3
CVE-2019-5737
In Node.js including 6.x prior to 6.17.0, 8.x prior to 8.15.1, 10.x prior to 10.15.2, and 11.x prior to 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the conne...
Nodejs Node.js
Opensuse Leap 42.3
7.5
CVSSv3
CVE-2019-5739
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and previous versions. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and previous versions is a pote...
Nodejs Node.js
Opensuse Leap 42.3
7.5
CVSSv3
CVE-2018-19456
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote malicious users to obtain sensitive information from server folders and files, as demonstrated by download.sql.
Wplaunchpad Wpbackupplus
Opensuse Leap 42.3
7.5
CVSSv3
CVE-2018-16875
The crypto/x509 package of Go prior to 1.10.6 and 1.11.x prior to 1.11.3 does not limit the amount of work performed for each chain verification, which might allow malicious users to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client cer...
Golang Go
Opensuse Leap 42.3
1 Github repository
9.1
CVSSv3
CVE-2019-11006
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows malicious users to cause a denial of service or information disclosure via an RLE packet.
Graphicsmagick Graphicsmagick
Opensuse Leap 42.3
Opensuse Leap 15.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »