Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 15.1 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-14039
In Go prior to 1.13.13 and 1.14.x prior to 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.
Golang Go
Opensuse Leap 15.1
Opensuse Leap 15.2
6.4
CVSSv3
CVE-2020-14308
In grub2 versions prior to 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and...
Gnu Grub2
Opensuse Leap 15.1
Opensuse Leap 15.2
6.7
CVSSv3
CVE-2020-14309
There's an issue with grub2 in all versions prior to 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buff...
Gnu Grub2
Opensuse Leap 15.1
Opensuse Leap 15.2
5.3
CVSSv3
CVE-2019-11718
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, ...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-11721
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
7.5
CVSSv3
CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Contai...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-11725
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing p...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-5801
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS before 73.0.3683.75 allowed a remote malicious user to perform domain spoofing via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2019-5788
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux before 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
1 EDB exploit
8.8
CVSSv3
CVE-2019-5789
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows before 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »