| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2015-5123 |
4 Adobe, Opensuse, Redhat and 1 more |
8 Flash Player, Evergreen, Enterprise Linux Desktop and 5 more |
2019-08-19 |
10.0 |
| Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux,... |
| CVE-2015-5122 |
4 Adobe, Opensuse, Redhat and 1 more |
8 Flash Player, Evergreen, Enterprise Linux Desktop and 5 more |
2019-08-19 |
10.0 |
| Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux,... |
| CVE-2018-18335 |
4 Google, Debian, Redhat and 1 more |
9 Chrome, Debian Linux, Linux Desktop and 6 more |
2019-08-17 |
6.8 |
| Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2019-11730 |
3 Mozilla, Debian, Opensuse |
5 Firefox, Firefox Esr, Thunderbird and 2 more |
2019-08-15 |
4.3 |
| A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the... |
| CVE-2019-14235 |
2 Djangoproject, Opensuse |
2 Django, Leap |
2019-08-12 |
5.0 |
| An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding... |
| CVE-2019-14233 |
2 Djangoproject, Opensuse |
2 Django, Leap |
2019-08-12 |
5.0 |
| An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing... |
| CVE-2019-14232 |
2 Djangoproject, Opensuse |
2 Django, Leap |
2019-08-12 |
5.0 |
| An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain... |
| CVE-2014-7818 |
3 Rubyonrails, Novell, Opensuse |
4 Ruby On Rails, Opensuse, Opensuse and 1 more |
2019-08-08 |
4.3 |
| Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is... |
| CVE-2014-7829 |
3 Rubyonrails, Novell, Opensuse |
4 Ruby On Rails, Opensuse, Opensuse and 1 more |
2019-08-08 |
5.0 |
| Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is... |
| CVE-2015-3227 |
3 Rubyonrails, Novell, Opensuse |
4 Ruby On Rails, Opensuse, Opensuse and 1 more |
2019-08-08 |
5.0 |
| The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth. |
| CVE-2014-0081 |
4 Opensuse Project, Rubyonrails, Redhat and 1 more |
6 Enterprise Linux, Ruby On Rails, Opensuse and 3 more |
2019-08-08 |
4.3 |
| Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or... |
| CVE-2019-7222 |
6 Debian, Fedoraproject, Linux and 3 more |
7 Debian Linux, Fedora, Linux Kernel and 4 more |
2019-08-06 |
2.1 |
| The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. |
| CVE-2019-3811 |
4 Fedoraproject, Debian, Opensuse and 1 more |
5 Sssd, Debian Linux, Fedora and 2 more |
2019-08-06 |
2.7 |
| A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's... |
| CVE-2019-0160 |
2 Tianocore, Opensuse |
2 Edk Ii, Leap |
2019-08-06 |
7.5 |
| Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. |
| CVE-2018-20534 |
2 Opensuse, Canonical |
2 Libsolv, Ubuntu Linux |
2019-08-06 |
4.3 |
| ** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the... |
| CVE-2018-20533 |
2 Opensuse, Canonical |
2 Libsolv, Ubuntu Linux |
2019-08-06 |
4.3 |
| There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. |
| CVE-2018-20532 |
2 Opensuse, Canonical |
2 Libsolv, Ubuntu Linux |
2019-08-06 |
4.3 |
| There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. |
| CVE-2016-10739 |
2 Gnu, Opensuse |
2 Glibc, Leap |
2019-08-06 |
4.6 |
| In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume... |
| CVE-2019-3859 |
5 Libssh2, Netapp, Debian and 2 more |
5 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 2 more |
2019-07-25 |
6.4 |
| An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the... |
| CVE-2019-5839 |
3 Google, Fedoraproject, Opensuse |
4 Chrome, Fedora, Backports and 1 more |
2019-07-25 |
4.3 |
| Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL. |
