Opensuse: >> Backports >> sle-15 Security Vulnerabilities
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
CVSS Score
8.8
EPSS Score
0.006
Published
2019-05-23
Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-05-23
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
CVSS Score
8.8
EPSS Score
0.006
Published
2019-05-23
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-05-14
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.
CVSS Score
9.8
EPSS Score
0.051
Published
2019-03-15
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
CVSS Score
9.8
EPSS Score
0.134
Published
2018-12-26
Page 10