Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  Security Vulnerabilities
CVE-2019-13134
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-07-01
CVE-2019-13117
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
CVSS Score
5.3
EPSS Score
0.039
Published
2019-07-01
CVE-2019-13118
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
CVSS Score
5.3
EPSS Score
0.008
Published
2019-07-01
CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-06-29
CVE-2019-5829
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.022
Published
2019-06-27
CVE-2019-5830
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.009
Published
2019-06-27
CVE-2019-5831
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.022
Published
2019-06-27
CVE-2019-5832
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.011
Published
2019-06-27
CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
CVSS Score
4.3
EPSS Score
0.008
Published
2019-06-27
CVE-2019-5834
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-06-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved