Opensuse

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-33929 1Opensuse 1Libsolv Nov 21, 2024 Sep 2, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2021-33928 1Opensuse 1Libsolv Nov 21, 2024 Sep 2, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVE-2019-18906 1Opensuse 1Cryptctl Nov 21, 2024 Jun 30, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This i...Show more A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.Show less
CVE-2021-31998 1Opensuse 1Inn Nov 21, 2024 Jun 10, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the...Show more A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.Show less
CVE-2021-31997 1Opensuse 1Python Postorius Nov 21, 2024 Jun 10, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE L...Show more A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and prior versions. openSUSE Factory python-postorius version 1.3.4-2.1 and prior versions.Show less
CVE-2021-3200 2Opensuse Oracle 2Communications Cloud Native Core Policy Libsolv Nov 21, 2024 May 18, 2021 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool pool, FILE fp, const char testcase, Queue job, char *resultp, int resultflagsp function at src/testcase.c: line 2334, which co...Show more Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool pool, FILE fp, const char testcase, Queue job, char *resultp, int resultflagsp function at src/testcase.c: line 2334, which could cause a denial of serviceShow less
CVE-2021-25319 1Opensuse 1Factory Nov 21, 2024 May 5, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version...Show more A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions.Show less
CVE-2020-8032 1Opensuse 1Cyrus Sasl Nov 21, 2024 Feb 25, 2021 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions...Show more A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.Show less
CVE-2020-8027 1Opensuse 1Openldap2 Nov 21, 2024 Feb 11, 2021 N/A· v4 6.6 MEDIUM· v3 4.6 MEDIUM· v2 A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary...Show more A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.Show less
CVE-2020-8031 1Opensuse 1Open Build Service Nov 21, 2024 Feb 11, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting conf...Show more A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8.Show less
CVE-2021-26676 3Debian IntelOpensuse 3Connman Debian LinuxLeap Nov 21, 2024 Feb 9, 2021 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
CVE-2021-26675 3Debian IntelOpensuse 3Connman Debian LinuxLeap Nov 21, 2024 Feb 9, 2021 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
CVE-2020-0569 5Canonical DebianIntel+2 more 157265 Firmware Ac 3165 FirmwareAc 3168 Firmware+12 more Nov 21, 2024 Nov 23, 2020 N/A· v4 5.7 MEDIUM· v3 2.7 LOW· v2 Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-16846 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 7, 2025 Nov 6, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
CVE-2020-28049 4Debian FedoraprojectOpensuse+1 more 4Debian Linux FedoraLeap+1 more Nov 21, 2024 Nov 4, 2020 N/A· v4 6.3 MEDIUM· v3 3.3 LOW· v2 An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper...Show more An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation.Show less
CVE-2020-6557 4Debian FedoraprojectGoogle+1 more 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2020-16011 3Debian GoogleOpensuse 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 9.6 CRITICAL· v3 6.8 MEDIUM· v2 Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16009 6Cefsharp DebianFedoraproject+3 more 8Backports Sle CefsharpChrome+5 more Oct 24, 2025 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16008 4Debian FedoraprojectGoogle+1 more 5Backports Sle ChromeDebian Linux+2 more Nov 21, 2024 Nov 3, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
CVE-2020-16007 3Debian GoogleOpensuse 4Backports Sle ChromeDebian Linux+1 more Nov 21, 2024 Nov 3, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

Previous 1 234 5...164 Next