← Back

Opensuse

opensuse

3,271 CVEs • 50 products

Products (50)

Click to collapse
Toggle
Leap
leap
1,898 CVEs
Opensuse
opensuse
1,454 CVEs
Backports Sle
backports_sle
326 CVEs
Backports
backports
97 CVEs
Evergreen
evergreen
43 CVEs
Open Build Service
open_build_service
22 CVEs
Libsolv
libsolv
13 CVEs
Factory
factory
10 CVEs
Supportutils
supportutils
6 CVEs
Libzypp
libzypp
5 CVEs
Tumbleweed
tumbleweed
4 CVEs
Zypper
zypper
3 CVEs
Openldap2
openldap2
3 CVEs
Osc
osc
2 CVEs
Suse Linux Enterprise Server
suse_linux_enterprise_server
2 CVEs
Cryptctl
cryptctl
2 CVEs
Munge
munge
2 CVEs
Wicked
wicked
2 CVEs
Pcp
pcp
2 CVEs
Texlive Filesystem
texlive-filesystem
2 CVEs
Rmt Server
rmt-server
2 CVEs
Cscreen
cscreen
2 CVEs
Libeconf
libeconf
2 CVEs
Openstack Cloud
openstack_cloud
1 CVE
Libstorage
libstorage
1 CVE
Libstorage Ng
libstorage-ng
1 CVE
Obs Service Source Validator
obs-service-source_validator
1 CVE
Open Buildservice
open_buildservice
1 CVE
Sysconfig
sysconfig
1 CVE
Tar Scm
tar_scm
1 CVE
Package Hub
package_hub
1 CVE
Yast2 Multipath
yast2-multipath
1 CVE
Yast2 Samba Provision
yast2-samba-provision
1 CVE
Yast2 Printer
yast2-printer
1 CVE
Munin
munin
1 CVE
Suse Package Hub
suse_package_hub
1 CVE
Autoyast2
autoyast2
1 CVE
Hylafax+
hylafax+
1 CVE
Tumbleweed Kopano Spamd
tumbleweed_kopano-spamd
1 CVE
Cyrus Sasl
cyrus-sasl
1 CVE
Python Postorius
python-postorius
1 CVE
Inn
inn
1 CVE
Factory Watchman
factory_watchman
1 CVE
Canna
canna
1 CVE
Leap Micro
leap_micro
1 CVE
Travel Support Program
travel_support_program
1 CVE
Libzypp Plugin Appdata
libzypp-plugin-appdata
1 CVE
Paste
paste
1 CVE
Welcome
welcome
1 CVE
Mirrorcache
mirrorcache
1 CVE

CVEs (3,271)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-11739
4Debian
FedoraprojectOpensuse+1 more
4Debian Linux
FedoraLeap+1 more
Nov 21, 2024
Apr 14, 2020
N/A· v4
7.8 HIGH· v3
6.9 MEDIUM· v2
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths d...Show more
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to re-order the memory access with the preceding ones. In other words, the unlock may be seen by another processor before all the memory accesses within the "critical" section. As a consequence, it may be possible to have a writer executing a critical section at the same time as readers or another writer. In other words, many of the assumptions (e.g., a variable cannot be modified after a check) in the critical sections are not safe anymore. The read-write locks are used in hypercalls (such as grant-table ones), so a malicious guest could exploit the race. For instance, there is a small window where Xen can leak memory if XENMAPSPACE_grant_table is used concurrently. A malicious guest may be able to leak memory, or cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded.Show less
CVE-2020-6456
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
CVE-2020-6455
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6454
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2020-6452
3Fedoraproject
GoogleOpensuse
4Backports
ChromeFedora+1 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6451
3Fedoraproject
GoogleOpensuse
4Backports Sle
ChromeFedora+1 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6450
3Fedoraproject
GoogleOpensuse
4Backports Sle
ChromeFedora+1 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6448
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6447
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6446
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6445
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6444
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
6.3 MEDIUM· v3
6.8 MEDIUM· v2
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6443
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.
CVE-2020-6442
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6441
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
CVE-2020-6440
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome...Show more
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.Show less
CVE-2020-6439
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
CVE-2020-6438
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memo...Show more
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.Show less
CVE-2020-6437
4Debian
FedoraprojectGoogle+1 more
5Backports
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.
CVE-2020-6436
4Debian
FedoraprojectGoogle+1 more
5Backports Sle
ChromeDebian Linux+2 more
Nov 21, 2024
Apr 13, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.