Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-21949 XXE vulnerability in Opensuse Open Build Service
A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in certain operations.
network
low complexity
opensuse CWE-611
critical
9.0
2022-03-16 CVE-2022-21945 Insecure Temporary File vulnerability in Opensuse Cscreen
A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to cause DoS for cscreen and a system DoS for non-default systems.
local
low complexity
opensuse CWE-377
2.1
2022-03-16 CVE-2022-21946 Improper Privilege Management vulnerability in Opensuse Cscreen
A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion.
local
low complexity
opensuse CWE-269
4.6
2022-03-09 CVE-2021-36777 Reliance on Untrusted Inputs in a Security Decision vulnerability in Opensuse Open Build Service
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server.
network
opensuse CWE-807
6.8
2022-02-21 CVE-2021-44571 Out-of-bounds Write vulnerability in multiple products
A heap overflow vulnerability exisfts in openSUSE libsolv through 13 Dec 2020 in the prefer_suggested function at src/policy.c: line 442.
4.3
2022-02-21 CVE-2021-44573 Out-of-bounds Write vulnerability in multiple products
Two heap overflow vulnerabilities exist in oenSUSE libsolv through 13 Dec 2020 in the resolve_installed function at src/solver.c: line 1728 & 1766.
4.3
2022-02-21 CVE-2021-44574 Out-of-bounds Write vulnerability in multiple products
A heap-overflow vulnerability exists in openSUSE libsolv through 13 Dec 2020 in the resolve_jobrules function at src/solver.c at line 1599.
4.3
2022-02-21 CVE-2021-44575 Out-of-bounds Write vulnerability in multiple products
Two heap-overflow vulnerabilities exists in openSUSE libsolv through 13 Dec 2020 in the makeruledecisions function at src/solver.c: line 147 and 307.
4.3
2022-02-21 CVE-2021-44576 Use After Free vulnerability in multiple products
Two memory vulnerabilities exists in openSUSE libsolv through 13 Dec 2020 in the resolve_weak function at src/solver.c: line 2222 and 2249.
4.3
2022-02-21 CVE-2021-44577 Out-of-bounds Write vulnerability in multiple products
Two heap-overflow vulnerabilities exist in openSUSE libsolv through 13 Dec 2020 bugs in the propagate function at src/solver.c: line 490 and 524.
4.3