Vulnerabilities > Opensuse > Backports SLE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-22 | CVE-2020-10803 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). | 5.4 |
| 2020-03-22 | CVE-2020-10802 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. | 8.0 |
| 2020-03-22 | CVE-2020-10804 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). | 8.0 |
| 2020-03-18 | CVE-2019-12921 | Command Injection vulnerability in multiple products In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. | 6.5 |
| 2020-02-28 | CVE-2019-3698 | UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. | 7.0 |
| 2020-02-27 | CVE-2020-7043 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. | 9.1 |
| 2020-02-27 | CVE-2020-7042 | Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
| 2020-02-27 | CVE-2020-7041 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. | 5.3 |
| 2020-02-20 | CVE-2020-9273 | Use After Free vulnerability in multiple products In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. | 8.8 |
| 2020-02-20 | CVE-2020-9272 | Out-of-bounds Read vulnerability in multiple products ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. | 7.5 |