Vulnerabilities > Opensuse > Backports SLE > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-06 | CVE-2020-12108 | Injection vulnerability in multiple products /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. | 6.5 |
2020-05-04 | CVE-2020-12625 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.4.4. | 4.3 |
2020-04-24 | CVE-2020-12137 | Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. | 6.1 |
2020-04-13 | CVE-2020-6444 | Use of Uninitialized Resource vulnerability in multiple products Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.3 |
2020-04-13 | CVE-2020-6438 | Information Exposure Through an Error Message vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. | 4.3 |
2020-04-08 | CVE-2019-20637 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. | 5.0 |
2020-03-31 | CVE-2019-14905 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. | 5.6 |
2020-03-27 | CVE-2020-6095 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. | 5.0 |
2020-03-27 | CVE-2020-1770 | Information Exposure vulnerability in multiple products Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. | 4.3 |
2020-03-27 | CVE-2020-1769 | In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. | 4.3 |