Vulnerabilities > Opensuse > Leap > 15.4

DATE CVE VULNERABILITY TITLE RISK
2023-02-15 CVE-2022-45153 An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created.
local
low complexity
suse opensuse
7.8
7.8
2022-10-06 CVE-2022-31252 A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution.
local
low complexity
suse opensuse
4.4
4.4