Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-24	CVE-2019-1351	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. network low complexity microsoft opensuse CWE-706	7.5
2020-01-24	CVE-2019-3697	UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. local low complexity opensuse gnu	7.8
2020-01-24	CVE-2019-3692	The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. local low complexity suse opensuse	7.8
2020-01-23	CVE-2019-18898	UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. local low complexity suse opensuse	7.8
2020-01-21	CVE-2019-20388	Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. network low complexity xmlsoft debian netapp oracle opensuse fedoraproject CWE-401	7.5
2020-01-21	CVE-2020-7040	Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. network high complexity storebackup debian opensuse canonical CWE-59	8.1
2020-01-21	CVE-2020-5202	apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. local low complexity apt-cacher-ng-project debian opensuse	5.5
2020-01-21	CVE-2019-19344	Use After Free vulnerability in multiple products There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer. network low complexity samba canonical synology opensuse CWE-416	6.5
2020-01-21	CVE-2019-18932	Link Following vulnerability in multiple products log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. local high complexity squid-analysis-report-generator-project opensuse CWE-59	7.0
2020-01-21	CVE-2019-14902	There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers. network low complexity samba canonical opensuse debian	5.4