Vulnerabilities > Opensuse > Leap
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-27 | CVE-2018-20105 | Information Exposure Through Log Files vulnerability in multiple products A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. | 5.5 |
2020-01-24 | CVE-2019-1353 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. | 9.8 |
2020-01-24 | CVE-2019-1348 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. | 3.3 |
2020-01-24 | CVE-2019-1351 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. | 7.5 |
2020-01-24 | CVE-2019-3697 | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. | 7.2 |
2020-01-24 | CVE-2019-3692 | Link Following vulnerability in multiple products The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. | 7.8 |
2020-01-23 | CVE-2019-18898 | Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. | 7.8 |
2020-01-21 | CVE-2019-20388 | Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | 7.5 |
2020-01-21 | CVE-2020-7040 | Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. | 8.1 |
2020-01-21 | CVE-2020-5202 | apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. | 2.1 |