Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-27	CVE-2018-20105	Information Exposure Through Log Files vulnerability in multiple products A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. local low complexity yast2-rmt-project opensuse suse CWE-532	5.5
2020-01-24	CVE-2019-1353	An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. network low complexity git-scm opensuse critical	9.8
2020-01-24	CVE-2019-1348	An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. local low complexity git-scm opensuse	3.3
2020-01-24	CVE-2019-1351	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. network low complexity microsoft opensuse CWE-706	7.5
2020-01-24	CVE-2019-3697	Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. local low complexity gnu opensuse CWE-59	7.2
2020-01-24	CVE-2019-3692	Link Following vulnerability in multiple products The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. local low complexity suse opensuse CWE-59	7.8
2020-01-23	CVE-2019-18898	Link Following vulnerability in multiple products UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. local low complexity suse opensuse CWE-59	7.8
2020-01-21	CVE-2019-20388	Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. network low complexity xmlsoft debian netapp oracle opensuse fedoraproject CWE-401	7.5
2020-01-21	CVE-2020-7040	Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. network high complexity storebackup debian opensuse canonical CWE-59	8.1
2020-01-21	CVE-2020-5202	apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. local low complexity apt-cacher-ng-project debian opensuse	2.1