High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-19	CVE-2023-32182	A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1. local low complexity opensuse suse	7.8
2023-02-15	CVE-2022-45153	An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. local low complexity suse opensuse	7.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5
2021-02-09	CVE-2021-26675	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. low complexity intel debian opensuse CWE-787	8.8
2020-11-03	CVE-2020-16009	Type Confusion vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google microsoft cefsharp opensuse fedoraproject debian CWE-843	8.8
2020-11-03	CVE-2020-16008	Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. network low complexity google debian opensuse fedoraproject CWE-787	8.8
2020-11-03	CVE-2020-16007	Link Following vulnerability in multiple products Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. local low complexity google debian opensuse CWE-59	7.8
2020-11-03	CVE-2020-16006	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-787	8.8
2020-11-03	CVE-2020-16005	Improper Handling of Exceptional Conditions vulnerability in multiple products Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-755	8.8