Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2020-10-01 CVE-2020-15677 Open Redirect vulnerability in multiple products
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from.
network
low complexity
mozilla debian opensuse CWE-601
6.1
6.1
2020-10-01 CVE-2020-15676 Cross-site Scripting vulnerability in multiple products
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element.
network
low complexity
mozilla debian opensuse CWE-79
6.1
6.1
2020-10-01 CVE-2020-15673 Use After Free vulnerability in multiple products
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2.
network
low complexity
mozilla debian opensuse CWE-416
8.8
8.8
2020-09-30 CVE-2020-14374 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk opensuse canonical CWE-120
8.8
8.8
2020-09-30 CVE-2020-14378 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop.
local
low complexity
dpdk opensuse canonical CWE-191
3.3
3.3
2020-09-30 CVE-2020-14377 Out-of-bounds Read vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk canonical opensuse CWE-125
7.1
7.1
2020-09-30 CVE-2020-14376 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
high complexity
dpdk opensuse canonical CWE-120
7.8
7.8
2020-09-30 CVE-2020-14375 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
high complexity
dpdk opensuse canonical CWE-367
7.8
7.8
2020-09-30 CVE-2020-26154 Classic Buffer Overflow vulnerability in multiple products
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
network
low complexity
libproxy-project fedoraproject debian opensuse CWE-120
critical
 9.8
9.8
2020-09-27 CVE-2020-26117 Improper Certificate Validation vulnerability in multiple products
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions.
network
low complexity
tigervnc debian opensuse CWE-295
8.1
8.1