Vulnerabilities > Opensuse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-09 | CVE-2018-12474 | Improper Input Validation vulnerability in Opensuse TAR SCM Improper input validation in obs-service-tar_scm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. | 9.8 |
| 2018-10-02 | CVE-2018-12473 | Path Traversal vulnerability in Opensuse Open Build Service A path traversal traversal vulnerability in obs-service-tar_scm of Open Build Service allows remote attackers to cause access files not in the current build. | 7.5 |
| 2018-09-25 | CVE-2018-14647 | Missing Initialization of Resource vulnerability in multiple products Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. | 7.5 |
| 2018-09-21 | CVE-2018-16597 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 4.8. | 5.5 |
| 2018-09-21 | CVE-2018-17294 | Out-of-bounds Read vulnerability in multiple products The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. | 6.5 |
| 2018-09-18 | CVE-2018-1000802 | Command Injection vulnerability in multiple products Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. | 9.8 |
| 2018-09-04 | CVE-2018-10930 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 6.5 |
| 2018-09-04 | CVE-2018-10929 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. | 8.8 |
| 2018-09-04 | CVE-2018-10928 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. | 8.8 |
| 2018-09-04 | CVE-2018-10927 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. | 8.1 |