Vulnerabilities > Opensuse

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-01	CVE-2020-10683	XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. network low complexity dom4j-project oracle opensuse netapp canonical CWE-611 critical	9.8
2020-04-30	CVE-2020-12050	Race Condition vulnerability in multiple products SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library. local high complexity fedoraproject opensuse sqliteodbc-project CWE-362	7.0
2020-04-30	CVE-2020-11652	Path Traversal vulnerability in multiple products An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. network low complexity saltstack opensuse debian canonical blackberry vmware CWE-22	6.5
2020-04-30	CVE-2020-11651	An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. network low complexity saltstack opensuse debian canonical vmware critical	9.8
2020-04-29	CVE-2020-11022	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery drupal debian fedoraproject oracle netapp opensuse tenable	6.1
2020-04-28	CVE-2020-10663	Improper Input Validation vulnerability in multiple products The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. network low complexity json-project fedoraproject opensuse debian apple CWE-20	7.5
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	7.5
2020-04-27	CVE-2020-12268	Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. network low complexity artifex debian opensuse CWE-787 critical	9.8
2020-04-24	CVE-2020-12137	Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. network low complexity gnu debian fedoraproject canonical opensuse CWE-79	6.1
2020-04-23	CVE-2020-12105	Improper Handling of Exceptional Conditions vulnerability in multiple products OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks. network high complexity infradead opensuse CWE-755	5.9

Vulnerabilities > Opensuse {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Opensuse"}]}

Vulnerabilities > Opensuse