Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2020-01-24 CVE-2019-1353 An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6.
network
low complexity
git-scm opensuse
critical
 9.8
9.8
2020-01-24 CVE-2019-1348 An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6.
local
low complexity
git-scm opensuse
3.3
3.3
2020-01-24 CVE-2019-1351 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
network
low complexity
microsoft opensuse CWE-706
7.5
7.5
2020-01-24 CVE-2019-18900 Incorrect Default Permissions vulnerability in Opensuse Libzypp
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies.
local
low complexity
opensuse CWE-276
3.3
3.3
2020-01-24 CVE-2019-3697 UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root.
local
low complexity
opensuse gnu
7.8
7.8
2020-01-24 CVE-2019-3694 A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root.
local
low complexity
opensuse suse
7.8
7.8
2020-01-24 CVE-2019-3693 A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root.
local
low complexity
suse opensuse
7.8
7.8
2020-01-24 CVE-2019-3692 The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks.
local
low complexity
suse opensuse
7.8
7.8
2020-01-23 CVE-2015-5333 Resource Exhaustion vulnerability in multiple products
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
network
low complexity
openbsd opensuse CWE-400
7.5
7.5
2020-01-23 CVE-2015-5334 Out-of-bounds Write vulnerability in multiple products
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow.
network
low complexity
openbsd opensuse CWE-787
critical
 9.8
9.8