Vulnerabilities > Opensuse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2019-20386 | Memory Leak vulnerability in multiple products An issue was discovered in button_open in login/logind-button.c in systemd before 243. | 2.4 |
| 2020-01-17 | CVE-2019-17361 | Command Injection vulnerability in multiple products In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. | 9.8 |
| 2020-01-16 | CVE-2020-7039 | Out-of-bounds Write vulnerability in multiple products tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. | 5.6 |
| 2020-01-16 | CVE-2020-7106 | Cross-site Scripting vulnerability in multiple products Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). | 6.1 |
| 2020-01-16 | CVE-2020-7044 | Off-by-one Error vulnerability in multiple products In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. | 7.5 |
| 2020-01-15 | CVE-2020-2659 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 3.7 |
| 2020-01-15 | CVE-2020-2654 | Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). | 3.7 |
| 2020-01-15 | CVE-2020-2604 | Deserialization of Untrusted Data vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 8.1 |
| 2020-01-15 | CVE-2020-2601 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). | 6.8 |
| 2020-01-15 | CVE-2020-2593 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 4.8 |