High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-03	CVE-2022-21949	Unspecified vulnerability in Opensuse Open Build Service A Improper Restriction of XML External Entity Reference vulnerability in SUSE Open Build Service allows remote attackers to reference external entities in certain operations. network low complexity opensuse	8.8
2022-03-09	CVE-2021-36777	Unspecified vulnerability in Opensuse Open Build Service A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. network low complexity opensuse	8.8
2022-02-19	CVE-2021-45082	Command Injection vulnerability in multiple products An issue was discovered in Cobbler before 3.3.1. local low complexity cobbler-project suse opensuse fedoraproject CWE-77	7.8
2022-01-26	CVE-2022-21944	Unspecified vulnerability in Opensuse Factory Watchman A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. local low complexity opensuse	7.8
2022-01-01	CVE-2021-41819	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. network low complexity ruby-lang redhat debian suse opensuse fedoraproject CWE-565	7.5
2022-01-01	CVE-2021-41817	Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. network low complexity ruby-lang redhat fedoraproject debian suse opensuse	7.5
2021-12-25	CVE-2021-4166	vim is vulnerable to Out-of-bounds Read local low complexity vim redhat suse opensuse debian fedoraproject apple	7.1
2021-09-02	CVE-2021-33928	Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. network low complexity opensuse CWE-787	7.5
2021-09-02	CVE-2021-33929	Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. network low complexity opensuse CWE-787	7.5
2021-09-02	CVE-2021-33930	Out-of-bounds Write vulnerability in Opensuse Libsolv Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. network low complexity opensuse CWE-787	7.5