Vulnerabilities > Opensuse > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-02 CVE-2020-8016 Unspecified vulnerability in Opensuse Texlive-Filesystem 2013.7416.5.1/2017.1359.5.1
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges.
local
high complexity
opensuse
7.0
7.0
2020-03-27 CVE-2020-6095 NULL Pointer Dereference vulnerability in multiple products
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5.
network
low complexity
gstreamer-project opensuse CWE-476
7.5
7.5
2020-03-27 CVE-2020-1772 It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords.
network
low complexity
otrs opensuse debian
7.5
7.5
2020-03-23 CVE-2020-6449 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6429 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6428 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
8.8
8.8
2020-03-23 CVE-2020-6427 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6424 Use After Free vulnerability in multiple products
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6422 Out-of-bounds Write vulnerability in multiple products
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-10593 Memory Leak vulnerability in multiple products
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004.
network
low complexity
torproject opensuse CWE-401
7.5
7.5