Vulnerabilities > Opensuse > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-17 CVE-2020-15586 Race Condition vulnerability in multiple products
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. 		5.9
5.9
2020-07-17 CVE-2020-14039 Improper Certificate Validation vulnerability in multiple products
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows).
network
low complexity
golang opensuse CWE-295
5.3
5.3
2020-07-17 CVE-2020-15803 Cross-site Scripting vulnerability in multiple products
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
network
low complexity
zabbix fedoraproject debian opensuse CWE-79
6.1
6.1
2020-07-15 CVE-2020-15780 Missing Authorization vulnerability in multiple products
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7.
local
low complexity
linux opensuse canonical CWE-862
6.7
6.7
2020-07-15 CVE-2019-20908 An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4.
local
low complexity
linux opensuse canonical
6.7
6.7
2020-07-15 CVE-2020-14715 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
4.4
4.4
2020-07-15 CVE-2020-14714 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
4.4
4.4
2020-07-15 CVE-2020-14712 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
5.0
5.0
2020-07-15 CVE-2020-14711 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
6.5
6.5
2020-07-15 CVE-2020-14707 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
5.0
5.0