Vulnerabilities > Opensuse > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-21 | CVE-2021-44568 | Out-of-bounds Write vulnerability in Opensuse Libsolv Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service. | 6.5 |
| 2022-01-14 | CVE-2021-36781 | Unspecified vulnerability in Opensuse Factory A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. | 4.4 |
| 2022-01-06 | CVE-2021-46141 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |
| 2022-01-06 | CVE-2021-46142 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |
| 2021-02-11 | CVE-2020-8027 | Unspecified vulnerability in Opensuse Openldap2 A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. | 6.6 |
| 2021-02-11 | CVE-2020-8031 | Unspecified vulnerability in Opensuse Open Build Service A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. | 5.4 |
| 2021-02-09 | CVE-2021-26676 | gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. | 6.5 |
| 2020-11-23 | CVE-2020-0569 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 5.7 |
| 2020-11-04 | CVE-2020-28049 | Race Condition vulnerability in multiple products An issue was discovered in SDDM before 0.19.0. | 6.3 |
| 2020-11-03 | CVE-2020-6557 | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |