Vulnerabilities > Opensuse > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-24 CVE-2020-12137 Cross-site Scripting vulnerability in multiple products
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts.
network
low complexity
gnu debian fedoraproject canonical opensuse CWE-79
6.1
6.1
2020-04-23 CVE-2020-12105 Improper Handling of Exceptional Conditions vulnerability in multiple products
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
network
high complexity
infradead opensuse CWE-755
5.9
5.9
2020-04-22 CVE-2020-1983 Use After Free vulnerability in multiple products
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. 		6.5
6.5
2020-04-15 CVE-2019-12521 Off-by-one Error vulnerability in multiple products
An issue was discovered in Squid through 4.7.
network
high complexity
squid-cache canonical debian opensuse CWE-193
5.9
5.9
2020-04-15 CVE-2020-2951 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
6.5
6.5
2020-04-15 CVE-2020-2910 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
6.5
6.5
2020-04-15 CVE-2020-2894 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
6.0
6.0
2020-04-15 CVE-2020-2830 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). 5.3
5.3
2020-04-15 CVE-2020-2814 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). 4.9
4.9
2020-04-15 CVE-2020-2812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). 4.9
4.9