Vulnerabilities > Suse

DATE CVE VULNERABILITY TITLE RISK
2020-04-03 CVE-2018-17954 Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node.
local
low complexity
suse CWE-269
7.8
7.8
2020-03-23 CVE-2020-6449 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6429 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6428 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
8.8
8.8
2020-03-23 CVE-2020-6427 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6426 Out-of-bounds Write vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
6.5
6.5
2020-03-23 CVE-2020-6424 Use After Free vulnerability in multiple products
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6422 Out-of-bounds Write vulnerability in multiple products
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian suse opensuse CWE-787
8.8
8.8
2020-03-22 CVE-2020-10803 SQL Injection vulnerability in multiple products
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). 		5.4
5.4
2020-03-22 CVE-2020-10802 SQL Injection vulnerability in multiple products
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. 		8.0
8.0