Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse factory - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-28321
The Linux-PAM package prior to 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user wi...
Linux-pam Linux-pam
9.8
CVSSv3
CVE-2019-3681
A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote...
Opensuse Osc
9.8
CVSSv3
CVE-2019-18902
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote malicious users to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions ...
Opensuse Leap 15.1
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
9.8
CVSSv3
CVE-2019-18903
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote malicious users to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions ...
Opensuse Leap 15.1
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
7.8
CVSSv3
CVE-2022-31253
A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap...
Opensuse Openldap2
7.8
CVSSv3
CVE-2022-31256
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local malicious users to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail vers...
Opensuse Factory
7.8
CVSSv3
CVE-2021-45082
An issue exists in Cobbler prior to 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)
Cobbler Project Cobbler
Suse Linux Enterprise Server 11
Opensuse Factory -
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Opensuse Backports Sle-15
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2022-21944
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local malicious users to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions before 4.9.0. openSUSE F...
Opensuse Factory Watchman
7.8
CVSSv3
CVE-2021-25321
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escal...
Suse Arpwatch
7.8
CVSSv3
CVE-2021-31997
A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local malicious users to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and ...
Opensuse Python-postorius
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »