Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse opensuse vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-1747
A vulnerability exists in the PyYAML library in versions prior to 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted i...
Pyyaml Pyyaml
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
2 Github repositories
10
CVSSv2
CVE-2020-8432
In Das U-Boot up to and including 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an malicious user to execute arbitrary code. NOTE: this vulnerablity was introduced when at...
Denx U-boot
Opensuse Leap 15.2
10
CVSSv2
CVE-2019-5021
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of t...
Gliderlabs Docker-alpine
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Big-ip Controller 1.2.1
3 Github repositories
10
CVSSv2
CVE-2019-11627
gpg-key2ps in signing-party 1.1.x and 2.x prior to 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.
Signing-party Project Signing-party
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 42.3
10
CVSSv2
CVE-2014-0593
The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions before 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.
Opensuse Open Build Service
10
CVSSv2
CVE-2016-9961
game-music-emu prior to 0.6.1 mishandles unspecified integer values.
Game-music-emu Project Game-music-emu
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Opensuse Project Leap 42.1
Opensuse Leap 42.2
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Server 12.0
10
CVSSv2
CVE-2016-2099
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and previous versions allows context-dependent malicious users to have unspecified impact via an invalid character in an XML document.
Apache Xerces-c\\+\\+
Opensuse Opensuse 13.2
10
CVSSv2
CVE-2016-4007
Multiple unspecified vulnerabilities in the obs-service-extract_file package prior to 0.3-5.1 in openSUSE Leap 42.1 and prior to 0.3-3.1 in openSUSE 13.2 allow malicious users to execute arbitrary commands via a service definition, related to executing unzip with "illegal op...
Opensuse Leap 42.1
Opensuse Opensuse 13.2
10
CVSSv2
CVE-2016-2324
Integer overflow in Git prior to 2.7.4 allows remote malicious users to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
Suse Openstack Cloud 5
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Software Development Kit 12.0
Suse Linux Enterprise Server 12.0
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Suse Suse Linux Enterprise Server 12
Git-scm Git
1 Article
10
CVSSv2
CVE-2016-2315
revision.c in git prior to 2.7.4 uses an incorrect integer data type, which allows remote malicious users to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
Suse Openstack Cloud 5
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Suse Suse Linux Enterprise Server 12
Git-scm Git 2.7.3
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »