Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

opensuse leap 42.3 vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv3
CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to...
Opensuse Leap 42.3Opensuse Leap 15.0
7.5
CVSSv3
CVE-2017-6594
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets....
Heimdal Project HeimdalOpensuse Leap 42.2Opensuse Leap 42.3
8.8
CVSSv3
CVE-2019-5816
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page....
Google ChromeOpensuse Leap 15.0Opensuse Leap 42.3Opensuse Backports Sle-15Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-5794
Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page....
Google ChromeOpensuse Backports Sle 15.0Opensuse Leap 15.0Opensuse Leap 15.1Opensuse Leap 42.3
8.8
CVSSv3
CVE-2017-9286
The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade....
Opensuse Leap 42.3
9.8
CVSSv3
CVE-2019-8341
** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION...
Pocoo Jinja2 2.10Opensuse Leap 15.0Opensuse Leap 42.3
6.3
CVSSv3
CVE-2019-3840
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service....
Redhat LibvirtOpensuse Leap 42.3Opensuse Leap 15.0
3.3
CVSSv3
CVE-2019-8934
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest....
Qemu QemuOpensuse Leap 15.0Opensuse Leap 42.3
6.5
CVSSv3
CVE-2019-5802
Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page....
Google ChromeOpensuse Backports Sle 15.0Opensuse Leap 15.0Opensuse Leap 15.1Opensuse Leap 42.3
8.8
CVSSv3
CVE-2019-5829
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page....
Google ChromeOpensuse Backports Sle-15Opensuse Leap 15.0Opensuse Leap 15.1Opensuse Leap 42.3Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-29337CVE-2021-32965firmwareCVE-2022-1388injectauthentication bypassCVE-2022-22972CVE-2022-29333CVE-2021-45914
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook