Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse backports - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-3693
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local malicious users to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed...
Suse Mailman
Opensuse Backports Sle 15.0
4.9
CVSSv3
CVE-2019-15624
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
Nextcloud Nextcloud Server
Opensuse Backports Sle-15
Suse Suse Linux Enterprise Server 12
6.5
CVSSv3
CVE-2019-9211
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
Gnu Pspp 1.2.0
Fedoraproject Fedora 29
Suse Backports -
7.8
CVSSv3
CVE-2019-3692
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local malicious users to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE F...
Suse Inn
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5.3
CVSSv3
CVE-2019-15623
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
Nextcloud Nextcloud Server
Opensuse Backports Sle 15.0
Suse Package Hub -
7.5
CVSSv3
CVE-2018-19052
An issue exists in mod_alias_physical_handler in mod_alias.c in lighttpd prior to 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, b...
Lighttpd Lighttpd
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 12
Debian Debian Linux 9.0
3 Github repositories
5
CVSSv3
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
Nextcloud Nextcloud Server
Opensuse Backports Sle 15.0
Novell Suse Linux Enterprise Server 12.0
8.8
CVSSv3
CVE-2020-6422
Use after free in WebGL in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
6.5
CVSSv3
CVE-2020-6426
Inappropriate implementation in V8 in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2020-6427
Use after free in audio in Google Chrome before 80.0.3987.149 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Suse Suse Linux Enterprise Server 12
Opensuse Backports Sle 15.0
Suse Suse Linux Enterprise Desktop 12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »