Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 15.1 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-15811
An issue exists in Squid prior to 4.13 and 5.x prior to 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security a...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
4.3
CVSSv2
CVE-2020-24553
Go prior to 1.14.8 and 1.15.x prior to 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
Golang Go
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
Oracle Communications Cloud Native Core Policy 1.5.0
7.2
CVSSv2
CVE-2020-8023
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterpri...
Opensuse Openldap2
5
CVSSv2
CVE-2020-25032
An issue exists in Flask-CORS (aka CORS Middleware for Flask) prior to 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
Flask-cors Project Flask-cors
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
6.5
CVSSv2
CVE-2020-24972
The Kleopatra component prior to 3.1.12 (and prior to 20.07.80) for GnuPG allows remote malicious users to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to lo...
Kleopatra Project Kleopatra
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.5
CVSSv2
CVE-2020-24614
Fossil prior to 2.10.2, 2.11.x prior to 2.11.2, and 2.12.x prior to 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
Fossil-scm Fossil
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
7.1
CVSSv2
CVE-2020-24606
Squid prior to 4.13 and 5.x prior to 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exi...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
4.4
CVSSv2
CVE-2020-14350
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such exte...
Postgresql Postgresql
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
4.6
CVSSv2
CVE-2020-14349
It was found that PostgreSQL versions prior to 12.4, prior to 11.9 and prior to 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL comma...
Postgresql Postgresql
Opensuse Leap 15.1
Opensuse Leap 15.2
4.3
CVSSv2
CVE-2020-8621
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward ...
Isc Bind
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Synology Dns Server
Netapp Steelstore Cloud Integrated Storage -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »