Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse open build service vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2011-4183
A vulnerability in open build service allows remote malicious users to upload arbitrary RPM files. Affected releases are SUSE open build service before 2.1.16.
Opensuse Open Build Service
606
VMScore
CVE-2019-9516
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations a...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 32
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
605
VMScore
CVE-2021-36777
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed malicious users to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects:...
Opensuse Open Build Service
605
VMScore
CVE-2019-3685
Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary
Opensuse Open Build Service
605
VMScore
CVE-2014-0594
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.
Opensuse Open Build Service
578
VMScore
CVE-2011-3178
In the web ui of the openbuildservice prior to 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized malicious users to execute shellcode.
Opensuse Open Build Service
570
VMScore
CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote malicious users to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5...
Opensuse Leap 42.3
Opensuse Leap 15.0
490
VMScore
CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-download_files of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This ...
Opensuse Open Build Service -
490
VMScore
CVE-2018-12466
openSUSE openbuildservice prior to 9.2.4 allowed authenticated users to delete packages on specific projects with project links.
Opensuse Open Build Service
490
VMScore
CVE-2018-12467
Authorized users of the openbuildservice prior to 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.
Opensuse Open Build Service
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »