Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse backports sle 15.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-12640
Roundcube Webmail prior to 1.4.4 allows malicious users to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.
Roundcube Webmail
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
1 Github repository
7.5
CVSSv2
CVE-2020-12641
rcube_image.php in Roundcube Webmail prior to 1.4.4 allows malicious users to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
Roundcube Webmail
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
2 Github repositories
1 Article
7.5
CVSSv2
CVE-2020-8955
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat up to and including 2.7 allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).
Weechat Weechat
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2019-18622
An issue exists in phpMyAdmin prior to 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
Phpmyadmin Phpmyadmin
Opensuse Leap 15.0
Fedoraproject Fedora 30
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
7.5
CVSSv2
CVE-2019-17545
GDAL up to and including 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
Osgeo Gdal
Oracle Spatial And Graph 19c
Oracle Spatial And Graph 12.2.0.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv2
CVE-2019-17455
Libntlm up to and including 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Nongnu Libntlm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Github repository
7.5
CVSSv2
CVE-2019-13962
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player up to and including 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 Article
7.5
CVSSv2
CVE-2019-9215
In Live555 prior to 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
Live555 Streaming Media
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
7.5
CVSSv2
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy 1.3.0
Sqlalchemy Sqlalchemy
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
7.2
CVSSv2
CVE-2020-8026
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-...
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Opensuse Tumbleweed
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »