Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse build service vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-5188
The bs_worker code in open build service prior to 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.
Opensuse Open Build Service
3.5
CVSSv2
CVE-2020-8031
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote malicious users to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affect...
Opensuse Open Build Service
4.3
CVSSv2
CVE-2020-8020
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote malicious users to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions before 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.
Opensuse Open Build Service
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote malicious users to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions before 2.10.5.
Opensuse Open Build Service
Debian Debian Linux 9.0
6.4
CVSSv2
CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote malicious users to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5...
Opensuse Leap 42.3
Opensuse Leap 15.0
7.5
CVSSv2
CVE-2018-12474
Improper input validation in obs-service-tar_scm of Open Build Service allows remote malicious users to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service...
Opensuse Tar Scm
9
CVSSv2
CVE-2011-0469
Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.
Suse Opensuse -
6.4
CVSSv2
CVE-2020-13379
The avatar feature in Grafana 3.0.1 up to and including 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain inf...
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp E-series Performance Analyzer -
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
7 Github repositories
4.4
CVSSv2
CVE-2020-15567
An issue exists in Xen up to and including 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of no...
Xen Xen
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
4.4
CVSSv2
CVE-2010-1437
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and previous versions allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session co...
Linux Linux Kernel 2.6.34
Linux Linux Kernel
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise High Availability Extension 11
Debian Debian Linux 5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »