Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse project vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-45082
An issue exists in Cobbler prior to 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)
Cobbler Project Cobbler
Suse Linux Enterprise Server 11
Opensuse Factory -
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Opensuse Backports Sle-15
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2020-17367
Firejail up to and including 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-15396
In HylaFAX+ up to and including 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Hylafax\\+ Project Hylafax\\+
Ifax Hylafax Enterprise -
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-11865
libEMF (aka ECMA-234 Metafile Library) up to and including 1.0.11 allows out-of-bounds memory access.
Libemf Project Libemf
Opensuse Leap 15.1
Fedoraproject Fedora 31
7.8
CVSSv3
CVE-2020-11866
libEMF (aka ECMA-234 Metafile Library) up to and including 1.0.11 allows a use-after-free.
Libemf Project Libemf
Opensuse Leap 15.1
Fedoraproject Fedora 31
7.8
CVSSv3
CVE-2019-18389
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE ...
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2019-19917
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
Lout Project Lout 3.40
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2019-19918
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
Lout Project Lout 3.40
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2010-4661
udisks prior to 1.0.3 allows a local user to load arbitrary Linux kernel modules.
Udisks Project Udisks
Debian Debian Linux 8.0
Fedoraproject Fedora
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
Redhat Enterprise Linux 6.0
7.8
CVSSv3
CVE-2017-5332
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils prior to 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Icoutils Project Icoutils
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.7
Canonical Ubuntu Linux 12.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Opensuse Leap 42.1
Opensuse Leap 42.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »