Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 15.2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-12640
Roundcube Webmail prior to 1.4.4 allows malicious users to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.
Roundcube Webmail
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
1 Github repository
516
VMScore
CVE-2020-15229
Singularity (an open source container platform) from version 3.1.1 up to and including 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem ...
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
668
VMScore
CVE-2020-12641
rcube_image.php in Roundcube Webmail prior to 1.4.4 allows malicious users to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
Roundcube Webmail
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
2 Github repositories
1 Article
383
VMScore
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
169
VMScore
CVE-2020-15095
Versions of the npm CLI before 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is no...
Npmjs Npm
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 33
605
VMScore
CVE-2019-18934
Unbound 1.6.4 up to and including 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled a...
Nlnetlabs Unbound
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
445
VMScore
CVE-2020-8228
A missing rate limit in the Preferred Providers app 1.7.0 allowed an malicious user to set the password an uncontrolled amount of times.
Nextcloud Preferred Providers 1.7.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
445
VMScore
CVE-2020-15466
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.
Wireshark Wireshark
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
445
VMScore
CVE-2020-11647
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
Wireshark Wireshark
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
445
VMScore
CVE-2020-15203
In Tensorflow prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. This may resul...
Google Tensorflow
Opensuse Leap 15.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »