Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this ...
Google Guest-oslogin
Opensuse Leap 15.1
Opensuse Leap 15.2
9.8
CVSSv3
CVE-2017-6542
The ssh_agent_channel_data function in PuTTY prior to 0.68 allows remote malicious users to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, w...
Putty Putty
Opensuse Project Leap 42.1
Opensuse Leap 42.2
1 EDB exploit
7.5
CVSSv3
CVE-2017-6594
The transit path validation code in Heimdal prior to 7.3 might allow malicious users to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
Heimdal Project Heimdal
Opensuse Leap 42.2
Opensuse Leap 42.3
6.1
CVSSv3
CVE-2015-8010
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga prior to 1.14 allows remote malicious users to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
Icinga Icinga
Opensuse Leap 42.2
Opensuse Project Leap 42.1
9.8
CVSSv3
CVE-2019-8341
An issue exists in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE...
Pocoo Jinja2 2.10
Opensuse Leap 42.3
Opensuse Leap 15.0
1 EDB exploit
1 Github repository
7.8
CVSSv3
CVE-2020-8907
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker w...
Google Guest-oslogin
Opensuse Leap 15.1
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-8933
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can at...
Google Guest-oslogin
Opensuse Leap 15.1
Opensuse Leap 15.2
5.5
CVSSv3
CVE-2016-10068
The MSL interpreter in ImageMagick prior to 6.9.6-4 allows remote malicious users to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
Imagemagick Imagemagick
Opensuse Leap 42.2
Opensuse Project Leap 42.1
6.5
CVSSv3
CVE-2019-2848
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.32 and before 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Orac...
Oracle Vm Virtualbox
Opensuse Leap 15.0
Opensuse Leap 15.1
2.8
CVSSv3
CVE-2019-2850
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.2.32 and before 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Orac...
Oracle Vm Virtualbox
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »