Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 15.2 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2020-26117
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC prior to 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
Tigervnc Tigervnc
Debian Debian Linux 9.0
Opensuse Leap 15.2
8.1
CVSSv3
CVE-2020-25039
Sylabs Singularity 3.2.0 up to and including 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
Sylabs Singularity
Opensuse Leap 15.1
Opensuse Leap 15.2
8.1
CVSSv3
CVE-2020-12693
Slurm 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
Schedmd Slurm
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8
CVSSv3
CVE-2020-14352
A flaw was found in librepo in versions prior to 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on th...
Redhat Librepo
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
8
CVSSv3
CVE-2020-12865
A heap buffer overflow in SANE Backends prior to 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
Sane-project Sane Backends
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
7.8
CVSSv3
CVE-2021-25321
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escal...
Suse Arpwatch
7.8
CVSSv3
CVE-2021-25322
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local malicious users to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1....
Python-hyperkitty Project Python-hyperkitty
7.8
CVSSv3
CVE-2021-31998
A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local malicious users to escalate their privileges from the news user to root. This issue affects: SUSE Linux Ent...
Opensuse Inn
7.8
CVSSv3
CVE-2021-31997
A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local malicious users to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and ...
Opensuse Python-postorius
7.8
CVSSv3
CVE-2020-16007
Insufficient data validation in installer in Google Chrome before 86.0.4240.183 allowed a local malicious user to potentially elevate privilege via a crafted filesystem.
Google Chrome
Opensuse Backports Sle 15.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »