Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse build service vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-download_files of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This ...
Opensuse Open Build Service -
6.5
CVSSv3
CVE-2018-12478
A Improper Input Validation vulnerability in Open Build Service allows remote malicious users to extract files from the system where the service runs. Affected releases are openSUSE Open Build Service: status of is unknown.
Opensuse Open Build Service -
5.3
CVSSv3
CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote malicious users to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions before 2.10.5.
Opensuse Open Build Service
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2020-8020
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote malicious users to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions before 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.
Opensuse Open Build Service
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2018-12477
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote malicious users to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5...
Opensuse Leap 42.3
Opensuse Leap 15.0
9.8
CVSSv3
CVE-2018-12474
Improper input validation in obs-service-tar_scm of Open Build Service allows remote malicious users to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service...
Opensuse Tar Scm
9.8
CVSSv3
CVE-2011-0469
Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.
Suse Opensuse -
8.2
CVSSv3
CVE-2020-13379
The avatar feature in Grafana 3.0.1 up to and including 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain inf...
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp E-series Performance Analyzer -
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
7 Github repositories
7.8
CVSSv3
CVE-2020-15567
An issue exists in Xen up to and including 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of no...
Xen Xen
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7
CVSSv3
CVE-2010-1437
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and previous versions allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session co...
Linux Linux Kernel 2.6.34
Linux Linux Kernel
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise High Availability Extension 11
Debian Debian Linux 5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »