Filters
openSUSE LeapA Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux En…
7.8
First published (updated )
SUSE Linux Enterprise Module for SAP Applicationssaphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
7.8
First published (updated )
Opensuse Libzypp-plugin-appdatalibzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
7.8
First published (updated )
Opensuse Rmt-serverrmt-server-pubcloud allows to escalate from user _rmt to root
7.8
First published (updated )
openSUSE Leappermissions: chkstat does not check for group-writable parent directories or target files in safeOpen()
4.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
rubygems/cgiCGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affe…
7.5
First published (updated )
Ruby-lang DateDate.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service…
7.5
First published (updated )
Suse Arpwatcharpwatch: Local privilege escalation from runtime user to root
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Python-hyperkitty Project Python-hyperkittypython-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
7.8
First published (updated )
Opensuse Inninn: %post calls user owned file allowing local privilege escalation to root
7.8
First published (updated )
Opensuse Python-postoriuspython-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root
7.8
First published (updated )
Suse Cupscups: ownership of /var/log/cups allows the lp user to create files as root
3.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/connmangdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack inf…
6.5
First published (updated )
Google ChromeHeap buffer overflow in UI on Windows
9.6
First published (updated )
Google ChromeGoogle Chromium V8 Type Confusion Vulnerability
First published (updated )
Samba SambaNull Pointer Dereference, Input Validation
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE LeapAn issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of servi…
7.8
First published (updated )
openSUSE LeapAn issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a den…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle JDKAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
3.1
First published (updated )
redhat/javaAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
3.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/javaAn unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenti…
4.3
First published (updated )
redhat/javaAn unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated…
4.3
First published (updated )
redhat/javaAn unspecified vulnerability in Java SE related to the Serialization component could allow an unauth…
4.3
First published (updated )
PowerDNS RecursorAn issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Google ChromeInsufficient policy enforcement in ANGLE
8.8
First published (updated )
openSUSE LeapPath traversal and files overwrite with unsquashfs
9.3
First published (updated )
openSUSE Backports SLEIn kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send craf…
5.5
First published (updated )
Zabbix ZabbixZabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary co…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/wiresharkIn Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector coul…
7.5
First published (updated )
ubuntu/wiresharkIn Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. Th…
7.5
First published (updated )
openSUSE Backports SLEA missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
Canonical Ubuntu LinuxWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
Tigervnc TigervncIn rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS c…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.