Filter
-Infinity
0
Trending
Open Build ServiceMultiple XXE vulnerabilities in OBS
First published (updated )
Open Build Servicelogin-proxy sends password to attacker-provided domain
8.8
First published (updated )
Open Build Serviceobs-service-download_files allows downloading from localhost or intranet hosts
6.5
First published (updated )
Open Build ServiceMissing TLS certificate validation for HTTPS connections in osc
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Open Build Serviceobs-service-replace_using_package_version allows to specify arbitrary input files
6.5
First published (updated )
Open Build ServiceRequest controller allows to create requests with arbitrary request IDs
7.5
First published (updated )
Open Build Servicepath traversal in obs-service-tar_scm
7.5
First published (updated )
Open Build Serviceopenbuildservice allowed deleting packages via project links
6.5
First published (updated )
Open Build Servicedelete package via link exploit in open buildservice
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build Serviceopen build service allows anyone to upload rpms
9.8
First published (updated )
openSUSE Open Build Serviceopen build service information leak via unauthorized source access
7.5
First published (updated )
Open Build ServiceNo write permission check in change_role command
8.8
First published (updated )
Open Build ServiceOpen Build Service accepts arbitrary reviews
7.1
First published (updated )
Open Build ServiceOpen Build Service arbitrary package modification
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE Open Build Serviceopenbuildservice webui code injection
8.8
First published (updated )
OpenSUSE Open Build ServiceOS Command Injection, Command Injection
9.3
First published (updated )
Open Build Serviceopen-build-service retrigger / wipebinaries hitting the wrong project bypassing access permissions
6.5
First published (updated )
Open Build ServiceOBS worker VM escape via relative symbolic links
7.5
First published (updated )
openSUSE Open Build Serviceopen build service source server symlink exploitation via source patch
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Open Build ServiceCSRF protection incorrectly disabled
8.8
First published (updated )
openSUSE Open Build ServiceThe API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackā¦
6.4
First published (updated )