Filter
AND

openSUSE Open Build ServiceMultiple XXE vulnerabilities in OBS

First published (updated )

openSUSE Open Build Servicelogin-proxy sends password to attacker-provided domain

8.8
First published (updated )

openSUSE Open Build Serviceobs: Stored XSS

First published (updated )

openSUSE Open Build Serviceobs-service-download_files allows downloading from localhost or intranet hosts

First published (updated )

openSUSE Open Build Serviceunauthorized read access to files where sourceaccess is disabled via a crafted _service file in Open Build Service

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

openSUSE Open Build ServicePersistent XSS in markdown parser used by obs-server

First published (updated )

openSUSE Open Build ServiceMissing TLS certificate validation for HTTPS connections in osc

7.7
First published (updated )

openSUSE Open Build Serviceobs-service-replace_using_package_version allows to specify arbitrary input files

First published (updated )

openSUSE Open Build ServiceRequest controller allows to create requests with arbitrary request IDs

7.5
First published (updated )

openSUSE Open Build Servicepath traversal in obs-service-tar_scm

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

openSUSE Open Build Serviceopenbuildservice allowed deleting packages via project links

First published (updated )

openSUSE Open Build Servicedelete package via link exploit in open buildservice

First published (updated )

openSUSE Open Build Serviceopen build service allows anyone to upload rpms

First published (updated )

openSUSE Open Build Serviceopen build service information leak via unauthorized source access

7.5
First published (updated )

openSUSE Open Build ServiceNo write permission check in change_role command

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

openSUSE Open Build ServiceOpen Build Service accepts arbitrary reviews

7.1
First published (updated )

openSUSE Open Build ServiceOpen Build Service arbitrary package modification

7.1
First published (updated )

openSUSE Open Build Serviceopenbuildservice webui code injection

8.8
First published (updated )

openSUSE Open Build Serviceopen-build-service retrigger / wipebinaries hitting the wrong project bypassing access permissions

First published (updated )

openSUSE Open Build ServiceOBS worker VM escape via relative symbolic links

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

openSUSE Open Build ServiceCSRF protection incorrectly disabled

8.8
First published (updated )

openSUSE Open Build Servicesed command injection

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203