Versions
Opensuse Libzypp-plugin-appdatalibzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
openSUSE Factory watchmanwatchman: chown in watchman@.socket unit allows symlink attack
SaltStack Saltsalt-api unauthenticated remote code execution
redhat/grub2GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.
redhat/grub2GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/grub2GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraInappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker…
Suse Obs-service-tar Scmobs-service-extract_file's outfilename parameter allows to write files outside of package directory
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Yast2-rmt Project Yast2-rmtyast2-rmt exposes CA private key passhrase in log-file
Opensuse Libzypplibzypp stores cookies world readable
Opensuse MungeLocal privilege escalation from user munge to root
Suse Trouserstrousers: Local privilege escalation from tss to root
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Microfocus FilrLocal privilege escalation in Filr famtd
Microfocus FilrPath traversal vulnerability in Filr web application
Nodejs Node.jsNode.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be …
redhat/nodejsNode.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Linuxcontainers LxcThe lxc-user-nic component of LXC allows unprivileged users to open arbitrary files
Dell EMC iDRAC Service ModuleiSM: Dell EMC iDRAC Service Module Improper File Permission Vulnerability
SUSE SUSE Linux Enterprise ServerMissing verification of host key for kdump server
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SUSE SUSE Linux Enterprise Serversquid: /usr/sbin/pinger packaged with wrong permission
PostgreSQL PostgreSQLlocal privilege escalation in SUSE postgresql init script
openSUSE Leapgame-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
NTP ntpThe ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does…
Canonical Ubuntu Linuxcoders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ImageMagick ImageMagickImageMagick Improper Input Validation Vulnerability
SUSE Linux Enterprise Software Development KitBuffer Overflow, Integer Overflow
SUSE Linux Enterprise Software Development KitBuffer Overflow
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SUSE Linux Enterprise DesktopBuffer Overflow, Integer Overflow
SUSE Linux Enterprise DesktopThe strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.