Suse Factory Vulnerabilities

Attackers can leak information or cause denial of service through specially crafted git repositories in obs-scm-bridge

CVE-2024-22038

SuseOpensuse Factory7.3HIGH

obs-service-go_modules: arbitrary directory delete

CVE-2022-45155

SuseOpensuse Factory5.5MEDIUM

sendmail: mail to root privilege escalation via sm-client.pre script

CVE-2022-31256

SuseOpensuse Factory7.7HIGH

slurm: %post for slurm-testsuite operates as root in user owned directory

CVE-2022-31251

SuseOpensuse Factory6.5MEDIUM

grub2-once uses fixed file name in /var/tmp

CVE-2021-46705

SuseSuse Linux Enterprise ...5.1MEDIUM

clone-master-clean-up: dangerous file system operations

CVE-2021-32000

SuseSuse Linux Enterprise ...3.2LOW

arpwatch: Local privilege escalation from runtime user to root

CVE-2021-25321

SuseSuse Linux Enterprise ...7.8HIGH

cups: ownership of /var/log/cups allows the lp user to create files as root

CVE-2021-25317

SuseSuse Linux Enterprise ...3.3LOW

osc: stores downloaded (supposed) RPM in network-controlled filesystem paths

CVE-2019-3681

SuseSuse Linux Enterprise ...7.5HIGH

wicked: Use-after-free when receiving invalid DHCP6 IA_PD option

CVE-2019-18903

SuseSuse Linux Enterprise ...7.5HIGH

wicked: Use-after-free when receiving invalid DHCP6 client options

CVE-2019-18902

SuseSuse Linux Enterprise ...7.5HIGH

Local privilege escalation from user salt to root

CVE-2019-18897

SuseSuse Linux Enterprise ...8.4HIGH

nagios cron job allows privilege escalation from user nagios to root

CVE-2019-3698

SuseSuse Linux Enterprise ...5.7MEDIUM

obs-service-extract_file's outfilename parameter allows to write files outside of package directory

CVE-2018-12476

SuseSuse Linux Enterprise ...4.3MEDIUM

Local privilege escalation from user news to root in the packaging of inn

CVE-2019-3692

SuseSuse Linux Enterprise ...7.7HIGH

Local privilege escalation from user munge to root

CVE-2019-3691

SuseSuse Linux Enterprise ...7.7HIGH

trousers: Local privilege escalation from tss to root

CVE-2019-18898

SuseSuse Linux Enterprise ...7.7HIGH

Suse Factory Vulnerabilities

Vulnerability Published:

Sort By:

28 November 2024

Attackers can leak information or cause denial of service through specially crafted git repositories in obs-scm-bridge

15 March 2023

obs-service-go_modules: arbitrary directory delete

26 October 2022

sendmail: mail to root privilege escalation via sm-client.pre script

7 September 2022

slurm: %post for slurm-testsuite operates as root in user owned directory

16 March 2022

grub2-once uses fixed file name in /var/tmp

28 July 2021

clone-master-clean-up: dangerous file system operations

28 June 2021

arpwatch: Local privilege escalation from runtime user to root

5 May 2021

cups: ownership of /var/log/cups allows the lp user to create files as root

29 June 2020

osc: stores downloaded (supposed) RPM in network-controlled filesystem paths

2 March 2020

wicked: Use-after-free when receiving invalid DHCP6 IA_PD option

wicked: Use-after-free when receiving invalid DHCP6 client options

Local privilege escalation from user salt to root

28 February 2020

nagios cron job allows privilege escalation from user nagios to root

27 January 2020

obs-service-extract_file's outfilename parameter allows to write files outside of package directory

24 January 2020

Local privilege escalation from user news to root in the packaging of inn

23 January 2020

Local privilege escalation from user munge to root

trousers: Local privilege escalation from tss to root