cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22034,https://securityvulnerability.io/vulnerability/CVE-2024-22034,Attackers can inject malicious files into osc package sources,"A configuration manipulation vulnerability exists in the open source configuration tool, osc, where attackers can place special files within the .osc directory into the actual package sources. By exploiting this flaw, an attacker can modify critical configuration settings, potentially impacting system operations and security for the victim user. This vulnerability highlights the importance of securing configuration tools against unauthorized access and manipulation.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Development Tools 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise Desktop 15 Sp6,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Development Tools 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 12 Sp5,Suse Linux Enterprise Server For SAP Applications 12 Sp5,Suse Linux Enterprise Software Development Kit 12 Sp5,Opensuse Leap 15.5,Opensuse Leap 15.6,Opensuse Tumbleweed",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:46:08.416Z,0
CVE-2023-32182,https://securityvulnerability.io/vulnerability/CVE-2023-32182,Improper Link Resolution Vulnerability in SUSE Linux Products,"A vulnerability exists in SUSE Linux products that allows an attacker to exploit improper link following mechanisms, potentially gaining unauthorized access to files or executing unintended actions. This issue affects multiple SUSE and openSUSE versions prior to specified patches, leading to implications for both security and data integrity.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Opensuse Leap 15.5",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-19T16:15:00.000Z,0
CVE-2020-8016,https://securityvulnerability.io/vulnerability/CVE-2020-8016,race condition in the packaging of texlive-filesysten,"A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.",Suse,"Suse Linux Enterprise Module For Desktop Applications 15-sp1,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",4.9,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-04-02T14:15:00.000Z,0
CVE-2020-8017,https://securityvulnerability.io/vulnerability/CVE-2020-8017,race condition on texlive-filesystem cron job allows for the deletion of unintended files,"A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.",Suse,"Suse Linux Enterprise Module For Desktop Applications 15-sp1,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-04-02T00:00:00.000Z,0
CVE-2015-8929,https://securityvulnerability.io/vulnerability/CVE-2015-8929,,Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.,Suse,"Linux Enterprise Software Development Kit,Linux Enterprise Server,Linux Enterprise Desktop",5.5,MEDIUM,0.006670000031590462,false,,false,false,false,,,false,false,,2016-09-20T14:00:00.000Z,0
CVE-2015-8930,https://securityvulnerability.io/vulnerability/CVE-2015-8930,,bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.,Suse,"Linux Enterprise Software Development Kit,Linux Enterprise Server,Linux Enterprise Desktop",7.5,HIGH,0.044179998338222504,false,,false,false,false,,,false,false,,2016-09-20T14:00:00.000Z,0
CVE-2015-8934,https://securityvulnerability.io/vulnerability/CVE-2015-8934,,The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.,Suse,"Linux Enterprise Software Development Kit,Linux Enterprise Server,Linux Enterprise Desktop",5.5,MEDIUM,0.004490000195801258,false,,false,false,false,,,false,false,,2016-09-20T14:00:00.000Z,0
CVE-2014-9761,https://securityvulnerability.io/vulnerability/CVE-2014-9761,,"Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.",Suse,"Linux Enterprise Server,Linux Enterprise Debuginfo,Linux Enterprise Software Development Kit,Linux Enterprise Desktop,Opensuse,Suse Linux Enterprise Server",9.8,CRITICAL,0.02655000053346157,false,,false,false,false,,,false,false,,2016-04-19T21:00:00.000Z,0
CVE-2015-8779,https://securityvulnerability.io/vulnerability/CVE-2015-8779,,Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.,Suse,"Linux Enterprise Server,Linux Enterprise Desktop,Linux Enterprise Debuginfo,Linux Enterprise Software Development Kit,Opensuse,Suse Linux Enterprise Server",9.8,CRITICAL,0.023339999839663506,false,,false,false,false,,,false,false,,2016-04-19T21:00:00.000Z,0
CVE-2015-8776,https://securityvulnerability.io/vulnerability/CVE-2015-8776,,The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.,Suse,"Linux Enterprise Server,Linux Enterprise Desktop,Linux Enterprise Debuginfo,Linux Enterprise Software Development Kit,Opensuse,Suse Linux Enterprise Server",9.1,CRITICAL,0.007259999867528677,false,,false,false,false,,,false,false,,2016-04-19T21:00:00.000Z,0
CVE-2015-5969,https://securityvulnerability.io/vulnerability/CVE-2015-5969,,The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.,Suse,"Linux Enterprise Software Development Kit,Linux Enterprise Server,Linux Enterprise Workstation Extension,Linux Enterprise Desktop,Leap,Opensuse",6.2,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2016-04-08T15:00:00.000Z,0
CVE-2015-1781,https://securityvulnerability.io/vulnerability/CVE-2015-1781,,"Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.",Suse,"Linux Enterprise Server,Linux Enterprise Desktop,Linux Enterprise Debuginfo",,,0.1290300041437149,false,,false,false,false,,,false,false,,2015-09-28T20:00:00.000Z,0
CVE-2015-2734,https://securityvulnerability.io/vulnerability/CVE-2015-2734,,"The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.",Suse,"Linux Enterprise Server,Linux Enterprise Software Development Kit,Linux Enterprise Desktop,Suse Linux Enterprise Server",,,0.0056500001810491085,false,,false,false,false,,,false,false,,2015-07-06T01:00:00.000Z,0
CVE-2015-0439,https://securityvulnerability.io/vulnerability/CVE-2015-0439,,"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.",Suse,"Suse Linux Enterprise Server,Suse Linux Enterprise Software Development Kit,Suse Linux Enterprise Desktop",,,0.006479999981820583,false,,false,false,false,,,false,false,,2015-04-16T16:00:00.000Z,0
CVE-2015-2576,https://securityvulnerability.io/vulnerability/CVE-2015-2576,,"Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation.",Suse,"Linux Enterprise Desktop,Linux Enterprise Server,Linux Enterprise Software Development Kit",,,0.0006900000153109431,false,,false,false,false,,,false,false,,2015-04-16T16:00:00.000Z,0
CVE-2015-0505,https://securityvulnerability.io/vulnerability/CVE-2015-0505,,"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",Suse,"Linux Enterprise Desktop,Linux Enterprise Server,Linux Enterprise Software Development Kit",,,0.0032099999953061342,false,,false,false,false,,,false,false,,2015-04-16T16:00:00.000Z,0
CVE-2015-0358,https://securityvulnerability.io/vulnerability/CVE-2015-0358,,"Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-3039.",Suse,"Suse Linux Enterprise Desktop,Suse Linux Workstation Extension,Opensuse",,,0.021460000425577164,false,,false,false,false,,,false,false,,2015-04-14T22:00:00.000Z,0
CVE-2014-8121,https://securityvulnerability.io/vulnerability/CVE-2014-8121,,"DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.",Suse,"Suse Linux Enterprise Server,Suse Linux Enterprise Desktop",,,0.015479999594390392,false,,false,false,false,,,false,false,,2015-03-27T14:00:00.000Z,0
CVE-2014-9116,https://securityvulnerability.io/vulnerability/CVE-2014-9116,,"The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.",Suse,"Linux Enterprise Desktop,Suse Linux Enterprise Server",,,0.01850000023841858,false,,false,false,false,,,false,false,,2014-12-02T16:00:00.000Z,0
CVE-2014-4214,https://securityvulnerability.io/vulnerability/CVE-2014-4214,,Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.,Suse,"Linux Enterprise Server,Linux Enterprise Desktop",,,0.007860000245273113,false,,false,false,false,,,false,false,,2014-07-17T02:36:00.000Z,0
CVE-2014-4207,https://securityvulnerability.io/vulnerability/CVE-2014-4207,,Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.,Suse,"Linux Enterprise Desktop,Linux Enterprise Server,Linux Enterprise Software Development Kit",,,0.00622999994084239,false,,false,false,false,,,false,false,,2014-07-17T02:36:00.000Z,0
CVE-2014-2977,https://securityvulnerability.io/vulnerability/CVE-2014-2977,,"Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow.",Suse,"Linux Enterprise Software Development Kit,Linux Enterprise Desktop,Linux Enterprise Workstation Extension,Opensuse,Suse Linux Enterprise Server",,,0.03554999828338623,false,,false,false,false,,,false,false,,2014-06-11T14:00:00.000Z,0
CVE-2014-3917,https://securityvulnerability.io/vulnerability/CVE-2014-3917,,"kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.",Suse,Linux Enterprise Desktop,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2014-06-05T17:00:00.000Z,0
CVE-2014-1498,https://securityvulnerability.io/vulnerability/CVE-2014-1498,,"The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.",Suse,"Linux Enterprise Desktop,Linux Enterprise Server,Linux Enterprise Software Development Kit",,,0.014709999784827232,false,,false,false,false,,,false,false,,2014-03-19T10:00:00.000Z,0
CVE-2014-1499,https://securityvulnerability.io/vulnerability/CVE-2014-1499,,Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.,Suse,"Linux Enterprise Desktop,Linux Enterprise Server,Linux Enterprise Software Development Kit",,,0.007860000245273113,false,,false,false,false,,,false,false,,2014-03-19T10:00:00.000Z,0