cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22038,https://securityvulnerability.io/vulnerability/CVE-2024-22038,Attackers can leak information or cause denial of service through specially crafted git repositories in obs-scm-bridge,"The vulnerability in the OBS SCM Bridge product from SUSE arises from various issues that allow attackers to exploit specially crafted git repositories. This exploitation can lead to unauthorized information disclosure, enabling potential denial of service impacts. Organizations using this product should assess their risk and apply necessary mitigations promptly.",Suse,Opensuse Factory,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-28T09:38:03.449Z,0
CVE-2024-22034,https://securityvulnerability.io/vulnerability/CVE-2024-22034,Attackers can inject malicious files into osc package sources,"A configuration manipulation vulnerability exists in the open source configuration tool, osc, where attackers can place special files within the .osc directory into the actual package sources. By exploiting this flaw, an attacker can modify critical configuration settings, potentially impacting system operations and security for the victim user. This vulnerability highlights the importance of securing configuration tools against unauthorized access and manipulation.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Development Tools 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise Desktop 15 Sp6,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Development Tools 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 12 Sp5,Suse Linux Enterprise Server For SAP Applications 12 Sp5,Suse Linux Enterprise Software Development Kit 12 Sp5,Opensuse Leap 15.5,Opensuse Leap 15.6,Opensuse Tumbleweed",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:46:08.416Z,0
CVE-2024-22033,https://securityvulnerability.io/vulnerability/CVE-2024-22033,OBS Service Vulnerable to Command Injection Attack,The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed to execute command in later steps,Suse,"Suse Package Hub 15 Sp5,Suse Package Hub 15 Sp6,Opensuse Leap 15.5,Opensuse Leap 15.6,Opensuse Tumbleweed",6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:42:46.559Z,0
CVE-2024-22029,https://securityvulnerability.io/vulnerability/CVE-2024-22029,Local User Escalation via Insecure Packaging,"The vulnerability arises from insecure permissions associated with the packaging of Tomcat, a web server and servlet container. This flaw allows local users to exploit a race condition during the installation process, potentially leading to privilege escalation to root. Organizations employing Tomcat should take immediate precautions to secure their environments against unauthorized privilege escalations by reviewing the implementation and applying any necessary patches or mitigations.",Suse,"Container Suse/manager/5.0/x86 64/server:5.0.0-beta1.2.122,Suse Enterprise Storage 7.1,Suse Linux Enterprise High Performance Computing 15 Sp2-ltss,Suse Linux Enterprise High Performance Computing 15 Sp3-ltss,Suse Linux Enterprise High Performance Computing 15 Sp4-espos,Suse Linux Enterprise High Performance Computing 15 Sp4-ltss,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Web And Scripting 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Web And Scripting 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 15 Sp2-ltss,Suse Linux Enterprise Server 15 Sp3-ltss,Suse Linux Enterprise Server 15 Sp4-ltss,Suse Linux Enterprise Server For SAP Applications 15 Sp2,Suse Linux Enterprise Server For SAP Applications 15 Sp3,Suse Linux Enterprise Server For SAP Applications 15 Sp4,Suse Manager Server 4.3,Opensuse Leap 15.5,Opensuse Tumbleweed",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:20:47.698Z,0
CVE-2023-32190,https://securityvulnerability.io/vulnerability/CVE-2023-32190,Mlocate Vulnerability Allows Arbitrary File Read by Root Users,"mlocate's post-installation script contains vulnerabilities that enable users with RUN_UPDATEDB_AS privileges to alter file permissions in a manner that makes arbitrary files world-readable. This occurs due to inadequate checks and insecure file operations executed with root-level privileges, allowing unauthorized access to sensitive data. The flaw underscores the importance of implementing stricter user permissions and validating file operations to safeguard system integrity.",Suse,Opensuse Tumbleweed,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T12:03:05.078Z,0
CVE-2023-32182,https://securityvulnerability.io/vulnerability/CVE-2023-32182,Improper Link Resolution Vulnerability in SUSE Linux Products,"A vulnerability exists in SUSE Linux products that allows an attacker to exploit improper link following mechanisms, potentially gaining unauthorized access to files or executing unintended actions. This issue affects multiple SUSE and openSUSE versions prior to specified patches, leading to implications for both security and data integrity.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Opensuse Leap 15.5",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-19T16:15:00.000Z,0
CVE-2022-45155,https://securityvulnerability.io/vulnerability/CVE-2022-45155,obs-service-go_modules: arbitrary directory delete,An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.,Suse,Opensuse Factory,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2022-45153,https://securityvulnerability.io/vulnerability/CVE-2022-45153,saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls,"The saphanabootstrap-formula component in specific SUSE Linux distributions allows local attackers the ability to escalate privileges to root. This arises from an incorrect default permissions setting in the sudo configuration, making it vulnerable to manipulation. Affected versions in SUSE Linux Enterprise Module for SAP Applications 15-SP1 and openSUSE Leap 15.4 are at risk if they are prior to version 0.13.1+git.1667812208.4db963e. It’s crucial for users to update to the latest version to mitigate this issue.",Suse,"Suse Linux Enterprise Module For SAP Applications 15-sp1,Suse Linux Enterprise Server For SAP 12-sp5,Opensuse Leap 15.4",7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2022-31254,https://securityvulnerability.io/vulnerability/CVE-2022-31254,rmt-server-pubcloud allows to escalate from user _rmt to root,"An Incorrect Default Permissions vulnerability has been identified in the rmt-server-regsharing service of multiple SUSE products. This flaw permits local attackers with access to the _rmt user to escalate their privileges to root, potentially compromising the system's integrity. Affected versions include SUSE Linux Enterprise Server for SAP 15, its SP1 edition, SUSE Manager Server 4.1, and openSUSE Leap 15.3 and 15.4, specifically those rmt-server versions prior to 2.10. It is critical for organizations using these systems to apply the necessary updates to mitigate this security risk.",Suse,"Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Server For SAP 15-sp1,Suse Manager Server 4.1,Opensuse Leap 15.3,Opensuse Leap 15.4",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2023-22643,https://securityvulnerability.io/vulnerability/CVE-2023-22643,libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls,"An improper handling of special elements in the libzypp-plugin-appdata of SUSE Linux Enterprise Server and openSUSE Leap permits malicious actors to exploit the system. By manipulating REPO_ALIAS, REPO_TYPE, or REPO_METADATA_PATH settings, attackers can execute arbitrary code with root privileges, potentially compromising the integrity and security of affected systems. This vulnerability affects specific versions of the libzypp-plugin-appdata, highlighting the need for users to update to the latest versions to mitigate these risks.",SUSE,"SUSE Linux Enterprise Server for SAP 15-SP3,openSUSE Leap 15.4",7.8,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-31256,https://securityvulnerability.io/vulnerability/CVE-2022-31256,sendmail: mail to root privilege escalation via sm-client.pre script,A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.,Suse,Opensuse Factory,7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-26T00:00:00.000Z,0
CVE-2022-31252,https://securityvulnerability.io/vulnerability/CVE-2022-31252,permissions: chkstat does not check for group-writable parent directories or target files in safeOpen(),"A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.",Suse,"Suse Linux Enterprise Server 12-sp5,Opensuse Leap 15.3,Opensuse Leap 15.4,Opensuse Leap Micro 5.2",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-06T18:16:00.000Z,0
CVE-2022-31251,https://securityvulnerability.io/vulnerability/CVE-2022-31251,slurm: %post for slurm-testsuite operates as root in user owned directory,A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.,Suse,Opensuse Factory,6.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-07T00:00:00.000Z,0
CVE-2021-46705,https://securityvulnerability.io/vulnerability/CVE-2021-46705,grub2-once uses fixed file name in /var/tmp,"A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.",Suse,"Suse Linux Enterprise Server 15 Sp4,Opensuse Factory",5.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-03-16T10:15:00.000Z,0
CVE-2021-31998,https://securityvulnerability.io/vulnerability/CVE-2021-31998,inn: %post calls user owned file allowing local privilege escalation to root,"A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.",Suse,"Suse Linux Enterprise Server 11-sp3,Opensuse Backports Sle-15-sp2,Opensuse Leap 15.2",6.8,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-10T12:15:00.000Z,0
CVE-2021-25317,https://securityvulnerability.io/vulnerability/CVE-2021-25317,cups: ownership of /var/log/cups allows the lp user to create files as root,"A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions.",Suse,"Suse Linux Enterprise Server 11-sp4-ltss,Suse Manager Server 4.0,Suse Openstack Cloud Crowbar 9,Opensuse Leap 15.2,Factory",3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-05-05T00:00:00.000Z,0
CVE-2020-8027,https://securityvulnerability.io/vulnerability/CVE-2020-8027,openldap uses fixed paths in /tmp,"A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.",Suse,"Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Opensuse Leap 15.1,Opensuse Leap 15.2",7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-02-11T16:15:00.000Z,0
CVE-2020-8023,https://securityvulnerability.io/vulnerability/CVE-2020-8023,Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2,"A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.",Suse,"Suse Enterprise Storage 5,Suse Linux Enterprise Debuginfo 11-sp3,Suse Linux Enterprise Debuginfo 11-sp4,Suse Linux Enterprise Point Of Sale 11-sp3,Suse Linux Enterprise Server 11-security,Suse Linux Enterprise Server 11-sp4-ltss,Suse Linux Enterprise Server 12-sp2-bcl,Suse Linux Enterprise Server 12-sp2-ltss,Suse Linux Enterprise Server 12-sp3-bcl,Suse Linux Enterprise Server 12-sp3-ltss,Suse Linux Enterprise Server 12-sp4,Suse Linux Enterprise Server 12-sp5,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 12-sp2,Suse Linux Enterprise Server For SAP 12-sp3,Suse Linux Enterprise Server For SAP 15,Suse Openstack Cloud 7,Suse Openstack Cloud 8,Suse Openstack Cloud Crowbar 8,Opensuse Leap 15.1,Opensuse Leap 15.2",7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-09-01T12:15:00.000Z,0
CVE-2020-8025,https://securityvulnerability.io/vulnerability/CVE-2020-8025,outdated entries in permissions profiles for /var/lib/pcp/tmp/* may cause security issues,"A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.",Suse,"Suse Linux Enterprise Server 12-sp4,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Opensuse Leap 15.1,Opensuse Tumbleweed",6.1,MEDIUM,0.0015699999639764428,false,,false,false,false,,,false,false,,2020-08-07T10:15:00.000Z,0
CVE-2019-3681,https://securityvulnerability.io/vulnerability/CVE-2019-3681,osc: stores downloaded (supposed) RPM in network-controlled filesystem paths,"A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .",Suse,"Suse Linux Enterprise Module For Development Tools 15,Suse Linux Enterprise Software Development Kit 12-sp5,Suse Linux Enterprise Software Development Kit 12-sp4,Opensuse Leap 15.1,Opensuse Factory",7.5,HIGH,0.01655000075697899,false,,false,false,false,,,false,false,,2020-06-29T12:15:00.000Z,0
CVE-2020-8019,https://securityvulnerability.io/vulnerability/CVE-2020-8019,syslog-ng: Local privilege escalation from new to root in %post,"A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.",Suse,"Suse Linux Enterprise Debuginfo 11-sp3,Suse Linux Enterprise Debuginfo 11-sp4,Suse Linux Enterprise Module For Legacy Software 12,Suse Linux Enterprise Point Of Sale 11-sp3,Suse Linux Enterprise Server 11-sp4-ltss,Suse Linux Enterprise Server For SAP 12-sp1,Opensuse Backports Sle-15-sp1,Opensuse Leap 15.1",7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-06-29T00:00:00.000Z,0
CVE-2019-18904,https://securityvulnerability.io/vulnerability/CVE-2019-18904,Migrations requests can cause DoS on rmt,"A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.",Suse,"Suse Linux Enterprise High Performance Computing 15-espos,Suse Linux Enterprise High Performance Computing 15-ltss,Suse Linux Enterprise Module For Public Cloud 15-sp1,Suse Linux Enterprise Module For Server Applications 15,Suse Linux Enterprise Module For Server Applications 15-sp1,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Opensuse Leap 15.1",6.5,MEDIUM,0.001829999964684248,false,,false,false,false,,,false,false,,2020-04-03T00:00:00.000Z,0
CVE-2020-8016,https://securityvulnerability.io/vulnerability/CVE-2020-8016,race condition in the packaging of texlive-filesysten,"A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.",Suse,"Suse Linux Enterprise Module For Desktop Applications 15-sp1,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",4.9,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-04-02T14:15:00.000Z,0
CVE-2020-8017,https://securityvulnerability.io/vulnerability/CVE-2020-8017,race condition on texlive-filesystem cron job allows for the deletion of unintended files,"A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.",Suse,"Suse Linux Enterprise Module For Desktop Applications 15-sp1,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-04-02T00:00:00.000Z,0
CVE-2019-3696,https://securityvulnerability.io/vulnerability/CVE-2019-3696,pcp: Local privilege escalation from user pcp to root through migrate_tempdirs,"A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.",Suse,"Suse Linux Enterprise High Performance Computing 15-espos,Suse Linux Enterprise High Performance Computing 15-ltss,Suse Linux Enterprise Module For Development Tools 15,Suse Linux Enterprise Module For Development Tools 15-sp1,Suse Linux Enterprise Module For Open Buildservice Development Tools 15,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",8.4,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-03-03T11:15:00.000Z,0