cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22034,https://securityvulnerability.io/vulnerability/CVE-2024-22034,Attackers can inject malicious files into osc package sources,"A configuration manipulation vulnerability exists in the open source configuration tool, osc, where attackers can place special files within the .osc directory into the actual package sources. By exploiting this flaw, an attacker can modify critical configuration settings, potentially impacting system operations and security for the victim user. This vulnerability highlights the importance of securing configuration tools against unauthorized access and manipulation.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Development Tools 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise Desktop 15 Sp6,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Development Tools 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 12 Sp5,Suse Linux Enterprise Server For SAP Applications 12 Sp5,Suse Linux Enterprise Software Development Kit 12 Sp5,Opensuse Leap 15.5,Opensuse Leap 15.6,Opensuse Tumbleweed",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:46:08.416Z,0
CVE-2024-22033,https://securityvulnerability.io/vulnerability/CVE-2024-22033,OBS Service Vulnerable to Command Injection Attack,The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed to execute command in later steps,Suse,"Suse Package Hub 15 Sp5,Suse Package Hub 15 Sp6,Opensuse Leap 15.5,Opensuse Leap 15.6,Opensuse Tumbleweed",6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:42:46.559Z,0
CVE-2024-22029,https://securityvulnerability.io/vulnerability/CVE-2024-22029,Local User Escalation via Insecure Packaging,"The vulnerability arises from insecure permissions associated with the packaging of Tomcat, a web server and servlet container. This flaw allows local users to exploit a race condition during the installation process, potentially leading to privilege escalation to root. Organizations employing Tomcat should take immediate precautions to secure their environments against unauthorized privilege escalations by reviewing the implementation and applying any necessary patches or mitigations.",Suse,"Container Suse/manager/5.0/x86 64/server:5.0.0-beta1.2.122,Suse Enterprise Storage 7.1,Suse Linux Enterprise High Performance Computing 15 Sp2-ltss,Suse Linux Enterprise High Performance Computing 15 Sp3-ltss,Suse Linux Enterprise High Performance Computing 15 Sp4-espos,Suse Linux Enterprise High Performance Computing 15 Sp4-ltss,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Web And Scripting 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Web And Scripting 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 15 Sp2-ltss,Suse Linux Enterprise Server 15 Sp3-ltss,Suse Linux Enterprise Server 15 Sp4-ltss,Suse Linux Enterprise Server For SAP Applications 15 Sp2,Suse Linux Enterprise Server For SAP Applications 15 Sp3,Suse Linux Enterprise Server For SAP Applications 15 Sp4,Suse Manager Server 4.3,Opensuse Leap 15.5,Opensuse Tumbleweed",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:20:47.698Z,0
CVE-2023-32182,https://securityvulnerability.io/vulnerability/CVE-2023-32182,Improper Link Resolution Vulnerability in SUSE Linux Products,"A vulnerability exists in SUSE Linux products that allows an attacker to exploit improper link following mechanisms, potentially gaining unauthorized access to files or executing unintended actions. This issue affects multiple SUSE and openSUSE versions prior to specified patches, leading to implications for both security and data integrity.",Suse,"Suse Linux Enterprise Desktop 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp5,Opensuse Leap 15.5",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-19T16:15:00.000Z,0