|
219471
|
7.8 |
HIGH
Local
|
opensuse
gnu
|
leap
gnump3d
|
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap …
|
-
|
CVE-2019-3697
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219472
|
7.8 |
HIGH
Local
|
opensuse
suse
|
munin
|
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Fac…
|
-
|
CVE-2019-3694
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219473
|
7.8 |
HIGH
Local
|
suse
opensuse
|
mailman
backports_sle
|
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privile…
|
-
|
CVE-2019-3693
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219474
|
7.8 |
HIGH
Local
|
suse
opensuse
|
inn
leap
backports_sle
|
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enter…
|
-
|
CVE-2019-3692
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219475
|
3.3 |
LOW
Local
|
suse
|
linux_enterprise_server
|
The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Ser…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-3687
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219476
|
7.8 |
HIGH
Local
|
opensuse
|
munge
|
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root…
|
-
|
CVE-2019-3691
|
2024-11-21 13:42 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219477
|
8.8 |
HIGH
Network
|
redhat
|
quay
|
A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed…
|
CWE-352
Origin Validation Error
|
CVE-2019-3864
|
2024-11-21 13:42 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219478
|
6.1 |
MEDIUM
Network
|
suse
|
openqa
|
openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security
|
CWE-79
Cross-site Scripting
|
CVE-2019-3686
|
2024-11-21 13:42 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219479
|
8.8 |
HIGH
Network
|
suse
hp
|
openstack_cloud
keystone-json-assignment
helion_openstack
|
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "m…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-3683
|
2024-11-21 13:42 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219480
|
7.8 |
HIGH
Local
|
suse
|
caas_platform
|
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-3682
|
2024-11-21 13:42 |
2020-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
