Suse

Suse Linux Enterprise Server

131 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-22034

  • EPSS 0.03%
  • Veröffentlicht 16.10.2024 14:15:05
  • Zuletzt bearbeitet 16.10.2024 16:38:14

Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim

7.8

CVE-2024-22029

  • EPSS 0.02%
  • Veröffentlicht 16.10.2024 14:15:04
  • Zuletzt bearbeitet 26.08.2025 21:15:35

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root

6.4

CVE-2020-15705

  • EPSS 0.03%
  • Veröffentlicht 29.07.2020 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:03

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB imag...

6.4

CVE-2020-15706

  • EPSS 0.06%
  • Veröffentlicht 29.07.2020 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:03

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure b...

6.4

CVE-2020-15707

Exploit
  • EPSS 0.04%
  • Veröffentlicht 29.07.2020 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:04

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffe...

8.8

CVE-2020-6422

Exploit
  • EPSS 2.88%
  • Veröffentlicht 23.03.2020 16:15:17
  • Zuletzt bearbeitet 21.11.2024 05:35:41

Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2020-6424

  • EPSS 2.61%
  • Veröffentlicht 23.03.2020 16:15:17
  • Zuletzt bearbeitet 21.11.2024 05:35:42

Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2020-6426

Exploit
  • EPSS 1.26%
  • Veröffentlicht 23.03.2020 16:15:17
  • Zuletzt bearbeitet 21.11.2024 05:35:42

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2020-6427

Exploit
  • EPSS 2.92%
  • Veröffentlicht 23.03.2020 16:15:17
  • Zuletzt bearbeitet 21.11.2024 05:35:42

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2020-6428

Exploit
  • EPSS 2.92%
  • Veröffentlicht 23.03.2020 16:15:17
  • Zuletzt bearbeitet 21.11.2024 05:35:42

Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.