Opensuse Leap vulnerabilities

CVE-2019-3692 [HIGH] CWE-59 CVE-2019-3692: The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local at The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.

CVE-2019-1351 [HIGH] CWE-706 CVE-2019-1351: A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.

CVE-2019-1348 [LOW] CVE-2019-1348: An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.1 An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.

CVE-2019-18898 [HIGH] CWE-59 CVE-2019-18898: UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterpris UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.

CVE-2019-18932 [HIGH] CWE-59 CVE-2019-18932: log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.i

CVE-2019-20388 [HIGH] CWE-401 CVE-2019-20388: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

CVE-2020-7040 [HIGH] CWE-59 CVE-2020-7040: storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

CVE-2019-19344 [MEDIUM] CWE-416 CVE-2019-19344: There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

CVE-2019-14902 [MEDIUM] CWE-284 CVE-2019-14902: There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10. There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

CVE-2020-5202 [MEDIUM] CVE-2020-5202: apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardco apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-n

CVE-2019-20386 [LOW] CWE-401 CVE-2019-20386: An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executin An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

CVE-2019-17361 [CRITICAL] CWE-77 CVE-2019-17361: In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable t In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.

CVE-2020-7044 [HIGH] CWE-125 CVE-2020-7044: In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissect In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.

CVE-2020-7106 [MEDIUM] CWE-79 CVE-2020-7106: Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.ph Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).

CVE-2020-7039 [MEDIUM] CWE-787 CVE-2020-7039: tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated b tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

CVE-2020-2604 [HIGH] CWE-502 CVE-2020-2604: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embed

CVE-2020-2601 [MEDIUM] CVE-2020-2601: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supp Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulner

CVE-2020-2593 [MEDIUM] CVE-2020-2593: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Su Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Succ

CVE-2020-2574 [MEDIUM] CVE-2020-2574: Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions tha Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can re

CVE-2020-2659 [LOW] CVE-2020-2659: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Su Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of t