| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-44245 | WordPress Contractor Contact Form Website to Workflow Tool Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS) | Leap | Contractor Contact Form Website to Workflow Tool | High | 7.1 | 2023-10-02 09:58:45 | Deep Dive |
| CVE-2023-32182 | SUSE Linux Enterprise Desktop 后置链接漏洞 | SUSE | SUSE Linux Enterprise Desktop 15 SP5 | Medium | 5.9 | 2023-09-19 15:07:03 | Deep Dive |
| CVE-2022-45153 | saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls | SUSE | SUSE Linux Enterprise Module for SAP Applications 15-SP1 | High | 7.0 | 2023-02-15 00:00:00 | Deep Dive |
| CVE-2023-22643 | libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls | SUSE | SUSE Linux Enterprise Server for SAP 15-SP3 | Medium | 6.3 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-31254 | rmt-server-pubcloud allows to escalate from user _rmt to root | SUSE | SUSE Linux Enterprise Server for SAP 15 | High | 7.8 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-38657 | An open redirect to malicious sites affects HCL Leap | HCL Software | Leap | High | 8.2 | 2023-02-02 21:17:30 | Deep Dive |
| CVE-2022-31252 | permissions: chkstat does not check for group-writable parent directories or target files in safeOpen() | SUSE | SUSE Linux Enterprise Server 12-SP5 | Medium | 4.4 | 2022-10-06 17:14:05 | Deep Dive |
| CVE-2021-25321 | arpwatch: Local privilege escalation from runtime user to root | SUSE | SUSE Linux Enterprise Server 11-SP4-LTSS | High | 7.8 | 2021-06-30 08:25:13 | Deep Dive |
| CVE-2021-25322 | python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root | openSUSE | Leap 15.2 | Medium | 6.8 | 2021-06-10 11:45:12 | Deep Dive |
| CVE-2021-31997 | python-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root | openSUSE | Leap 15.2 | Medium | 6.8 | 2021-06-10 11:35:12 | Deep Dive |
| CVE-2021-31998 | inn: %post calls user owned file allowing local privilege escalation to root | SUSE | SUSE Linux Enterprise Server 11-SP3 | Medium | 6.8 | 2021-06-10 11:25:11 | Deep Dive |
| CVE-2021-25317 | cups: ownership of /var/log/cups allows the lp user to create files as root | SUSE | SUSE Linux Enterprise Server 11-SP4-LTSS | Low | 3.3 | 2021-05-05 09:35:13 | Deep Dive |
| CVE-2020-8027 | openldap uses fixed paths in /tmp | SUSE | SUSE Linux Enterprise Server 15-LTSS | High | 7.3 | 2021-02-11 16:10:14 | Deep Dive |
| CVE-2020-8023 | Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2 | SUSE | SUSE Enterprise Storage 5 | High | 7.7 | 2020-09-01 11:25:13 | Deep Dive |
| CVE-2020-8025 | outdated entries in permissions profiles for /var/lib/pcp/tmp/* may cause security issues | SUSE | SUSE Linux Enterprise Server 12-SP4 | Medium | 6.1 | 2020-08-07 10:10:14 | Deep Dive |
| CVE-2020-8026 | inn: non-root owned files | openSUSE | openSUSE Leap 15.2 | High | 8.4 | 2020-08-07 09:25:14 | Deep Dive |
| CVE-2020-8014 | kopano-python-services: Local privilege escalation from kopano to root in kopano-spamd subpackage | openSUSE | openSUSE Leap 15.1 | High | 7.7 | 2020-06-29 12:00:23 | Deep Dive |
| CVE-2019-3681 | osc: stores downloaded (supposed) RPM in network-controlled filesystem paths | SUSE | SUSE Linux Enterprise Module for Development Tools 15 | High | 7.5 | 2020-06-29 12:00:17 | Deep Dive |
| CVE-2020-8019 | syslog-ng: Local privilege escalation from new to root in %post | SUSE | SUSE Linux Enterprise Debuginfo 11-SP3 | High | 7.7 | 2020-06-29 11:30:14 | Deep Dive |
| CVE-2020-8024 | Problematic permissions in hylafax+ packaging allow escalation from uucp to other users | openSUSE | openSUSE Leap 15.2 | Medium | 5.3 | 2020-06-29 07:45:18 | Deep Dive |