| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-22652 | Stack buffer overflow in "read_file" function | openSUSE | libeconf | Low | 3.3 | 2023-06-01 11:51:15 | Deep Dive |
| CVE-2023-32181 | Stack buffer overflow in "econf_writeFile" function | openSUSE | libeconf | Low | 3.3 | 2023-06-01 11:46:03 | Deep Dive |
| CVE-2022-45155 | obs-service-go_modules: arbitrary directory delete | SUSE | openSUSE Factory | Medium | 5.5 | 2023-03-15 00:00:00 | Deep Dive |
| CVE-2022-45153 | saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls | SUSE | SUSE Linux Enterprise Module for SAP Applications 15-SP1 | High | 7.0 | 2023-02-15 00:00:00 | Deep Dive |
| CVE-2023-22643 | libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls | SUSE | SUSE Linux Enterprise Server for SAP 15-SP3 | Medium | 6.3 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-21948 | paste: XSS on the image upload function | openSUSE | paste | Medium | 4.3 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-31254 | rmt-server-pubcloud allows to escalate from user _rmt to root | SUSE | SUSE Linux Enterprise Server for SAP 15 | High | 7.8 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-46163 | travel-support-program vulnerable to data exfiltration via Ransack query injection | openSUSE | travel-support-program | High | 7.5 | 2023-01-10 20:26:03 | Deep Dive |
| CVE-2022-31253 | openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself | openSUSE | Factory | High | 7.1 | 2022-11-09 13:50:11 | Deep Dive |
| CVE-2022-31256 | sendmail: mail to root privilege escalation via sm-client.pre script | SUSE | openSUSE Factory | High | 7.7 | 2022-10-26 08:55:09 | Deep Dive |
| CVE-2022-31252 | permissions: chkstat does not check for group-writable parent directories or target files in safeOpen() | SUSE | SUSE Linux Enterprise Server 12-SP5 | Medium | 4.4 | 2022-10-06 17:14:05 | Deep Dive |
| CVE-2022-31251 | slurm: %post for slurm-testsuite operates as root in user owned directory | SUSE | openSUSE Factory | Medium | 6.5 | 2022-09-07 08:55:09 | Deep Dive |
| CVE-2022-21950 | canna: unsafe handling of /tmp/.iroha_unix directory | openSUSE | openSUSE Backports SLE-15-SP3 | Medium | 5.3 | 2022-09-07 08:40:10 | Deep Dive |
| CVE-2022-31250 | keylime %post scriplet allows for privilege escalation from keylime user to root | openSUSE | Tumbleweed | High | 7.1 | 2022-07-20 07:55:11 | Deep Dive |
| CVE-2022-21946 | suddoers configuration for cscreen not restrictive enough | openSUSE | Factory | Medium | 5.3 | 2022-03-16 10:05:15 | Deep Dive |
| CVE-2022-21945 | cscreen: usage of fixed path /tmp/cscreen.debug | openSUSE | Factory | Medium | 5.1 | 2022-03-16 10:05:13 | Deep Dive |
| CVE-2021-46705 | grub2-once uses fixed file name in /var/tmp | SUSE | SUSE Linux Enterprise Server 15 SP4 | Medium | 5.1 | 2022-03-16 09:50:10 | Deep Dive |
| CVE-2021-36777 | login-proxy sends password to attacker-provided domain | openSUSE | Build service | High | 8.1 | 2022-03-09 16:26:18 | Deep Dive |
| CVE-2022-21944 | watchman: chown in watchman@.socket unit allows symlink attack | openSUSE | openSUSE Backports SLE-15-SP3 | High | 7.8 | 2022-01-26 09:10:10 | Deep Dive |
| CVE-2021-36781 | parsec: dangerous 777 permissions for /run/parsec | openSUSE | Factory | Medium | 5.9 | 2022-01-14 10:40:09 | Deep Dive |