| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2019-3698 | nagios cron job allows privilege escalation from user nagios to root | SUSE | SUSE Linux Enterprise Server 12 | Medium | 5.7 | 2020-02-28 13:20:14 | Deep Dive |
| CVE-2017-14806 | Insecure handling of repodata and packages in SUSE Studio onlite | SUSE | Studio onsite | Low | 3.7 | 2020-01-27 09:45:16 | Deep Dive |
| CVE-2017-14807 | SQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsite | SUSE | Studio onsite | High | 8.1 | 2020-01-27 09:45:16 | Deep Dive |
| CVE-2018-20105 | yast2-rmt exposes CA private key passhrase in log-file | SUSE | SUSE Linux Enterprise Server 15 | Medium | 4.0 | 2020-01-27 08:50:13 | Deep Dive |
| CVE-2018-12476 | obs-service-extract_file's outfilename parameter allows to write files outside of package directory | SUSE | SUSE Linux Enterprise Server 15 | Medium | 4.3 | 2020-01-27 08:30:15 | Deep Dive |
| CVE-2019-18900 | libzypp stores cookies world readable | SUSE | CaaS Platform 3.0 | Medium | 4.0 | 2020-01-24 15:15:16 | Deep Dive |
| CVE-2019-3693 | Local privilege escalation from user wwwrun to root in the packaging of mailman | SUSE | SUSE Linux Enterprise Server 11 | High | 7.7 | 2020-01-24 10:05:17 | Deep Dive |
| CVE-2019-3692 | Local privilege escalation from user news to root in the packaging of inn | SUSE | SUSE Linux Enterprise Server 11 | High | 7.7 | 2020-01-24 08:50:12 | Deep Dive |
| CVE-2019-3687 | "easy" permission profile allows everyone execute dumpcap and read all network traffic | SUSE | SUSE Linux Enterprise Server | Medium | 4.0 | 2020-01-24 08:25:14 | Deep Dive |
| CVE-2019-3691 | Local privilege escalation from user munge to root | SUSE | SUSE Linux Enterprise Server 15 | High | 7.7 | 2020-01-23 16:00:20 | Deep Dive |
| CVE-2019-18898 | trousers: Local privilege escalation from tss to root | SUSE | SUSE Linux Enterprise Server 15 SP1 | High | 7.7 | 2020-01-23 14:05:14 | Deep Dive |
| CVE-2019-3686 | XSS in distri and version parameter in openQA | SUSE | openQA | Medium | 6.5 | 2020-01-17 12:40:13 | Deep Dive |
| CVE-2019-3683 | keystone_json_assignment backend granted access to any project for users in user-project-map.json | SUSE | SUSE Openstack Cloud 8 | High | 8.8 | 2020-01-17 11:10:12 | Deep Dive |
| CVE-2019-3682 | Insecure API port exposed to all Master Node guest containers | SUSE | SUSE CaaS Platform 3.0 | High | 8.4 | 2020-01-17 08:30:14 | Deep Dive |
| CVE-2019-3690 | chkstat follows untrusted symbolic links | SUSE | permissions | Medium | 6.8 | 2019-12-05 15:30:16 | Deep Dive |
| CVE-2019-10220 | Linux kernel 路径遍历漏洞 | SUSE | kernel: | 高危 | - | 2019-11-27 15:30:15 | Deep Dive |
| CVE-2019-3688 | squid: /usr/sbin/pinger packaged with wrong permission | SUSE | SUSE Linux Enterprise Server 15 | Medium | 5.1 | 2019-10-07 14:00:39 | Deep Dive |
| CVE-2019-3689 | nfs-utils: root-owned files stored in insecure /var/lib/nfs directory | SUSE | SUSE Linux Enterprise Server 12 | Medium | 5.1 | 2019-09-19 13:27:58 | Deep Dive |
| CVE-2019-3684 | susemanager installer creates world-readable swap files | SUSE | SUSE Manager | 中危 | - | 2019-05-13 14:17:10 | Deep Dive |
| CVE-2018-17955 | Static tempfile name allows overwriting of arbitrary files | SUSE | yast2-multipath | 中危 | - | 2019-03-15 20:00:00 | Deep Dive |