| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-22038 | DoS attacks, information leaks etc. with crafted Git repositories in obs-scm-bridge | SUSE | openSUSE Factory | High | 7.3 | 2024-11-28 09:38:03 | Deep Dive |
| CVE-2022-45155 | obs-service-go_modules: arbitrary directory delete | SUSE | openSUSE Factory | Medium | 5.5 | 2023-03-15 00:00:00 | Deep Dive |
| CVE-2022-31253 | openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself | openSUSE | Factory | High | 7.1 | 2022-11-09 13:50:11 | Deep Dive |
| CVE-2022-31256 | sendmail: mail to root privilege escalation via sm-client.pre script | SUSE | openSUSE Factory | High | 7.7 | 2022-10-26 08:55:09 | Deep Dive |
| CVE-2022-31251 | slurm: %post for slurm-testsuite operates as root in user owned directory | SUSE | openSUSE Factory | Medium | 6.5 | 2022-09-07 08:55:09 | Deep Dive |
| CVE-2022-21946 | suddoers configuration for cscreen not restrictive enough | openSUSE | Factory | Medium | 5.3 | 2022-03-16 10:05:15 | Deep Dive |
| CVE-2022-21945 | cscreen: usage of fixed path /tmp/cscreen.debug | openSUSE | Factory | Medium | 5.1 | 2022-03-16 10:05:13 | Deep Dive |
| CVE-2021-46705 | grub2-once uses fixed file name in /var/tmp | SUSE | SUSE Linux Enterprise Server 15 SP4 | Medium | 5.1 | 2022-03-16 09:50:10 | Deep Dive |
| CVE-2022-21944 | watchman: chown in watchman@.socket unit allows symlink attack | openSUSE | openSUSE Backports SLE-15-SP3 | High | 7.8 | 2022-01-26 09:10:10 | Deep Dive |
| CVE-2021-36781 | parsec: dangerous 777 permissions for /run/parsec | openSUSE | Factory | Medium | 5.9 | 2022-01-14 10:40:09 | Deep Dive |
| CVE-2021-32000 | clone-master-clean-up: dangerous file system operations | SUSE | SUSE Linux Enterprise Server 12 SP3 | Low | 3.2 | 2021-07-28 09:35:12 | Deep Dive |
| CVE-2021-25321 | arpwatch: Local privilege escalation from runtime user to root | SUSE | SUSE Linux Enterprise Server 11-SP4-LTSS | High | 7.8 | 2021-06-30 08:25:13 | Deep Dive |
| CVE-2021-25322 | python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root | openSUSE | Leap 15.2 | Medium | 6.8 | 2021-06-10 11:45:12 | Deep Dive |
| CVE-2021-31997 | python-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root | openSUSE | Leap 15.2 | Medium | 6.8 | 2021-06-10 11:35:12 | Deep Dive |
| CVE-2021-25317 | cups: ownership of /var/log/cups allows the lp user to create files as root | SUSE | SUSE Linux Enterprise Server 11-SP4-LTSS | Low | 3.3 | 2021-05-05 09:35:13 | Deep Dive |
| CVE-2021-25319 | virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group | openSUSE | Factory | High | 7.8 | 2021-05-05 08:25:14 | Deep Dive |
| CVE-2020-8032 | Local privilege escalation to root due to insecure tmp file usage | openSUSE | Factory | Medium | 6.7 | 2021-02-25 09:15:17 | Deep Dive |
| CVE-2019-3681 | osc: stores downloaded (supposed) RPM in network-controlled filesystem paths | SUSE | SUSE Linux Enterprise Module for Development Tools 15 | High | 7.5 | 2020-06-29 12:00:17 | Deep Dive |
| CVE-2020-8024 | Problematic permissions in hylafax+ packaging allow escalation from uucp to other users | openSUSE | openSUSE Leap 15.2 | Medium | 5.3 | 2020-06-29 07:45:18 | Deep Dive |
| CVE-2020-8015 | Local privilege escalation in exim package from user mail to root | openSUSE | Factory | High | 8.4 | 2020-04-02 07:55:13 | Deep Dive |