Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  Security Vulnerabilities
CVE-2020-8020
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-05-13
CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-05-12
CVE-2020-11863
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).
CVSS Score
5.5
EPSS Score
0.004
Published
2020-05-11
CVE-2020-11864
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).
CVSS Score
5.5
EPSS Score
0.004
Published
2020-05-11
CVE-2020-11865
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-05-11
CVE-2020-11866
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-05-11
CVE-2020-12767
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-05-09
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-09
CVE-2020-12771
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-05-09
CVE-2020-10690
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-05-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved