3270 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2023-32182

https://notcve.org/view.php?id=CVE-2023-32182

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1. Vulnerabilidad de Resolución de Enlace Incorrecta Antes del Acceso a Archivos ('Link Following') en SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix. Este problema afecta a SUSE Linux Enterprise Desktop 15 SP5 : antes de 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: anterior a 3.7.3-150500.3.5.1; openSUSE Leap 15.5: anterior a 3.7.3-150500.3.5.1. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32182 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-32184

https://notcve.org/view.php?id=CVE-2023-32184

A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a. Una vulnerabilidad de Almacenamiento Inseguro de Información Confidencial en openSUSE opensuse-welcome permite a los atacantes locales ejecutar código como el usuario que ejecuta opensuse-welcome si se elige un diseño personalizado. Este problema afecta a opensuse-welcome: desde la versión 0.1 antes de 0.1.9+git.35.4b9444a. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32184 • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-32183

https://notcve.org/view.php?id=CVE-2023-32183

Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users with access to the hacluster to escalate to root This issue affects openSUSE Tumbleweed. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32183 • CWE-276: Incorrect Default Permissions •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-22652 – Stack buffer overflow in "read_file" function

https://notcve.org/view.php?id=CVE-2023-22652

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. Una vulnerabilidad de Copia del Búfer de memoria Sin Comprobar el Tamaño de Entrada ('Desbordamiento de Búfer Clásico') en openSUSE libeconf conduce a una denegación de servicio (DoS) a través de archivos de configuración con formato malformado. Este problema afecta a libeconf: antes de la versión 0.5.2. A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22652 https://https://github.com/openSUSE/libeconf/issues/177 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDD5GL5T3V5XZ3VFA4HPE6YGJ2K4HHPC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SMG5256D5I3GFA3RBAJQ2WYPJDYAIL74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAYW7X753Z6GOJKVLQPXBDHISN6ZT233 https://access.redhat.com/security/cve/CVE-2023 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-32181 – Stack buffer overflow in "econf_writeFile" function

https://notcve.org/view.php?id=CVE-2023-32181

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2. • https://https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32181 https://https://github.com/openSUSE/libeconf/issues/178 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •