Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Factory Security Vulnerabilities

cve
cve

CVE-2021-25319

A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions.

7.8CVSS

7.7AI Score

0.0004EPSS

2021-05-05 09:15 AM
35
cve
cve

CVE-2021-36781

A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1.

5.9CVSS

4.6AI Score

0.0004EPSS

2022-01-14 11:15 AM
24
cve
cve

CVE-2021-4166

vim is vulnerable to Out-of-bounds Read

7.1CVSS

7.9AI Score

0.001EPSS

2021-12-25 07:15 PM
184
6
cve
cve

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.5CVSS

7.4AI Score

0.004EPSS

2022-01-01 05:15 AM
298
2
cve
cve

CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5CVSS

7.5AI Score

0.004EPSS

2022-01-01 06:15 AM
345
2
cve
cve

CVE-2021-45082

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

7.8CVSS

7.5AI Score

0.001EPSS

2022-02-19 12:15 AM
149
cve
cve

CVE-2021-46141

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

5.5CVSS

5.2AI Score

0.001EPSS

2022-01-06 04:15 AM
92
cve
cve

CVE-2021-46142

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

5.5CVSS

5.2AI Score

0.001EPSS

2022-01-06 04:15 AM
86
cve
cve

CVE-2022-31251

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.

6.5CVSS

6.9AI Score

0.0004EPSS

2022-09-07 09:15 AM
37
3
cve
cve

CVE-2022-31256

A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.

7.8CVSS

7.4AI Score

0.0004EPSS

2022-10-26 09:15 AM
34
2