threat
engine
.sh
Back
·
··:··
Home
/
Product
/
suse package hub
Product
suse package hub
40 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2020-24368
all versions
Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access
7.5
HIGH
CVE-2020-10803
all versions
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be us
5.4
MEDIUM
CVE-2020-10802
all versions
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters ar
8.0
HIGH
CVE-2020-10804
all versions
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username
8.0
HIGH
CVE-2020-6416
all versions
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit he
8.8
HIGH
CVE-2020-6415
all versions
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit
8.8
HIGH
CVE-2020-6408
all versions
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sens
6.5
MEDIUM
CVE-2020-6406
all versions
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption vi
8.8
HIGH
CVE-2020-6404
all versions
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2020-6403
all versions
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents
4.3
MEDIUM
CVE-2020-6402
all versions
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a us
8.8
HIGH
CVE-2020-6400
all versions
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data vi
6.5
MEDIUM
CVE-2020-6398
all versions
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap c
8.8
HIGH
CVE-2020-6397
all versions
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via
6.5
MEDIUM
CVE-2020-6396
all versions
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the
4.3
MEDIUM
CVE-2020-6394
all versions
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content securi
5.4
MEDIUM
CVE-2020-6393
all versions
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin dat
6.5
MEDIUM
CVE-2020-6392
all versions
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to i
4.3
MEDIUM
CVE-2020-6391
all versions
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass cont
4.3
MEDIUM
CVE-2020-6390
all versions
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit hea
8.8
HIGH
CVE-2020-6385
all versions
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolati
8.8
HIGH
CVE-2020-6382
all versions
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corrupti
8.8
HIGH
CVE-2020-6381
all versions
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potenti
8.8
HIGH
CVE-2019-15623
all versions
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Loo
5.3
MEDIUM
CVE-2020-7106
all versions
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, use
6.1
MEDIUM
CVE-2019-19925
all versions
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
7.5
HIGH
CVE-2019-19923
all versions
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-h
7.5
HIGH
CVE-2019-19926
all versions
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRew
7.5
HIGH
CVE-2019-19880
all versions
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant intege
7.5
HIGH
CVE-2019-13764
all versions
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corrupti
8.8
HIGH
CVE-2019-13745
all versions
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin dat
6.5
MEDIUM
CVE-2019-13734
all versions
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corrupt
8.8
HIGH
CVE-2019-11730
all versions
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the
6.5
MEDIUM
CVE-2019-11709
all versions
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bug
9.8
CRITICAL
CVE-2019-5798
all versions
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of boun
6.5
MEDIUM
CVE-2019-7317
all versions
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_saf
5.3
MEDIUM
CVE-2018-16876
all versions
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can
5.3
MEDIUM
CVE-2018-16837
all versions
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations su
7.8
HIGH
CVE-2018-10875
all versions
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plu
7.8
HIGH
CVE-2016-1646
all versions
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not pro
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin