Every CVE whose affected-product data names Opensuse Factory, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-25319 — CVSS 7.8 (high): A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers…
CVE-2021-45082 — CVSS 7.8 (high): An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to…
CVE-2022-31256 — CVSS 7.7 (high): A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of…
CVE-2021-41817 — CVSS 7.5 (high): Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions…
CVE-2021-41819 — CVSS 7.5 (high): CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
CVE-2022-31251 — CVSS 6.5 (medium): A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with…
CVE-2021-36781 — CVSS 5.9 (medium): A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service…
CVE-2021-46142 — CVSS 5.5 (medium): An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
CVE-2021-46141 — CVSS 5.5 (medium): An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.