Filtered by vendor Suse Subscriptions
Filtered by product Opensuse Tumbleweed Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-49505 2 Opensuse, Suse 2 Mirrorcache, Opensuse Tumbleweed 2024-11-14 6.1 Medium
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in theĀ  REGEX and P parameters. This issue affects MirrorCache before 1.083.
CVE-2024-49504 1 Suse 1 Opensuse Tumbleweed 2024-11-13 8.4 High
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
CVE-2023-32190 1 Suse 1 Opensuse Tumbleweed 2024-10-16 7.8 High
mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.