rpm package
opensuse/sca-patterns-sle15&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/sca-patterns-sle15&distro=openSUSE%20Tumbleweed
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12351 | — | < 1.0.8-2.2 | 1.0.8-2.2 | Nov 23, 2020 | Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2020-25705 | — | < 1.0.8-2.2 | 1.0.8-2.2 | Nov 17, 2020 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well | ||
| CVE-2020-1472 | — | KEV | < 1.0.8-2.2 | 1.0.8-2.2 | Aug 17, 2020 | An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted | |
| CVE-2020-0543 | — | < 1.0.8-2.2 | 1.0.8-2.2 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-0548 | — | < 1.0.8-2.2 | 1.0.8-2.2 | Jan 28, 2020 | Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
- CVE-2020-12351Nov 23, 2020affected < 1.0.8-2.2fixed 1.0.8-2.2
Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- CVE-2020-25705Nov 17, 2020affected < 1.0.8-2.2fixed 1.0.8-2.2
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well
- affected < 1.0.8-2.2fixed 1.0.8-2.2
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted
- CVE-2020-0543Jun 15, 2020affected < 1.0.8-2.2fixed 1.0.8-2.2
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-0548Jan 28, 2020affected < 1.0.8-2.2fixed 1.0.8-2.2
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.