Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
llnl slurm vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-27746
Slurm prior to 19.05.8 and 20.x prior to 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
Schedmd Slurm
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2020-27745
Slurm prior to 19.05.8 and 20.x prior to 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
Schedmd Slurm
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.1
CVSSv2
CVE-2020-12693
Slurm 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
Schedmd Slurm
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6
CVSSv2
CVE-2019-19728
SchedMD Slurm prior to 18.08.9 and 19.x prior to 19.05.5 executes srun --uid with incorrect privileges.
Schedmd Slurm
Opensuse Leap 15.1
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2019-12838
SchedMD Slurm 17.11.x, 18.08.0 up to and including 18.08.7, and 19.05.0 allows SQL Injection.
Schedmd Slurm
Schedmd Slurm 19.05.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2019-6438
SchedMD Slurm prior to 17.11.13 and 18.x prior to 18.08.5 mishandles 32-bit systems.
Schedmd Slurm
Opensuse Leap 15.0
5
CVSSv2
CVE-2018-10995
SchedMD Slurm prior to 17.02.11 and 17.1x.x prior to 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Schedmd Slurm 17.11.3.2
Schedmd Slurm 17.11.4.1
Schedmd Slurm 17.11.5.1
Schedmd Slurm 17.11.6.1
Schedmd Slurm 17.11.0.0
Schedmd Slurm 17.11.0.1
Schedmd Slurm 17.11.1.2
Schedmd Slurm 17.11.3.1
Schedmd Slurm
Schedmd Slurm 17.11.1.1
Schedmd Slurm 17.11.2.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2018-7033
SchedMD Slurm prior to 17.02.10 and 17.11.x prior to 17.11.5 allows SQL Injection attacks against SlurmDBD.
Schedmd Slurm
Schedmd Slurm 17.11.0.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.2
CVSSv2
CVE-2017-15566
Insecure SPANK environment variable handling exists in SchedMD Slurm prior to 16.05.11, 17.x prior to 17.02.9, and 17.11.x prior to 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
Schedmd Slurm 17.11.0
Schedmd Slurm
7.6
CVSSv2
CVE-2016-10030
The _prolog_error function in slurmd/req.c in Slurm prior to 15.08.13, 16.x prior to 16.05.7, and 17.x prior to 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control o...
Schedmd Slurm 17.02.0
Schedmd Slurm 16.05.1
Schedmd Slurm 16.05.2
Schedmd Slurm 16.05.0
Schedmd Slurm 16.05.5
Schedmd Slurm 16.05.6
Schedmd Slurm 16.05.3
Schedmd Slurm 16.05.4
Schedmd Slurm
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »