Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

suse linux enterprise server 15 vulnerabilities and exploits

(subscribe to this query)

5.5
CVE-2023-23005
** DISPUTED ** In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in...
Linux Linux KernelSuse Linux Enterprise Server 15
7.8
CVE-2022-45153
An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo...
Suse Linux Enterprise Server 12Opensuse Leap 15.4Suse Linux Enterprise Module For Sap Applications 15
5.5
CVE-2022-45154
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials...
Opensuse Supportutils
7.8
CVE-2023-22643
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted...
Opensuse Libzypp-plugin-appdata
7.8
CVE-2022-31254
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt...
Opensuse Rmt-server
7.8
CVSSv3
CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges....
Samba Cifs-utilsDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Suse Linux Enterprise Server 11Suse Openstack Cloud 8.0Suse Linux Enterprise Server 15Suse Linux Enterprise Software Development Kit 12Suse Openstack Cloud Crowbar 8.0Suse Openstack Cloud Crowbar 9.0Suse Openstack Cloud 9.0Suse Linux Enterprise Server 12Suse Manager Server 4.1Suse Linux Enterprise Desktop 15Suse Enterprise Storage 7.0Suse Caas Platform 4.0Suse Enterprise Storage 6.0Suse Manager Proxy 4.1Suse Linux Enterprise High Performance Computing 12.0Suse Linux Enterprise High Performance Computing 15.0Suse Linux Enterprise Real Time 15.0Suse Linux Enterprise Point Of Service 11.0Suse Linux Enterprise Micro 5.2Suse Manager Retail Branch Server 4.2Suse Manager Retail Branch Server 4.1Suse Manager Retail Branch Server 4.3Suse Manager Server 4.2Suse Manager Server 4.3Suse Manager Proxy 4.2Suse Manager Proxy 4.3Suse Linux Enterprise Storage 7.1Hp Helion Openstack 8.0Fedoraproject Fedora 34Fedoraproject Fedora 35Fedoraproject Fedora 36
5.5
CVSSv3
CVE-2021-46705
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE...
Gnu Grub2
7.8
CVSSv3
CVE-2021-45082
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)...
Cobbler Project CobblerOpensuse Factory -Opensuse Backports Sle-15Suse Linux Enterprise Server 11Suse Linux Enterprise Server 12Suse Linux Enterprise Server 15Fedoraproject Fedora 34Fedoraproject Fedora 35Fedoraproject Fedora 36
7.8
CVSSv3
CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle...
Polkit Project PolkitRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux Server Aus 7.3Redhat Enterprise Linux Server Aus 7.4Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Tus 7.7Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Power Little Endian Eus 8.1Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux Server Eus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 7.7Redhat Enterprise Linux Server Update Services For Sap Solutions 7.6Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 21.10Suse Manager Server 4.1Suse Linux Enterprise Workstation Extension 12Suse Linux Enterprise Desktop 15Suse Enterprise Storage 7.0Suse Manager Proxy 4.1Suse Linux Enterprise High Performance Computing 15.0Suse Linux Enterprise Server 15Oracle Http Server 12.2.1.3.0Oracle Http Server 12.2.1.4.0Oracle Zfs Storage Appliance Kit 8.8Siemens Sinumerik EdgeSiemens Scalance Lpe9403 FirmwareStarwindsoftware Starwind Virtual San V8Starwindsoftware Starwind Hyperconverged Appliance -Starwindsoftware Command Center 1.0
7.1
CVSSv3
CVE-2021-32000
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue...
Suse Linux Enterprise Server 12Suse Linux Enterprise Server 15Opensuse Opensuse Factory -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
elevation of privilegeCVE-2022-42331CVE-2023-24709CVE-2023-27569open redirectinjectionCVE-2023-27087
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook