Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23301
Relax-and-Recover (aka ReaR) up to and including 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local malicious users to gain access to system secrets otherwise only readable by root.
Relax-and-recover Relax-and-recover
Suse Linux Enterprise 15.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 39
NA
CVE-2020-10676
In Rancher 2.x prior to 2.6.13 and 2.7.x prior to 2.7.4, an incorrectly applied authorization check allows users who have certain access to a namespace to move that namespace to a different project.
Suse Rancher
NA
CVE-2023-22644
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: prior to 4.2....
Suse Manager Server
NA
CVE-2023-32182
A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enter...
Opensuse Leap 15.5
Suse Suse Linux Enterprise Desktop 15
Suse Linux Enterprise High Performance Computing 15.0
NA
CVE-2023-32186
A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects RKE2: from 1.24.0 prior to 1.24.17+rke2r1, from v1.25.0 before v1.25.13+r...
Suse Rancher Rke2 1.28.1\\+rke2r1
Suse Rancher Rke2
NA
CVE-2023-32187
An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.1...
K3s K3s
NA
CVE-2023-22647
An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserve...
Suse Rancher
NA
CVE-2023-22648
A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azur...
Suse Rancher
NA
CVE-2022-43760
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the malicious user to stea...
Suse Rancher
NA
CVE-2023-34256
An issue exists in the Linux kernel prior to 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended t...
Linux Linux Kernel
Suse Linux Enterprise 15.0
Suse Linux Enterprise 12.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »