Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schedmd slurm vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2019-19728
SchedMD Slurm prior to 18.08.9 and 19.x prior to 19.05.5 executes srun --uid with incorrect privileges.
Schedmd Slurm
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.1
CVSSv2
CVE-2020-12693
Slurm 19.05.x prior to 19.05.7 and 20.02.x prior to 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
Schedmd Slurm
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2018-10995
SchedMD Slurm prior to 17.02.11 and 17.1x.x prior to 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Schedmd Slurm 17.11.3.2
Schedmd Slurm 17.11.4.1
Schedmd Slurm 17.11.5.1
Schedmd Slurm 17.11.6.1
Schedmd Slurm 17.11.0.0
Schedmd Slurm 17.11.0.1
Schedmd Slurm 17.11.1.2
Schedmd Slurm 17.11.3.1
Schedmd Slurm
Schedmd Slurm 17.11.1.1
Schedmd Slurm 17.11.2.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2020-27746
Slurm prior to 19.05.8 and 20.x prior to 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
Schedmd Slurm
Debian Debian Linux 10.0
4
CVSSv2
CVE-2021-43337
SchedMD Slurm 21.08.* prior to 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have acc...
Schedmd Slurm
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2.1
CVSSv2
CVE-2019-19727
SchedMD Slurm prior to 18.08.9 and 19.x prior to 19.05.5 has weak slurmdbd.conf permissions.
Schedmd Slurm
Opensuse Leap 15.1
NA
CVE-2023-49933
An issue exists in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows malicious users to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are ...
Schedmd Slurm
Schedmd Slurm 23.11
NA
CVE-2023-49934
An issue exists in SchedMD Slurm 23.11.x. There is SQL Injection against the SlurmDBD database. The fixed version is 23.11.1.
Schedmd Slurm 23.11
NA
CVE-2023-49935
An issue exists in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that prote...
Schedmd Slurm
Schedmd Slurm 23.11
NA
CVE-2023-49936
An issue exists in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
Schedmd Slurm
Schedmd Slurm 23.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »