Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caas platform vulnerabilities and exploits
(subscribe to this query)
4
CVSSv3
CVE-2020-8029
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local malicious users to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.
Suse Caas Platform 4.5
4.4
CVSSv3
CVE-2020-8030
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local malicious users to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
Suse Caas Platform 4.5
7.8
CVSSv3
CVE-2019-3682
The docker-kubic package in SUSE CaaS Platform 3.0 prior to 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
Suse Caas Platform 3.0
3.3
CVSSv3
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
7.8
CVSSv3
CVE-2022-27239
In cifs-utils up to and including 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Samba Cifs-utils
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise Server 11
Suse Openstack Cloud 8.0
Suse Linux Enterprise Server 15
Suse Linux Enterprise Software Development Kit 12
Suse Openstack Cloud Crowbar 8.0
Suse Openstack Cloud Crowbar 9.0
Suse Openstack Cloud 9.0
Suse Linux Enterprise Server 12
Suse Manager Server 4.1
Suse Linux Enterprise Desktop 15
Suse Enterprise Storage 7.0
Suse Caas Platform 4.0
Suse Enterprise Storage 6.0
Suse Manager Proxy 4.1
Suse Linux Enterprise High Performance Computing 12.0
Suse Linux Enterprise High Performance Computing 15.0
Suse Linux Enterprise Real Time 15.0
Suse Linux Enterprise Point Of Service 11.0
3.3
CVSSv3
CVE-2019-18900
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local malicious users to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platf...
Opensuse Libzypp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started