Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
slurm vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2023-41914
SchedMD Slurm 23.02.x prior to 23.02.6 and 22.05.x prior to 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.
Schedmd Slurm
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2021-43337
SchedMD Slurm 21.08.* prior to 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have acc...
Schedmd Slurm
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.3
CVSSv3
CVE-2022-31251
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions before 22.05.2-3.3.
Opensuse Factory
5.5
CVSSv3
CVE-2019-19727
SchedMD Slurm prior to 18.08.9 and 19.x prior to 19.05.5 has weak slurmdbd.conf permissions.
Schedmd Slurm
Opensuse Leap 15.1
5.3
CVSSv3
CVE-2018-10995
SchedMD Slurm prior to 17.02.11 and 17.1x.x prior to 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Schedmd Slurm 17.11.3.2
Schedmd Slurm 17.11.4.1
Schedmd Slurm 17.11.5.1
Schedmd Slurm 17.11.6.1
Schedmd Slurm 17.11.0.0
Schedmd Slurm 17.11.0.1
Schedmd Slurm 17.11.1.2
Schedmd Slurm 17.11.3.1
Schedmd Slurm
Schedmd Slurm 17.11.1.1
Schedmd Slurm 17.11.2.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
3.7
CVSSv3
CVE-2020-27746
Slurm prior to 19.05.8 and 20.x prior to 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
Schedmd Slurm
Debian Debian Linux 10.0
NA
CVE-2010-3380
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM prior to 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Llnl Slurm 2.1.1
Llnl Slurm 2.1.0
Llnl Slurm 2.0.9
Llnl Slurm 2.0.8
Llnl Slurm 2.0.7
Llnl Slurm 1.3.10
Llnl Slurm
Llnl Slurm 2.1.5
Llnl Slurm 2.1.2
Llnl Slurm 2.0.5
Llnl Slurm 2.0.3
Llnl Slurm 1.3.14
Llnl Slurm 1.3.12
Llnl Slurm 2.1.10
Llnl Slurm 2.1.9
Llnl Slurm 2.1.8
Llnl Slurm 2.1.7
Llnl Slurm 2.0.2
Llnl Slurm 2.0.1
Llnl Slurm 2.0.0
Llnl Slurm 1.3.15
Llnl Slurm 2.1.12
NA
CVE-2009-2084
Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 prior to 1.3.14 does not properly set supplementary groups before invoking (1) sbcast from the slurmd daemon or (2) strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain pr...
Llnl Slurm 1.3.3
Llnl Slurm 1.3.4
Llnl Slurm 1.3
Llnl Slurm 1.3.8
Llnl Slurm 1.2
Llnl Slurm
Llnl Slurm 1.3.2
Llnl Slurm 1.3.10
Llnl Slurm 1.3.11
Llnl Slurm 1.3.1
Llnl Slurm 1.3.12
Llnl Slurm 1.3.7
Llnl Slurm 1.3.9
Llnl Slurm 1.3.5
Llnl Slurm 1.3.6
NA
CVE-2009-0128
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain ...
Llnl Slurm Nil
NA
CVE-2008-5077
OpenSSL 0.9.8i and previous versions does not properly check the return value from the EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3