Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
slurm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12838
SchedMD Slurm 17.11.x, 18.08.0 up to and including 18.08.7, and 19.05.0 allows SQL Injection.
Schedmd Slurm
Schedmd Slurm 19.05.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-6438
SchedMD Slurm prior to 17.11.13 and 18.x prior to 18.08.5 mishandles 32-bit systems.
Schedmd Slurm
Opensuse Leap 15.0
5.3
CVSSv3
CVE-2018-10995
SchedMD Slurm prior to 17.02.11 and 17.1x.x prior to 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Schedmd Slurm 17.11.3.2
Schedmd Slurm 17.11.4.1
Schedmd Slurm 17.11.5.1
Schedmd Slurm 17.11.6.1
Schedmd Slurm 17.11.0.0
Schedmd Slurm 17.11.0.1
Schedmd Slurm 17.11.1.2
Schedmd Slurm 17.11.3.1
Schedmd Slurm
Schedmd Slurm 17.11.1.1
Schedmd Slurm 17.11.2.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2018-7033
SchedMD Slurm prior to 17.02.10 and 17.11.x prior to 17.11.5 allows SQL Injection attacks against SlurmDBD.
Schedmd Slurm
Schedmd Slurm 17.11.0.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-15566
Insecure SPANK environment variable handling exists in SchedMD Slurm prior to 16.05.11, 17.x prior to 17.02.9, and 17.11.x prior to 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
Schedmd Slurm 17.11.0
Schedmd Slurm
8.1
CVSSv3
CVE-2016-10030
The _prolog_error function in slurmd/req.c in Slurm prior to 15.08.13, 16.x prior to 16.05.7, and 17.x prior to 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control o...
Schedmd Slurm 17.02.0
Schedmd Slurm 16.05.1
Schedmd Slurm 16.05.2
Schedmd Slurm 16.05.0
Schedmd Slurm 16.05.5
Schedmd Slurm 16.05.6
Schedmd Slurm 16.05.3
Schedmd Slurm 16.05.4
Schedmd Slurm
NA
CVE-2010-3380
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM prior to 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Llnl Slurm 2.1.1
Llnl Slurm 2.1.0
Llnl Slurm 2.0.9
Llnl Slurm 2.0.8
Llnl Slurm 2.0.7
Llnl Slurm 1.3.10
Llnl Slurm
Llnl Slurm 2.1.5
Llnl Slurm 2.1.2
Llnl Slurm 2.0.5
Llnl Slurm 2.0.3
Llnl Slurm 1.3.14
Llnl Slurm 1.3.12
Llnl Slurm 2.1.10
Llnl Slurm 2.1.9
Llnl Slurm 2.1.8
Llnl Slurm 2.1.7
Llnl Slurm 2.0.2
Llnl Slurm 2.0.1
Llnl Slurm 2.0.0
Llnl Slurm 1.3.15
Llnl Slurm 2.1.12
NA
CVE-2009-2084
Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 prior to 1.3.14 does not properly set supplementary groups before invoking (1) sbcast from the slurmd daemon or (2) strigger from the slurmctld daemon, which might allow local SLURM users to modify files and gain pr...
Llnl Slurm 1.3.3
Llnl Slurm 1.3.4
Llnl Slurm 1.3
Llnl Slurm 1.3.8
Llnl Slurm 1.2
Llnl Slurm
Llnl Slurm 1.3.2
Llnl Slurm 1.3.10
Llnl Slurm 1.3.11
Llnl Slurm 1.3.1
Llnl Slurm 1.3.12
Llnl Slurm 1.3.7
Llnl Slurm 1.3.9
Llnl Slurm 1.3.5
Llnl Slurm 1.3.6
NA
CVE-2009-0128
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain ...
Llnl Slurm Nil
NA
CVE-2008-5077
OpenSSL 0.9.8i and previous versions does not properly check the return value from the EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3