Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43755
A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions before 2.6.10; Rancher versions before 2.7.1.
Suse Rancher
8.8
CVSSv3
CVE-2022-43757
A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows users on managed clusters to gain access to credentials. The impact depends on the credentials exposed This issue affects: SUSE Rancher Rancher versions before 2.5.17; Rancher versions before 2.6.10...
Suse Rancher
8.8
CVSSv3
CVE-2022-43759
A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. This issue affects: SUSE Rancher Rancher versions before 2.5.17; Rancher versions before 2.6.10...
Suse Rancher
7.5
CVSSv3
CVE-2022-43756
A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote malicious users to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher w...
Suse Wrangler 1.0.0
Suse Wrangler
7.8
CVSSv3
CVE-2022-31254
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt u...
Opensuse Rmt-server
7.8
CVSSv3
CVE-2023-22643
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_A...
Opensuse Libzypp-plugin-appdata
4.3
CVSSv3
CVE-2022-31255
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remot...
Uyuni-project Uyuni
Suse Manager Server
4.3
CVSSv3
CVE-2022-43753
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows remote...
Uyuni-project Uyuni
Suse Manager Server
5.4
CVSSv3
CVE-2022-43754
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Module for SUSE Manager Server 4.3, SUSE Manager Server 4.2 allows...
Uyuni-project Uyuni
Suse Manager Server
7.8
CVSSv3
CVE-2022-31256
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local malicious users to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail vers...
Opensuse Factory
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »