Lucene search
K

58 matches found

Vulnrichment
Vulnrichment
added 2025/07/31 3:24 p.m.5 views

CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs

A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...

6.9CVSS6.1AI score0.00233EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/31 3:24 p.m.17 views

CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs

A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...

6.9CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2025/07/31 3:24 p.m.21 views

CVE-2025-46809

CVE-2025-46809 is a vulnerability described as plaintext storage of a password: it exposes HTTP proxy credentials found in log files for SUSE Manager components. The affected items include container images and modules such as suse/manager/4.3/proxy-httpd, suse/manager/5.0/x86_64/proxy-httpd and -...

6.9CVSS6.1AI score0.00233EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/07/31 10:36 a.m.3 views

Security update 5.1.0 GM for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version update from 5.1.6-0 to 5.1.8-0 with the following key change: Update translation strings uyuni-tools: Version 5.1.14-0: Fix mgradm backup create handling of images and systemd files bsc1244563 migrate existing TLS certificates from 4.3...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References80
Tenable Nessus
Tenable Nessus
added 2025/07/24 12:0 a.m.6 views

SUSE SLES15: cobbler / grafana-formula / inter-server-sync / mgr-daemon / etc (SUSE-SU-2025:02475-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02475-1 advisory. cobbler: - Prevent crash during Cobbler startup on NFS environments bsc1240666 - Synchronize cobbler add and sync actions bsc1233371 - Exclude...

9.8CVSS7.6AI score0.10353EPSS
Exploits1References68
OSV
OSV
added 2025/07/23 1:34 p.m.2 views

SUSE-SU-2025:20504-1 Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle

This update fixes the following issues: golang-github-prometheus-nodeexporter: - Security issues fixed: - CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 - Other bugs fixed: - Fixed Darwin memory leak -...

9.6CVSS7.4AI score0.00982EPSS
Exploits2References38
SUSE Linux
SUSE Linux
added 2025/07/23 12:46 p.m.6 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
OSV
OSV
added 2025/07/23 12:43 p.m.3 views

SUSE-SU-2025:02492-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...

9.6CVSS7.2AI score0.00982EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2025/07/23 12:37 p.m.9 views

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...

9.8CVSS6.8AI score0.10353EPSS
Exploits1References148
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30623 · Undefined · Undefined

🚨 Breaking: SUSE-2025-02476-1 patch drops for Multi-Linux Manager 4.3. 9 CVEs patched—including remote code execution CVE-2025-18432 and privilege escalation exploits. 🔧 Step-by-step guide + risk matrix: ⚠️ Patch within 72 hrs! Read more: 👉 https://t.co/evlHbRJ4Fr Linux https://t.co/3Fxej90SEg...

8.6AI score
Exploits0References1
OSV
OSV
added 2025/06/18 2:11 a.m.4 views

SUSE-SU-2025:01989-1 Security update for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 - Other bugs fixes from version 2.53.4...

9.9CVSS6.9AI score0.97781EPSS
Exploits13References23
OSV
OSV
added 2025/06/18 2:9 a.m.8 views

SUSE-SU-2025:01987-1 Security update for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 - Other bugs fixes from version 2.53.4...

9.9CVSS6.9AI score0.97781EPSS
Exploits13References23
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.7 views

SUSE SLES15: spacewalk-java / spacewalk-java-config / spacewalk-java-lib / etc (SUSE-SU-2025:1321-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1321-1 advisory. spacewalk-java: - Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Tenable has extracted the preceding description...

5.6CVSS5.8AI score0.0028EPSS
Exploits0References4
OSV
OSV
added 2025/04/16 8:14 a.m.8 views

SUSE-SU-2025:1321-1 Security update for Multi-Linux Manager 4.3: Server

This update fixes the following issues: spacewalk-java: - Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826...

5.6CVSS7.1AI score0.0028EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/04/16 8:14 a.m.2 views

Maintenance update for Multi-Linux Manager 4.3: Server

This update fixes the following issues: spacewalk-java: Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

5.6CVSS7.2AI score0.0028EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/04/16 7:57 a.m.2 views

Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server

Description: This update fixes the following issues: proxy-helm: Version 5.0.12: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.10: Fixed wrong IP address set on susemanager-tftpsync-recv.conf Image rebuilt to the newest version with updated...

5.6CVSS7.3AI score0.0028EPSS
Exploits0References70
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.8 views

SUSE SLES15 / openSUSE 15 : Recommended update 4.3.15 for Multi-Linux Manager Client Tools (SUSE-SU-SUSE-RU-2025:0791-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:0791-1 advisory. ansible: - Security issues fixed: CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be...

5.5CVSS6.7AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2025/03/06 5:28 a.m.11 views

SUSE-RU-2025:0791-1 Recommended update 4.3.15 for Multi-Linux Manager Client Tools

This update fixes the following issues: ansible: - Security issues fixed: CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be exposed in plaintext bsc1230601 spacewalk-client-tools: - Version 4.3.22-0 Allow translation to wrap strings as weblate forces it...

5.5CVSS6.6AI score0.00271EPSS
Exploits0References3
Rows per page
Query Builder