SUSE CVE-2011-2490

opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes...

SUSE CVE-2011-3090

Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes...

SUSE CVE-2012-2868

Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest aka XHR object...

SUSE CVE-2012-6136

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes...

SUSE CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option...

SUSE CVE-2017-0663

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library...

SUSE CVE-2017-2616

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

SUSE CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

SUSE CVE-2017-7560

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes...

SUSE CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

SUSE CVE-2017-14159

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, ...

SUSE CVE-2017-15132

A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to...

SUSE CVE-2018-1116

A flaw was found in polkit before version 0.116. The implementation of the polkitbackendinteractiveauthoritycheckauthorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informati...

SUSE CVE-2018-6080

Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes...

SUSE CVE-2018-16878

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS...

SUSE CVE-2018-1000015

On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...

SUSE CVE-2019-14891

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management conmon processes being killed if a workload process triggers an out-of-memory OOM condition for the cgroup. An attacker could abuse this flaw to get...

SUSE CVE-2022-1473

The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will...

SUSE CVE-2022-22750

By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.This bug only affects Firefox for Windows and MacOS. Other operating...

Ubuntu 20.04 LTS / 22.04 LTS : WebKitGTK vulnerabilities (USN-5867-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5867-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website,...