Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 3:37 a.m.1 views

SUSE CVE-2021-40348

Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...

7.8CVSS7.5AI score0.00356EPSS
Exploits1References6
OSV
OSVadded 2021/11/01 5:15 a.m.31 views

CVE-2021-40348

Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...

8.8CVSS7.5AI score
Exploits0References2
CVE
CVEadded 2021/11/01 4:32 a.m.63 views

CVE-2021-40348

CVE-2021-40348 affects Spacewalk 2.10 and derivatives (Uyuni 2021.08) due to an unsanitized configuration filename in rhn-config-satellite.pl, enabling potential code injection when the Spacewalk-specific key/value is appended and the script runs as root via sudo. Concrete details from multiple c...

9.3CVSS8.8AI score0.00356EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/11/01 4:32 a.m.14 views

CVE-2021-40348

Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...

9AI score0.00356EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2021/10/27 12:0 a.m.2 views

PT-2021-22868 · Suse +1 · Uyuni +2

Name of the Vulnerable Software and Affected Versions: Spacewalk version 2.10 Uyuni version 2021.08 Uyuni spacewalk-admin versions prior to 4.3.2-1 Description: The issue allows code injection due to the lack of sanitization of the configuration filename used by the rhn-config-satellite.pl script...

9.3CVSS7.9AI score0.02263EPSS
Exploits1References48
OSV
OSVadded 2020/12/14 11:1 a.m.3 views

SUSE-SU-2020:3781-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: image-sync-formula: - Send imagesynced event to master postgresql-jdbc: - Address CVE-2020-13692 bsc1172079 pxe-yomi-image-sle15: - Update config.sh based on last JeOS template - Update JEOSLOCALE to enUS.UTF-8 - Support configurlname for user provided...

7.7CVSS7.8AI score0.07801EPSS
Exploits0References24
OSV
OSVadded 2019/04/24 10:6 a.m.6 views

SUSE-RU-2019:1006-1 Security update for SUSE Manager Server 3.2

This update includes the following new features: to the repository metadata fate325676 This update fixes the following issues: apache-commons-lang3: - Run fdupes on javadoc - Specify java target and source level 1.6 to make package compatible with JDK = 1.8 cobbler: - Fixes case where distributio...

7.5CVSS7.4AI score0.02639EPSS
Exploits0References27
Rows per page
Query Builder