Lucene search
K

393 matches found

CVE
CVE
added 2020/06/29 8:20 a.m.822 views

CVE-2020-8022

CVE-2020-8022 describes an Incorrect Default Permissions flaw in the tomcat packaging for SUSE-related products (SUSE Enterprise Storage 5, various SLE/SAP/OpenStack Cloud variants, and related SUSE builds). The issue allows a local attacker to escalate from group tomcat to root. Affected Tomcat ...

7.8CVSS7.5AI score0.00857EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/06/29 8:20 a.m.44 views

CVE-2020-8022 User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server...

7.7CVSS7.5AI score0.00857EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2020/06/19 12:0 a.m.4 views

The vulnerability of the automated cloud computing platform SUSE OpenStack Cloud, related to insecure privilege management, allows a hacker to escalate their privileges.

The vulnerability of the automated cloud computing platform SUSE OpenStack Cloud lies in the insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7AI score0.00318EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.20 views

SUSE SLES12 Security Update : krb5-appl (SUSE-SU-2020:1533-1)

This update for krb5-appl fixes the following issues : CVE-2020-10188: Fixed a remote root execution bsc1165787. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...

10CVSS7.7AI score0.74513EPSS
Exploits2References4
NVD
NVD
added 2020/04/03 7:15 a.m.21 views

CVE-2018-17954

An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE...

9.3CVSS9.2AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/03 7:5 a.m.28 views

CVE-2018-17954 crowbar provision leaks admin password to all nodes in cleartext

An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE...

9.3CVSS9.2AI score0.00318EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/02/03 12:0 a.m.4 views

PT-2020-2758 · Suse · Crowbar-Core +3

Name of the Vulnerable Software and Affected Versions: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1 SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3 SUSE OpenStack Cloud 9 ardana-ansible versions prior to...

9.8CVSS6.8AI score0.99856EPSS
Exploits11References59
OSV
OSV
added 2020/01/17 11:15 a.m.4 views

CVE-2019-3683

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete...

8.8CVSS5.9AI score0.00935EPSS
Exploits0References2
Prion
Prion
added 2020/01/17 11:15 a.m.18 views

Code injection

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete...

6.5CVSS8.6AI score0.00935EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2020/01/17 11:10 a.m.20 views

CVE-2019-3683 keystone_json_assignment backend granted access to any project for users in user-project-map.json

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete...

8.8CVSS8.7AI score0.00935EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/09/25 12:0 a.m.23 views

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2019:2454-1)

This update for dovecot22 fixes the following issues : CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers bsc1145559. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenabl...

9.8CVSS8.8AI score0.62579EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : bzip2 (SUSE-SU-2019:2013-1)

This update for bzip2 fixes the following issues : Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors bsc1139083. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

9.8CVSS6.8AI score0.08042EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/04/17 12:0 a.m.20 views

SUSE SLED12 / SLES12 Security Update : wget (SUSE-SU-2019:0956-1)

This update for wget fixes the following issues : Security issue fixed : CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution bsc1131493. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

9.8CVSS8.5AI score0.05751EPSS
Exploits0References4
Rows per page
Query Builder