Lucene search
K

7 matches found

CNVD
CNVD
added 2019/03/07 12:0 a.m.3 views

SUSE Supportutils Input Validation Error Vulnerability (CNVD-2019-39164)

SUSE Supportutils is a collection of utility programs used in SUSE Linux systems from SUSE Germany. The product has the ability to collect system troubleshooting information, read and interpret the basic-health-check.txt file, and perform a brief analysis of the kernel core files. An input...

7.8CVSS6.9AI score0.00318EPSS
Exploits0References1
Prion
Prion
added 2019/03/05 4:29 p.m.19 views

Command injection

Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges...

7.2CVSS7.8AI score0.00318EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/03/05 4:29 p.m.20 views

Command injection

If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...

7.2CVSS5.6AI score0.00503EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/03/05 4:29 p.m.21 views

Directory traversal

If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 e.g. with CVE-2018-19638 he can kill arbitrary processes on the local machine...

2.1CVSS5AI score0.00399EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/05 4:29 p.m.22 views

CVE-2018-19636

Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges...

7.8CVSS7.5AI score0.00318EPSS
Exploits0References2
OSV
OSV
added 2019/03/05 4:29 p.m.4 views

CVE-2018-19640

If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 e.g. with CVE-2018-19638 he can kill arbitrary processes on the local machine...

5.5CVSS5.9AI score0.00301EPSS
Exploits0References2
NVD
NVD
added 2019/03/05 4:29 p.m.26 views

CVE-2018-19639

If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...

7.8CVSS5.4AI score0.00503EPSS
Exploits0References2
Rows per page
Query Builder