Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

SUSE Security Vulnerabilities

cve
cve

CVE-2023-22648

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to userswhile they are logged in the Rancher UI. This would cause the users toretain their previous permissions in Rancher, even if they change groupson Azure AD, for example, to ...

8.8CVSS

8.4AI Score

0.001EPSS

2023-06-01 01:15 PM
56
cve
cve

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead tothe misconfiguration of the Webhook. This component enforces validationrules and security checks before resources are admitted into theKub...

9.9CVSS

9.4AI Score

0.001EPSS

2023-05-04 08:15 AM
53
cve
cve

CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_mem...

5.5CVSS

5.1AI Score

0.0004EPSS

2023-03-01 08:15 PM
25
cve
cve

CVE-2023-29552

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

7.5CVSS

7.4AI Score

0.023EPSS

2023-04-25 04:15 PM
252
In Wild
cve
cve

CVE-2023-32182

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before ...

7.8CVSS

7.4AI Score

0.0004EPSS

2023-09-19 04:15 PM
30
cve
cve

CVE-2023-32186

A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service.This issue affects RKE2: from 1.24.0 before 1.24.17+rke2r1, from v1.25.0 before v1.25.13+rke2r1, from v1.26.0 be...

7.5CVSS

7.4AI Score

0.0005EPSS

2023-09-19 10:15 AM
2424
cve
cve

CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend agai...

5.5CVSS

5.8AI Score

0.0004EPSS

2023-05-31 08:15 PM
52
cve
cve

CVE-2024-23301

Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.

5.5CVSS

5.4AI Score

0.0004EPSS

2024-01-12 11:15 PM
68
Total number of security vulnerabilities1108