2 matches found
CVE-2019-3695
CVE-2019-3695 is an improper control of code generation vulnerability in the packaging of PCP (Performance Co-Pilot) that, on affected SUSE/openSUSE and related builds, allows a local user to execute code as root by placing a script into /var/log/pcp/configs.sh. Affected products and PCP versions...
CVE-2019-3696
CVE-2019-3696 is a local privilege/file-overwrite vulnerability in the PCP (Performance Co-Pilot) packaging that arises from an improper limitation of a pathname to a restricted directory. The issue affects multiple SUSE-family products (SUSE Linux Enterprise HPC 15-ESPOS/LTSS, Development Tools ...