CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19727
https://notcve.org/view.php?id=CVE-2019-19727
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. SchedMD Slurm versiones anteriores a la versión 18.08.9 y versiones 19.x anteriores a la versión 19.05.5, posee permisos débiles de slurmdbd.conf. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00038.html https://bugzilla.suse.com/show_bug.cgi?id=1155784 https://lists.schedmd.com/pipermail/slurm-announce https://www.schedmd.com/news.php • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19728
https://notcve.org/view.php?id=CVE-2019-19728
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --uid with incorrect privileges. SchedMD Slurm versiones anteriores a la versión 18.08.9 y versiones 19.x anteriores a la versión 19.05.5, ejecuta srun --uid con privilegios incorrectos. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00038.html https://bugzilla.suse.com/show_bug.cgi?id=1159692 https://lists.schedmd.com/pipermail/slurm-announce https://www.debian.org/security/2021/dsa-4841 https://www.schedmd.com/news.php • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6438
https://notcve.org/view.php?id=CVE-2019-6438
SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. SchedMD Slurm, en versiones anteriores a la 17.11.13 y 18.x en versiones anteriores a la 18.08.5, gestiona de manera incorrecta los sistemas de 32 bits. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00090.html https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html https://www.schedmd.com/news.php?id=213 •
CVSS: 5.3EPSS: 0%CPEs: 17EXPL: 0CVE-2018-10995
https://notcve.org/view.php?id=CVE-2018-10995
SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). SchedMD Slurm en versiones anteriores a la 17.02.11 y versiones 17.1x.x anteriores a la 17.11.7 gestiona de manera incorrecta los nombres de usuario (también conocidos como campos user_name) y los ID de grupo (también conocidos como campos gid). • https://lists.debian.org/debian-lts-announce/2018/07/msg00029.html https://lists.debian.org/debian-lts-announce/2018/08/msg00008.html https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html https://www.debian.org/security/2018/dsa-4254 https://www.schedmd.com/news.php?id=203 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-7033
https://notcve.org/view.php?id=CVE-2018-7033
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. SchedMD Slurm en versiones anteriores a la 17.02.10 y 17.11.x en versiones anteriores a la 17.11.5 permite ataques de inyección SQL contra SlurmDBD. • https://lists.debian.org/debian-lts-announce/2018/04/msg00032.html https://lists.debian.org/debian-lts-announce/2018/07/msg00029.html https://lists.schedmd.com/pipermail/slurm-announce/2018/000006.html https://www.debian.org/security/2018/dsa-4254 https://www.schedmd.com/news.php?id=201 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •