CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2022-27239 – Gentoo Linux Security Advisory 202311-05
https://notcve.org/view.php?id=CVE-2022-27239
27 Apr 2022 — In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environmen... • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8030 – skuba: Insecure /tmp usage when joining node to cluster
https://notcve.org/view.php?id=CVE-2020-8030
11 Feb 2021 — A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster. Una vulnerabilidad de archivo temporal no seguro en skuba de SUSE CaaS Platform versión 4.5, permite a atacantes locales filtrar el bootstrapToken o modificar el archivo de configuración antes de que se procese, resultando en modificaciones arbitrarias de la machine/clus... • https://bugzilla.suse.com/show_bug.cgi?id=1177361 • CWE-377: Insecure Temporary File •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8029 – skuba: Insecure handling of private key
https://notcve.org/view.php?id=CVE-2020-8029
11 Feb 2021 — A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416. Una vulnerabilidad Asignación Incorrecta de Permisos para Recursos Críticos en skuba de SUSE CaaS Platform versión 4.5, permite a atacantes locales obtener acceso a la clave de kublet. Este problema afecta a: skuba de SUSE CaaS Platform ... • https://bugzilla.suse.com/show_bug.cgi?id=1177362 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-18900 – libzypp stores cookies world readable
https://notcve.org/view.php?id=CVE-2019-18900
24 Jan 2020 — : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1. Una vulnerabilidad de Permisos Predeterminados Incorrectos en lib... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3682 – Insecure API port exposed to all Master Node guest containers
https://notcve.org/view.php?id=CVE-2019-3682
17 Jan 2020 — The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. El paquete docker-kubic en SUSE CaaS Platform versión 3.0 anteriores a 17.09.1_ce-7.6.1, proporcionaba acceso localmente a una API no segura en el nodo maestro de Kubernetes. • https://bugzilla.suse.com/show_bug.cgi?id=1121148 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2018-6556 – The lxc-user-nic component of LXC allows unprivileged users to open arbitrary files
https://notcve.org/view.php?id=CVE-2018-6556
06 Aug 2018 — lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. Cuando se solicita a lxc-user-nic ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html • CWE-417: Communication Channel Errors •
CVSS: 10.0EPSS: 37%CPEs: 66EXPL: 0CVE-2017-18017 – kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
https://notcve.org/view.php?id=CVE-2017-18017
03 Jan 2018 — The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. La función tcpmss_mangle_packet en net/netfilter/xt_TCPMSS.c en el kernel de Linux, en versiones anteriores a la 4.11 y en versiones 4.9.x anteriores a la 4.9.36, permite que atacantes remotos p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •