CVSS: 7.8EPSS: 83%CPEs: 9EXPL: 2CVE-2023-29552 – Service Location Protocol (SLP) Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-29552
25 Apr 2023 — The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant ampli... • https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23005
https://notcve.org/view.php?id=CVE-2023-23005
01 Mar 2023 — In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached. • https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-45153 – saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
https://notcve.org/view.php?id=CVE-2022-45153
15 Feb 2023 — An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-f... • https://bugzilla.suse.com/show_bug.cgi?id=1205990 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-45154 – supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh
https://notcve.org/view.php?id=CVE-2022-45154
15 Feb 2023 — A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 a... • https://bugzilla.suse.com/show_bug.cgi?id=1207598 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-31254 – rmt-server-pubcloud allows to escalate from user _rmt to root
https://notcve.org/view.php?id=CVE-2022-31254
07 Feb 2023 — A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-serve... • https://bugzilla.suse.com/show_bug.cgi?id=1204285 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-22643 – libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
https://notcve.org/view.php?id=CVE-2023-22643
07 Feb 2023 — An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata ver... • https://bugzilla.suse.com/show_bug.cgi?id=1206836 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2022-27239 – Gentoo Linux Security Advisory 202311-05
https://notcve.org/view.php?id=CVE-2022-27239
27 Apr 2022 — In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environmen... • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba • CWE-787: Out-of-bounds Write •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-46705 – grub2-once uses fixed file name in /var/tmp
https://notcve.org/view.php?id=CVE-2021-46705
16 Mar 2022 — A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. Una vulnerabilidad de Archivos Temporales no Seguros en grub-once de grub2 en SUSE Linux Enterprise Server 15 SP4, openSUSE Factory permite a atacantes locales truncar archivos arbitrario... • https://bugzilla.suse.com/show_bug.cgi?id=1190474 • CWE-377: Insecure Temporary File •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-45082 – Ubuntu Security Notice USN-6475-1
https://notcve.org/view.php?id=CVE-2021-45082
18 Feb 2022 — An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) Se ha detectado un problema en Cobbler versiones hasta 3.3.0. En el archivo templar.py, la función check_for_invalid_imports puede permitir que el código Cheetah importe módulos de Python por medio de la subcadena "#from MODULE import". • https://bugzilla.suse.com/show_bug.cgi?id=1193678 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21944 – watchman: chown in watchman@.socket unit allows symlink attack
https://notcve.org/view.php?id=CVE-2022-21944
26 Jan 2022 — A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1. Un enlace simbólico de UNIX (Symlink) Tras la vulnerabilidad en el archivo de servicio systemd para watchman de openSUSE Backports versión SLE-15-SP3, Factory permite a atacantes locales esca... • https://bugzilla.suse.com/show_bug.cgi?id=1194470 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •