Vulnerabilities > Novell > Suse Linux Enterprise Server > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-08-19 | CVE-2013-3567 | Improper Input Validation vulnerability in multiple products Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | 7.5 |
2008-12-11 | CVE-2008-5422 | Permissions, Privileges, and Access Controls vulnerability in SUN RAY Server Software Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors. | 7.5 |
2008-07-09 | CVE-2008-2931 | Improper Privilege Management vulnerability in multiple products The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. | 7.8 |
2008-05-08 | CVE-2008-2112 | Privilege Escalation vulnerability in SUN RAY Server Software 4.0 Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. | 8.5 |