Vulnerabilities > Suse > Openstack Cloud > 8.0

DATE CVE VULNERABILITY TITLE RISK
2022-04-27 CVE-2022-27239 Out-of-bounds Write vulnerability in multiple products
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
local
low complexity
samba debian suse hp fedoraproject CWE-787
7.8
2020-04-03 CVE-2018-17954 Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node.
local
low complexity
suse CWE-269
7.8
2020-01-17 CVE-2019-3683 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project.
network
low complexity
suse hp CWE-732
6.5