Vulnerabilities > Suse > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-46953 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46956 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-10 | CVE-2024-46951 | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2023-12-12 | CVE-2020-10676 | Incorrect Authorization vulnerability in Suse Rancher In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an incorrectly applied authorization check allows users who have certain access to a namespace to move that namespace to a different project. | 8.8 |
| 2023-09-19 | CVE-2023-32182 | A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1. | 7.8 |
| 2023-09-19 | CVE-2023-32186 | Unspecified vulnerability in Suse Rancher Rke2 A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s servers apiserver/supervisor port (TCP 6443) cause denial of service. This issue affects RKE2: from 1.24.0 before 1.24.17+rke2r1, from v1.25.0 before v1.25.13+rke2r1, from v1.26.0 before v1.26.8+rke2r1, from v1.27.0 before v1.27.5+rke2r1, from v1.28.0 before v1.28.1+rke2r1. | 7.5 |
| 2023-06-01 | CVE-2022-43760 | Unspecified vulnerability in Suse Rancher An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SUSE Rancher allows users in some higher-privileged groups to to inject code that is executed within another user's browser, allowing the attacker to steal sensitive information, manipulate web content, or perform other malicious activities on behalf of the victims. | 8.4 |
| 2023-06-01 | CVE-2023-22647 | Unspecified vulnerability in Suse Rancher An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserved. low complexity suse | 8.0 |
| 2023-06-01 | CVE-2023-22648 | Unspecified vulnerability in Suse Rancher 2.6.10/2.7.0/2.7.1 A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. | 8.8 |