Vulnerabilities > Suse > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-29552 | The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. | 7.5 |
| 2023-02-15 | CVE-2022-45153 | An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. | 7.8 |
| 2023-02-07 | CVE-2022-21953 | Missing Authorization vulnerability in Suse Rancher A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1. | 8.8 |
| 2023-02-07 | CVE-2022-43756 | Unspecified vulnerability in Suse Wrangler A Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. | 7.5 |
| 2023-02-07 | CVE-2022-43757 | Unspecified vulnerability in Suse Rancher A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows users on managed clusters to gain access to credentials. | 8.8 |
| 2023-02-07 | CVE-2022-43759 | Improper Privilege Management vulnerability in Suse Rancher A Improper Privilege Management vulnerability in SUSE Rancher, allows users with access to the escalate verb on PRTBs to escalate permissions for any -promoted resource in any cluster. | 8.8 |
| 2022-08-24 | CVE-2021-4028 | A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. | 7.8 |
| 2022-06-22 | CVE-2022-21952 | Unspecified vulnerability in Suse Manager Server A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. | 7.5 |
| 2022-05-02 | CVE-2021-36778 | Unspecified vulnerability in Suse Rancher A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. | 7.5 |
| 2022-05-02 | CVE-2021-36784 | Improper Privilege Management vulnerability in Suse Rancher A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. | 7.2 |