| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-21947 |
284 |
|
|
2022-04-01 |
2022-04-11 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Improper Access Control vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. |
|
2 |
CVE-2021-45082 |
77 |
|
|
2022-02-19 |
2022-04-08 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) |
|
3 |
CVE-2021-41819 |
565 |
|
|
2022-01-01 |
2022-05-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. |
|
4 |
CVE-2021-41817 |
|
|
DoS |
2022-01-01 |
2022-05-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. |
|
5 |
CVE-2021-36784 |
269 |
|
|
2022-05-02 |
2022-05-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A Improper Privilege Management vulnerability in SUSE Rancher allows users with the restricted-admin role to escalate to full admin. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. |
|
6 |
CVE-2021-36778 |
522 |
|
|
2022-05-02 |
2022-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3. |
|
7 |
CVE-2021-32001 |
311 |
|
|
2021-07-28 |
2021-08-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A Missing Encryption of Sensitive Data vulnerability in k3s, kde2 of SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions. |
|
8 |
CVE-2021-32000 |
61 |
|
|
2021-07-28 |
2021-08-11 |
6.6 |
None |
Local |
Low |
Not required |
None |
Complete |
Complete |
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions. |
|
9 |
CVE-2021-25315 |
303 |
|
Exec Code |
2021-03-03 |
2021-03-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Incorrect Implementation of Authentication Algorithm vulnerability in of SUSE SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. |
|
10 |
CVE-2021-25313 |
79 |
|
XSS |
2021-03-05 |
2022-04-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6. |
|
11 |
CVE-2021-4200 |
269 |
|
|
2022-05-02 |
2022-05-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A Improper Privilege Management vulnerability in SUSE Rancher allows write access to the Catalog for any user when restricted-admin role is enabled. This issue affects: SUSE Rancher Rancher versions prior to 2.5.13; Rancher versions prior to 2.6.4. |
|
12 |
CVE-2021-4166 |
125 |
|
|
2021-12-25 |
2022-05-17 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
vim is vulnerable to Out-of-bounds Read |
|
13 |
CVE-2020-15707 |
362 |
|
Exec Code Overflow Bypass |
2020-07-29 |
2021-09-13 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. |
|
14 |
CVE-2020-15706 |
362 |
|
Exec Code Bypass |
2020-07-29 |
2021-05-01 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. |
|
15 |
CVE-2020-15705 |
347 |
|
Bypass |
2020-07-29 |
2022-04-18 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. |
|
16 |
CVE-2020-14147 |
787 |
|
DoS Overflow Mem. Corr. Bypass |
2020-06-15 |
2021-07-30 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. |
|
17 |
CVE-2020-8030 |
377 |
|
|
2021-02-11 |
2021-02-19 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster. |
|
18 |
CVE-2020-8029 |
732 |
|
|
2021-02-11 |
2021-02-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416. |
|
19 |
CVE-2020-8025 |
279 |
|
|
2020-08-07 |
2020-08-12 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624. |
|
20 |
CVE-2020-6449 |
416 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
21 |
CVE-2020-6429 |
787 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
22 |
CVE-2020-6428 |
787 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
23 |
CVE-2020-6427 |
787 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
24 |
CVE-2020-6426 |
787 |
|
|
2020-03-23 |
2022-03-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
25 |
CVE-2020-6424 |
416 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
26 |
CVE-2020-6422 |
787 |
|
|
2020-03-23 |
2022-03-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
27 |
CVE-2020-5504 |
89 |
|
Sql |
2020-01-09 |
2020-11-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. |
|
28 |
CVE-2019-18901 |
59 |
|
|
2020-03-02 |
2020-11-20 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1. |
|
29 |
CVE-2019-15624 |
20 |
|
|
2020-02-04 |
2022-01-01 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders. |
|
30 |
CVE-2019-15623 |
|
|
|
2020-02-04 |
2021-10-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled. |
|
31 |
CVE-2019-13209 |
79 |
|
Exec Code XSS |
2019-09-04 |
2022-04-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is accomplished, the exploiter is able to execute commands against the cluster's Kubernetes API with the permissions and identity of the victim. |
|
32 |
CVE-2019-12303 |
74 |
|
Exec Code |
2019-06-06 |
2022-04-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container. |
|
33 |
CVE-2019-12274 |
668 |
|
+Priv |
2019-06-06 |
2022-04-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml. |
|
34 |
CVE-2019-11881 |
|
|
|
2019-06-10 |
2022-04-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. |
|
35 |
CVE-2019-11038 |
908 |
|
|
2019-06-19 |
2020-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. |
|
36 |
CVE-2019-6287 |
269 |
|
|
2019-04-10 |
2022-04-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it. |
|
37 |
CVE-2019-3700 |
327 |
|
|
2020-01-24 |
2020-02-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
yast2-security didn't use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defaults in 4.2.6 and used the new configuration file locations. Password created during this time used DES password encryption and are not properly protected against attackers that are able to access the password hashes. |
|
38 |
CVE-2019-3688 |
276 |
|
|
2019-10-07 |
2019-11-21 |
6.6 |
None |
Local |
Low |
Not required |
None |
Complete |
Complete |
|
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary |
|
39 |
CVE-2019-3686 |
79 |
|
XSS |
2020-01-17 |
2020-01-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security |
|
40 |
CVE-2019-3684 |
922 |
|
|
2019-05-13 |
2020-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem |
|
41 |
CVE-2019-3683 |
732 |
|
|
2020-01-17 |
2020-10-22 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. |
|
42 |
CVE-2019-3682 |
668 |
|
|
2020-01-17 |
2020-02-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. |
|
43 |
CVE-2018-20105 |
532 |
|
|
2020-01-27 |
2020-02-27 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2. |
|
44 |
CVE-2018-19655 |
787 |
|
Overflow |
2018-11-29 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. |
|
45 |
CVE-2018-19543 |
125 |
|
|
2018-11-26 |
2020-09-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c. |
|
46 |
CVE-2018-19542 |
476 |
|
DoS |
2018-11-26 |
2020-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. |
|
47 |
CVE-2018-19541 |
125 |
|
|
2018-11-26 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c. |
|
48 |
CVE-2018-19540 |
787 |
|
Overflow |
2018-11-26 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c. |
|
49 |
CVE-2018-19539 |
617 |
|
DoS |
2018-11-26 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service. |
|
50 |
CVE-2018-19208 |
476 |
|
DoS |
2018-11-12 |
2020-04-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. |
