cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-45153,https://securityvulnerability.io/vulnerability/CVE-2022-45153,saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls,"The saphanabootstrap-formula component in specific SUSE Linux distributions allows local attackers the ability to escalate privileges to root. This arises from an incorrect default permissions setting in the sudo configuration, making it vulnerable to manipulation. Affected versions in SUSE Linux Enterprise Module for SAP Applications 15-SP1 and openSUSE Leap 15.4 are at risk if they are prior to version 0.13.1+git.1667812208.4db963e. It’s crucial for users to update to the latest version to mitigate this issue.",Suse,"Suse Linux Enterprise Module For SAP Applications 15-sp1,Suse Linux Enterprise Server For SAP 12-sp5,Opensuse Leap 15.4",7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2022-31254,https://securityvulnerability.io/vulnerability/CVE-2022-31254,rmt-server-pubcloud allows to escalate from user _rmt to root,"An Incorrect Default Permissions vulnerability has been identified in the rmt-server-regsharing service of multiple SUSE products. This flaw permits local attackers with access to the _rmt user to escalate their privileges to root, potentially compromising the system's integrity. Affected versions include SUSE Linux Enterprise Server for SAP 15, its SP1 edition, SUSE Manager Server 4.1, and openSUSE Leap 15.3 and 15.4, specifically those rmt-server versions prior to 2.10. It is critical for organizations using these systems to apply the necessary updates to mitigate this security risk.",Suse,"Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Server For SAP 15-sp1,Suse Manager Server 4.1,Opensuse Leap 15.3,Opensuse Leap 15.4",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2021-32000,https://securityvulnerability.io/vulnerability/CVE-2021-32000,clone-master-clean-up: dangerous file system operations,"A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.",Suse,"Suse Linux Enterprise Server 12 Sp3,Suse Linux Enterprise Server 15 Sp1,Factory",3.2,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-28T10:15:00.000Z,0
CVE-2020-8018,https://securityvulnerability.io/vulnerability/CVE-2020-8018,User owned /etc in SLES15-SP1-CHOST-BYOS,A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;,Suse,Suse Linux Enterprise Server 15 Sp1,8.4,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-05-04T12:15:00.000Z,0
CVE-2019-18904,https://securityvulnerability.io/vulnerability/CVE-2019-18904,Migrations requests can cause DoS on rmt,"A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.",Suse,"Suse Linux Enterprise High Performance Computing 15-espos,Suse Linux Enterprise High Performance Computing 15-ltss,Suse Linux Enterprise Module For Public Cloud 15-sp1,Suse Linux Enterprise Module For Server Applications 15,Suse Linux Enterprise Module For Server Applications 15-sp1,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Opensuse Leap 15.1",6.5,MEDIUM,0.001829999964684248,false,,false,false,false,,,false,false,,2020-04-03T00:00:00.000Z,0
CVE-2019-3696,https://securityvulnerability.io/vulnerability/CVE-2019-3696,pcp: Local privilege escalation from user pcp to root through migrate_tempdirs,"A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.",Suse,"Suse Linux Enterprise High Performance Computing 15-espos,Suse Linux Enterprise High Performance Computing 15-ltss,Suse Linux Enterprise Module For Development Tools 15,Suse Linux Enterprise Module For Development Tools 15-sp1,Suse Linux Enterprise Module For Open Buildservice Development Tools 15,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",8.4,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-03-03T11:15:00.000Z,0
CVE-2019-3695,https://securityvulnerability.io/vulnerability/CVE-2019-3695,pcp: Local privilege escalation from user pcp to root,"A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.",Suse,"Suse Linux Enterprise High Performance Computing 15-espos,Suse Linux Enterprise High Performance Computing 15-ltss,Suse Linux Enterprise Module For Development Tools 15,Suse Linux Enterprise Module For Development Tools 15-sp1,Suse Linux Enterprise Module For Open Buildservice Development Tools 15,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Software Development Kit 12-sp4,Suse Linux Enterprise Software Development Kit 12-sp5,Opensuse Leap 15.1",8.4,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2020-03-03T11:15:00.000Z,0
CVE-2019-18898,https://securityvulnerability.io/vulnerability/CVE-2019-18898,trousers: Local privilege escalation from tss to root,UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.,Suse,"Suse Linux Enterprise Server 15 Sp1,Factory",7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-01-23T14:15:00.000Z,0