cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22029,https://securityvulnerability.io/vulnerability/CVE-2024-22029,Local User Escalation via Insecure Packaging,"The vulnerability arises from insecure permissions associated with the packaging of Tomcat, a web server and servlet container. This flaw allows local users to exploit a race condition during the installation process, potentially leading to privilege escalation to root. Organizations employing Tomcat should take immediate precautions to secure their environments against unauthorized privilege escalations by reviewing the implementation and applying any necessary patches or mitigations.",Suse,"Container Suse/manager/5.0/x86 64/server:5.0.0-beta1.2.122,Suse Enterprise Storage 7.1,Suse Linux Enterprise High Performance Computing 15 Sp2-ltss,Suse Linux Enterprise High Performance Computing 15 Sp3-ltss,Suse Linux Enterprise High Performance Computing 15 Sp4-espos,Suse Linux Enterprise High Performance Computing 15 Sp4-ltss,Suse Linux Enterprise High Performance Computing 15 Sp5,Suse Linux Enterprise Module For Web And Scripting 15 Sp5,Suse Linux Enterprise Server 15 Sp5,Suse Linux Enterprise Server For SAP Applications 15 Sp5,Suse Linux Enterprise High Performance Computing 15 Sp6,Suse Linux Enterprise Module For Web And Scripting 15 Sp6,Suse Linux Enterprise Server 15 Sp6,Suse Linux Enterprise Server For SAP Applications 15 Sp6,Suse Linux Enterprise Server 15 Sp2-ltss,Suse Linux Enterprise Server 15 Sp3-ltss,Suse Linux Enterprise Server 15 Sp4-ltss,Suse Linux Enterprise Server For SAP Applications 15 Sp2,Suse Linux Enterprise Server For SAP Applications 15 Sp3,Suse Linux Enterprise Server For SAP Applications 15 Sp4,Suse Manager Server 4.3,Opensuse Leap 15.5,Opensuse Tumbleweed",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-16T13:20:47.698Z,0
CVE-2022-45154,https://securityvulnerability.io/vulnerability/CVE-2022-45154,supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh,"A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.",Suse,"Suse Linux Enterprise Server 12,Suse Linux Enterprise Server 15,Suse Linux Enterprise Server 15 Sp3",4.4,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2023-22643,https://securityvulnerability.io/vulnerability/CVE-2023-22643,libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls,"An improper handling of special elements in the libzypp-plugin-appdata of SUSE Linux Enterprise Server and openSUSE Leap permits malicious actors to exploit the system. By manipulating REPO_ALIAS, REPO_TYPE, or REPO_METADATA_PATH settings, attackers can execute arbitrary code with root privileges, potentially compromising the integrity and security of affected systems. This vulnerability affects specific versions of the libzypp-plugin-appdata, highlighting the need for users to update to the latest versions to mitigate these risks.",SUSE,"SUSE Linux Enterprise Server for SAP 15-SP3,openSUSE Leap 15.4",7.8,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2021-32000,https://securityvulnerability.io/vulnerability/CVE-2021-32000,clone-master-clean-up: dangerous file system operations,"A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.",Suse,"Suse Linux Enterprise Server 12 Sp3,Suse Linux Enterprise Server 15 Sp1,Factory",3.2,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-28T10:15:00.000Z,0
CVE-2020-8023,https://securityvulnerability.io/vulnerability/CVE-2020-8023,Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2,"A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.",Suse,"Suse Enterprise Storage 5,Suse Linux Enterprise Debuginfo 11-sp3,Suse Linux Enterprise Debuginfo 11-sp4,Suse Linux Enterprise Point Of Sale 11-sp3,Suse Linux Enterprise Server 11-security,Suse Linux Enterprise Server 11-sp4-ltss,Suse Linux Enterprise Server 12-sp2-bcl,Suse Linux Enterprise Server 12-sp2-ltss,Suse Linux Enterprise Server 12-sp3-bcl,Suse Linux Enterprise Server 12-sp3-ltss,Suse Linux Enterprise Server 12-sp4,Suse Linux Enterprise Server 12-sp5,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 12-sp2,Suse Linux Enterprise Server For SAP 12-sp3,Suse Linux Enterprise Server For SAP 15,Suse Openstack Cloud 7,Suse Openstack Cloud 8,Suse Openstack Cloud Crowbar 8,Opensuse Leap 15.1,Opensuse Leap 15.2",7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-09-01T12:15:00.000Z,0
CVE-2020-8022,https://securityvulnerability.io/vulnerability/CVE-2020-8022,User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges,"A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.",Suse,"Suse Enterprise Storage 5,Suse Linux Enterprise Server 12-sp2-bcl,Suse Linux Enterprise Server 12-sp2-ltss,Suse Linux Enterprise Server 12-sp3-bcl,Suse Linux Enterprise Server 12-sp3-ltss,Suse Linux Enterprise Server 12-sp4,Suse Linux Enterprise Server 12-sp5,Suse Linux Enterprise Server 15-ltss,Suse Linux Enterprise Server For SAP 12-sp2,Suse Linux Enterprise Server For SAP 12-sp3,Suse Linux Enterprise Server For SAP 15,Suse Openstack Cloud 7,Suse Openstack Cloud 8,Suse Openstack Cloud Crowbar 8",7.7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-06-29T09:15:00.000Z,0