cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-31254,https://securityvulnerability.io/vulnerability/CVE-2022-31254,rmt-server-pubcloud allows to escalate from user _rmt to root,"An Incorrect Default Permissions vulnerability has been identified in the rmt-server-regsharing service of multiple SUSE products. This flaw permits local attackers with access to the _rmt user to escalate their privileges to root, potentially compromising the system's integrity. Affected versions include SUSE Linux Enterprise Server for SAP 15, its SP1 edition, SUSE Manager Server 4.1, and openSUSE Leap 15.3 and 15.4, specifically those rmt-server versions prior to 2.10. It is critical for organizations using these systems to apply the necessary updates to mitigate this security risk.",Suse,"Suse Linux Enterprise Server For SAP 15,Suse Linux Enterprise Server For SAP 15-sp1,Suse Manager Server 4.1,Opensuse Leap 15.3,Opensuse Leap 15.4",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-07T00:00:00.000Z,0
CVE-2022-31248,https://securityvulnerability.io/vulnerability/CVE-2022-31248,SUMA user enumeration via weak error message,"A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.",Suse,"Suse Manager Server 4.1,Suse Manager Server 4.2",5.3,MEDIUM,0.0016199999954551458,false,,false,false,false,,,false,false,,2022-06-22T10:15:00.000Z,0
CVE-2022-21952,https://securityvulnerability.io/vulnerability/CVE-2022-21952,SUMA unauthenticated remote DoS via resource exhaustion,"A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.",Suse,"Suse Manager Server 4.1,Suse Manager Server 4.2",7.5,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2022-06-22T00:00:00.000Z,0
CVE-2020-8028,https://securityvulnerability.io/vulnerability/CVE-2020-8028,salt-api is accessible to every user on SUSE Manager Server,"A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",Suse,"Suse Linux Enterprise Module For Suse Manager Server 4.1,Suse Manager Server 3.2,Suse Manager Server 4.0",9.3,CRITICAL,0.0011500000255182385,false,,false,false,false,,,false,false,,2020-09-17T10:15:00.000Z,0