Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2000-0218

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Apr, 2000 | 04:00
Updated At-08 Aug, 2024 | 05:05
Rejected At-
Credits

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Apr, 2000 | 04:00
Updated At:08 Aug, 2024 | 05:05
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/6980
vdb-entry
x_refsource_OSVDB
http://www.osvdb.org/7004
vdb-entry
x_refsource_OSVDB
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
vendor-advisory
x_refsource_CALDERA
Hyperlink: http://www.osvdb.org/6980
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.osvdb.org/7004
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/6980
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.osvdb.org/7004
vdb-entry
x_refsource_OSVDB
x_transferred
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
vendor-advisory
x_refsource_CALDERA
x_transferred
Hyperlink: http://www.osvdb.org/6980
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.osvdb.org/7004
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Feb, 2000 | 05:00
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
The MITRE Corporation (Caldera)
caldera
>>openlinux>>2.3
cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>*
cpe:2.3:o:suse:suse_linux:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txtcve@mitre.org
N/A
http://www.osvdb.org/6980cve@mitre.org
N/A
http://www.osvdb.org/7004cve@mitre.org
N/A
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/6980af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/7004af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/6980
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/7004
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/6980
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/7004
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

113Records found
CVE-2002-0911
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.15% / 36.38%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-volution_managern/a
CVE-2014-3153
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.8||HIGH
EPSS-80.51% / 99.09%
||
7 Day CHG-0.26%
Published-07 Jun, 2014 | 14:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-15||Apply updates per vendor instructions.

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

Action-Not Available
Vendor-n/aSUSEopenSUSELinux Kernel Organization, IncOracle CorporationCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_server_auslinux_enterprise_high_availability_extensionlinux_kernelopensuseubuntu_linuxlinux_enterprise_real_time_extensionlinux_enterprise_desktoplinuxlinux_enterprise_servern/aKernel
CVE-2002-1285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.15% / 36.38%
||
7 Day CHG~0.00%
Published-14 Nov, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2002-0987
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.15% / 35.60%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-unixwareopenunixn/a
CVE-2002-0442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.14% / 35.47%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-openservern/a
CVE-2002-0105
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.93%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-unixwaren/a
CVE-2002-0517
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.33% / 54.92%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-unixwareopenunixn/a
CVE-1999-0405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.83%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in lsof allows local users to obtain root privilege.

Action-Not Available
Vendor-n/aSUSEDebian GNU/LinuxRed Hat, Inc.FreeBSD Foundation
Product-linuxsuse_linuxdebian_linuxfreebsdn/a
CVE-1999-0906
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.51%
||
7 Day CHG~0.00%
Published-18 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2014-1737
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.69%
||
7 Day CHG~0.00%
Published-11 May, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSERed Hat, Inc.Debian GNU/LinuxOracle Corporation
Product-linux_enterprise_high_availability_extensionlinux_kernelenterprise_linux_euslinux_enterprise_real_time_extensionlinux_enterprise_desktopdebian_linuxlinuxlinux_enterprise_servern/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2014-0069
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.70%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-enterprise_linux_serverenterprise_linux_server_auslinux_kernelenterprise_linux_eusenterprise_linux_desktopenterprise_linux_server_tuslinux_enterprise_desktopenterprise_linux_workstationlinux_enterprise_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3949
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.75%
||
7 Day CHG~0.00%
Published-22 Sep, 2008 | 17:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-3301
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-29 Apr, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-enterprise_linuxlinux_enterprise_high_availability_extensionlinux_kernelenterprise_mrglinux_enterprise_desktoplinux_enterprise_servern/a
CVE-2008-2812
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.53%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 00:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

Action-Not Available
Vendor-n/aopenSUSESUSECanonical Ltd.Debian GNU/LinuxLinux Kernel Organization, IncAvaya LLCNovell
Product-ubuntu_linuxdebian_linuxlinux_kernelmessage_networkingopensusemessaging_storage_serverproactive_contactexpanded_meet-me_conferencingsuse_linux_enterprise_serversip_enablement_servicescommunication_managersuse_linux_enterprise_desktopmeeting_exchangeintuity_audix_lxlinux_desktopn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2012-3515
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.37%
||
7 Day CHG~0.00%
Published-23 Nov, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

Action-Not Available
Vendor-n/aQEMUSUSECanonical Ltd.Xen ProjectRed Hat, Inc.openSUSEDebian GNU/Linux
Product-enterprise_linux_desktopenterprise_linuxlinux_enterprise_serverlinux_enterprise_software_development_kitubuntu_linuxenterprise_linux_eusqemuenterprise_linux_workstationdebian_linuxvirtualizationlinux_enterprise_desktopopensusexenenterprise_linux_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-8018
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.03% / 5.64%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 11:35
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User owned /etc in SLES15-SP1-CHOST-BYOS

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

Action-Not Available
Vendor-SUSE
Product-linux_enterprise_desktopSUSE Linux Enterprise Server 15 SP1
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2001-0193
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 42.80%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSUSE
Product-suse_linuxdebian_linuxn/a
CVE-2020-8023
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.02% / 2.93%
||
7 Day CHG~0.00%
Published-01 Sep, 2020 | 11:25
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2

A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverlinux_enterprise_debuginfolinux_enterprise_point_of_saleopenldap2openstack_cloudenterprise_storageopenstack_cloud_crowbarleapSUSE Linux Enterprise Debuginfo 11-SP4SUSE OpenStack Cloud Crowbar 8SUSE Linux Enterprise Server 12-SP4SUSE Linux Enterprise Server 11-SECURITYSUSE Linux Enterprise Server 12-SP2-BCLSUSE Linux Enterprise Server for SAP 12-SP3SUSE Linux Enterprise Server for SAP 12-SP2SUSE Linux Enterprise Server 12-SP3-LTSSSUSE Linux Enterprise Server 12-SP3-BCLSUSE Enterprise Storage 5SUSE Linux Enterprise Server 11-SP4-LTSSSUSE Linux Enterprise Server 12-SP2-LTSSSUSE Linux Enterprise Server for SAP 15SUSE Linux Enterprise Server 12-SP5SUSE Linux Enterprise Point of Sale 11-SP3openSUSE Leap 15.1SUSE OpenStack Cloud 7openSUSE Leap 15.2SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Debuginfo 11-SP3SUSE OpenStack Cloud 8
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2020-8019
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.04% / 11.34%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 11:30
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
syslog-ng: Local privilege escalation from new to root in %post

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.

Action-Not Available
Vendor-oneidentityopenSUSESUSE
Product-linux_enterprise_serverlinux_enterprise_module_for_legacylinux_enterprise_debuginfolinux_enterprise_point_of_salesyslog-ngbackports_sleleapSUSE Linux Enterprise Debuginfo 11-SP4SUSE Linux Enterprise Module for Legacy Software 12SUSE Linux Enterprise Point of Sale 11-SP3openSUSE Leap 15.1SUSE Linux Enterprise Server for SAP 12-SP1openSUSE Backports SLE-15-SP1SUSE Linux Enterprise Server 11-SP4-LTSSSUSE Linux Enterprise Debuginfo 11-SP3
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2007-6167
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.55%
||
7 Day CHG~0.00%
Published-29 Nov, 2007 | 01:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CWE ID-CWE-264
Not Available
CVE-2020-8022
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.20% / 42.74%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 08:20
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.

Action-Not Available
Vendor-The Apache Software FoundationopenSUSESUSE
Product-linux_enterprise_serveropenstack_cloudtomcatenterprise_storageopenstack_cloud_crowbarleapSUSE Linux Enterprise Server 12-SP5SUSE OpenStack Cloud Crowbar 8SUSE Linux Enterprise Server 12-SP4SUSE Linux Enterprise Server 12-SP2-BCLSUSE Linux Enterprise Server for SAP 12-SP3SUSE OpenStack Cloud 7SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Server for SAP 12-SP2SUSE Linux Enterprise Server 12-SP3-LTSSSUSE Linux Enterprise Server 12-SP3-BCLSUSE Enterprise Storage 5SUSE OpenStack Cloud 8SUSE Linux Enterprise Server 12-SP2-LTSSSUSE Linux Enterprise Server for SAP 15
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2006-0745
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.52%
||
7 Day CHG~0.00%
Published-21 Mar, 2006 | 02:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.

Action-Not Available
Vendor-n/aMandriva (Mandrakesoft)X.Org FoundationSun Microsystems (Oracle Corporation)SUSERed Hat, Inc.
Product-solarissuse_linuxx11r6fedora_corex11r7mandrake_linuxn/a
CVE-2021-4034
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-86.50% / 99.37%
||
7 Day CHG-0.52%
Published-28 Jan, 2022 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-18||Apply updates per vendor instructions.

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Action-Not Available
Vendor-polkit_projectstarwindsoftwaren/aSiemens AGSUSERed Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_eusenterprise_linux_serverstarwind_virtual_sanmanager_serverubuntu_linuxlinux_enterprise_desktopzfs_storage_appliance_kitenterprise_linux_for_ibm_z_systemslinux_enterprise_serverenterprise_linux_for_ibm_z_systems_euscommand_centerlinux_enterprise_workstation_extensionenterprise_linux_for_power_big_endianscalance_lpe9403scalance_lpe9403_firmwarelinux_enterprise_high_performance_computingenterprise_linux_workstationmanager_proxypolkitenterprise_storageenterprise_linux_for_scientific_computinghttp_serverenterprise_linux_desktopenterprise_linux_for_power_little_endianenterprise_linux_server_ausenterprise_linux_server_tusenterprise_linuxenterprise_linux_server_eusenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_for_power_little_endian_eussinumerik_edgepolkitPolkit
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2005-1763
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.04% / 11.77%
||
7 Day CHG~0.00%
Published-14 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

Action-Not Available
Vendor-n/aSUSENovell
Product-linux_desktopsuse_linuxn/a
CVE-2022-27239
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.94%
||
7 Day CHG~0.00%
Published-27 Apr, 2022 | 00:00
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

Action-Not Available
Vendor-n/aSUSEHP Inc.Debian GNU/LinuxSambaFedora Project
Product-linux_enterprise_software_development_kitlinux_enterprise_serverlinux_enterprise_high_performance_computingmanager_serverlinux_enterprise_real_timehelion_openstackopenstack_cloudcifs-utilsmanager_proxymanager_retail_branch_serverlinux_enterprise_microdebian_linuxfedoralinux_enterprise_point_of_servicecaas_platformlinux_enterprise_desktoplinux_enterprise_storageenterprise_storageopenstack_cloud_crowbarn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2005-0750
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.26%
||
7 Day CHG~0.00%
Published-03 Apr, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

Action-Not Available
Vendor-conectivan/aLinux Kernel Organization, IncUbuntuSUSERed Hat, Inc.
Product-linux_kernelubuntu_linuxenterprise_linux_desktopsuse_linuxfedora_corelinuxenterprise_linuxn/a
CVE-2004-0496
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.68%
||
7 Day CHG~0.00%
Published-06 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncGentoo Foundation, Inc.SUSESun Microsystems (Oracle Corporation)Mandriva (Mandrakesoft)
Product-suse_linux_office_serverlinux_kernelsuse_email_servermandrake_linux_corporate_serversolarismandrake_multi_network_firewallsuse_linux_database_serversunossuse_linuxsuse_linux_connectivity_serverlinuxsuse_linux_firewallmandrake_linuxn/a
CVE-2004-1070
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.18%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.

Action-Not Available
Vendor-trustixturbolinuxn/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_kernelsecure_linuxturbolinux_serverenterprise_linux_desktopsuse_linuxfedora_coreenterprise_linuxlinux_advanced_workstationn/a
CVE-2004-1072
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.87%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.

Action-Not Available
Vendor-trustixturbolinuxn/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_kernelsecure_linuxturbolinux_serverenterprise_linux_desktopsuse_linuxfedora_coreenterprise_linuxlinux_advanced_workstationn/a
CVE-2004-1071
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.92%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

Action-Not Available
Vendor-trustixturbolinuxn/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_kernelsecure_linuxturbolinux_serverenterprise_linux_desktopsuse_linuxfedora_coreenterprise_linuxlinux_advanced_workstationn/a
CVE-2004-0495
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.45%
||
7 Day CHG~0.00%
Published-23 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

Action-Not Available
Vendor-conectivan/aLinux Kernel Organization, IncAvaya LLCGentoo Foundation, Inc.SUSERed Hat, Inc.
Product-suse_linux_office_serverlinux_kernelsuse_email_serversuse_linux_database_servers8300s8700suse_linux_connectivity_serverlinuxintuity_audixconverged_communications_servers8500suse_linux_admin-cd_for_firewallsuse_linuxsuse_office_serverenterprise_linuxsuse_linux_firewall_cdmodular_messaging_message_storage_servern/a
CVE-2004-0887
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.76%
||
7 Day CHG~0.00%
Published-26 Oct, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.

Action-Not Available
Vendor-n/aSUSELinux Kernel Organization, Inc
Product-linux_kernelsuse_linuxn/a
CVE-2002-0981
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 56.16%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)
Product-unixwareopenunixn/a
CVE-2022-21944
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.96%
||
7 Day CHG~0.00%
Published-26 Jan, 2022 | 09:10
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
watchman: chown in watchman@.socket unit allows symlink attack

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.

Action-Not Available
Vendor-openSUSESUSE
Product-suse_linux_enterprise_serverfactory_watchmanopenSUSE Backports SLE-15-SP3Factory
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2013-3709
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.03% / 6.18%
||
7 Day CHG~0.00%
Published-23 Dec, 2013 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.

Action-Not Available
Vendor-n/aNovellSUSE
Product-suse_lifecycle_management_serverwebyaststudio_onsiten/a
CVE-2017-17805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.34%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, IncSUSEopenSUSE
Product-linux_enterprise_desktoplinux_kernellinux_enterprise_serverleapdebian_linuxlinux_enterprise_server_for_raspberry_piubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-1097
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.94%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.

Action-Not Available
Vendor-n/aSUSERed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_enterprise_serverenterprise_mrglinux_enterprise_high_availability_extensionlinux_enterprise_desktoplinux_kernelenterprise_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-3692
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.17% / 38.47%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 08:50
Updated-16 Sep, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user news to root in the packaging of inn

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverfactoryinnbackports_sleleapSUSE Linux Enterprise Server 11FactoryLeap 15.1
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3695
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.12% / 31.27%
||
7 Day CHG~0.00%
Published-03 Mar, 2020 | 11:05
Updated-16 Sep, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
pcp: Local privilege escalation from user pcp to root

A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_software_development_kitlinux_enterprise_serverlinux_enterprise_high_performance_computingpcpleapSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise Software Development Kit 12-SP4SUSE Linux Enterprise Software Development Kit 12-SP5openSUSE Leap 15.1SUSE Linux Enterprise Module for Development Tools 15-SP1SUSE Linux Enterprise Module for Open Buildservice Development Tools 15SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Module for Development Tools 15SUSE Linux Enterprise Server for SAP 15
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-3694
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.13% / 33.12%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 10:50
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from munin to root in the packaging of munin

A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-muninfactoryleapFactoryLeap 15.1
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-18897
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.10% / 28.58%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 15:20
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user salt to root

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverleapFactorySUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3475
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-7.8||HIGH
EPSS-1.49% / 80.31%
||
7 Day CHG~0.00%
Published-20 Feb, 2019 | 22:00
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation in Filr famtd

A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

Action-Not Available
Vendor-Micro Focus International LimitedSUSE
Product-filrsuse_linux_enterprise_serverFilr
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-3691
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.74%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 16:00
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user munge to root

A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.

Action-Not Available
Vendor-openSUSESUSE
Product-factorysuse_linux_enterprise_servermungeFactorySUSE Linux Enterprise Server 15
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3693
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.18% / 39.52%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 10:05
Updated-17 Sep, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user wwwrun to root in the packaging of mailman

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_servermailmanbackports_sleleapSUSE Linux Enterprise Server 11Leap 15.1SUSE Linux Enterprise Server 12
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2017-15115
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.09%
||
7 Day CHG~0.00%
Published-15 Nov, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-linux_kernellinux_enterprise_serverdebian_linuxubuntu_linuxLinux kernel before 4.14-rc6
CWE ID-CWE-416
Use After Free
CVE-2011-1477
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 23.11%
||
7 Day CHG~0.00%
Published-21 Jun, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.

Action-Not Available
Vendor-n/aSUSELinux Kernel Organization, Inc
Product-linux_enterprise_desktoplinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3904
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-1.70% / 81.51%
||
7 Day CHG~0.00%
Published-06 Dec, 2010 | 20:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-02||The impacted product is end-of-life and should be disconnected if still in use.

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)SUSELinux Kernel Organization, IncopenSUSECanonical Ltd.Red Hat, Inc.
Product-linux_kernelubuntu_linuxopensuseenterprise_linuxlinux_enterprise_serverlinux_enterprise_real_time_extensionesxilinux_enterprise_desktopn/aKernel
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-31998
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.27%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 11:25
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
inn: %post calls user owned file allowing local privilege escalation to root

A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverinnbackports_sleleapSUSE Linux Enterprise Server 11-SP3openSUSE Backports SLE-15-SP2openSUSE Leap 15.2
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2010-3865
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.65%
||
7 Day CHG~0.00%
Published-11 Jan, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSESUSE
Product-linux_kernellinux_enterprise_real_timeopensuselinux_enterprise_high_availability_extensionn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2002-2259
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-18 Oct, 2007 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.

Action-Not Available
Vendor-gnuplotn/aSUSE
Product-gnuplotsuse_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found