Vulnerabilidades en SUSE
194 resultadosCVE-2024-52283MEDIUMMissing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users that view a certain projectEPSS 0.3%CVE-2023-32192HIGHRancher API Server Cross-site Scripting VulnerabilityEPSS 0.3%CVE-2018-17956LOWPassword exposed in process listingEPSS 0.3%CVE-2025-62879MEDIUMRancher Backup Operator pod's logs leak S3 tokensEPSS 0.3%CVE-2025-54468MEDIUMRancher sends sensitive information to external services through the `/meta/proxy` endpointEPSS 0.3%CVE-2017-9271MEDIUMproxy credentials written to log files by zypperEPSS 0.3%CVE-2019-3688MEDIUMsquid: /usr/sbin/pinger packaged with wrong permissionEPSS 0.3%CVE-2026-44942MEDIUMlibzypp .repo files can have an optional path which can lead to path traversal attacksEPSS 0.3%CVE-2024-49504HIGHgrub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted ImagesEPSS 0.3%CVE-2025-66001HIGHNeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)EPSS 0.3%CVE-2018-19636HIGHLocal root exploit via inclusion of attacker controlled shell scriptEPSS 0.3%CVE-2021-31998MEDIUMinn: %post calls user owned file allowing local privilege escalation to rootEPSS 0.3%CVE-2020-8013LOWpermissions: chkstat sets unintended setuid/capabilities for mrsh and wodimEPSS 0.3%CVE-2021-25316LOWLocal DoS of VM live migration due to use of static tmp files in detach_disks.sh in s390-toolsEPSS 0.3%CVE-2019-3682HIGHInsecure API port exposed to all Master Node guest containersEPSS 0.3%CVE-2018-17955LOWStatic tempfile name allows overwriting of arbitrary filesEPSS 0.3%CVE-2018-17954CRITICALcrowbar provision leaks admin password to all nodes in cleartextEPSS 0.3%CVE-2021-32001MEDIUMK3s/RKE2 bootstrap data is encrypted with empty string if user does not supply a tokenEPSS 0.3%CVE-2020-8027HIGHopenldap uses fixed paths in /tmpEPSS 0.3%CVE-2018-19640MEDIUMCode execution if run with command line switch -vEPSS 0.3%