| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-43756 | Rancher/Wrangler: Denial of service when processing Git credentials | SUSE | Rancher | Medium | 5.9 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43757 | Rancher: Exposure of sensitive fields | SUSE | Rancher | Critical | 9.9 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43758 | Rancher: Command injection in Git package | SUSE | Rancher | High | 7.6 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43759 | Rancher: Privilege escalation via promoted roles | SUSE | Rancher | High | 7.2 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2023-22643 | libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls | SUSE | SUSE Linux Enterprise Server for SAP 15-SP3 | Medium | 6.3 | 2023-02-07 00:00:00 | Deep Dive |
| CVE-2022-43754 | SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do | SUSE | SUSE Linux Enterprise Module for SUSE Manager Server 4.2 | Low | 2.6 | 2022-11-10 07:30:19 | Deep Dive |
| CVE-2022-43753 | SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload | SUSE | SUSE Linux Enterprise Module for SUSE Manager Server 4.2 | Medium | 4.3 | 2022-11-10 07:30:18 | Deep Dive |
| CVE-2022-31255 | SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction | SUSE | SUSE Linux Enterprise Module for SUSE Manager Server 4.2 | Medium | 4.3 | 2022-11-10 07:30:17 | Deep Dive |
| CVE-2022-31256 | sendmail: mail to root privilege escalation via sm-client.pre script | SUSE | openSUSE Factory | High | 7.7 | 2022-10-26 08:55:09 | Deep Dive |
| CVE-2022-31252 | permissions: chkstat does not check for group-writable parent directories or target files in safeOpen() | SUSE | SUSE Linux Enterprise Server 12-SP5 | Medium | 4.4 | 2022-10-06 17:14:05 | Deep Dive |
| CVE-2022-31251 | slurm: %post for slurm-testsuite operates as root in user owned directory | SUSE | openSUSE Factory | Medium | 6.5 | 2022-09-07 08:55:09 | Deep Dive |
| CVE-2022-31247 | Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB) | SUSE | Rancher | Critical | 9.1 | 2022-09-07 08:20:18 | Deep Dive |
| CVE-2021-36783 | Rancher: Failure to properly sanitize credentials in cluster template answers | SUSE | Rancher | Critical | 9.9 | 2022-09-07 08:20:17 | Deep Dive |
| CVE-2021-36782 | Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object | SUSE | Rancher | Critical | 9.9 | 2022-09-07 08:20:16 | Deep Dive |
| CVE-2022-31248 | SUMA user enumeration via weak error message | SUSE | SUSE Manager Server 4.1 | Medium | 5.3 | 2022-06-22 10:05:13 | Deep Dive |
| CVE-2022-21952 | SUMA unauthenticated remote DoS via resource exhaustion | SUSE | SUSE Manager Server 4.1 | High | 7.5 | 2022-06-22 10:05:12 | Deep Dive |
| CVE-2022-21951 | Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden | SUSE | Rancher | Medium | 6.8 | 2022-05-25 08:15:22 | Deep Dive |
| CVE-2022-21949 | Multiple XXE vulnerabilities in OBS | SUSE | Open Build Service | High | 8.8 | 2022-05-03 07:50:09 | Deep Dive |
| CVE-2021-4200 | Write access to the Catalog for any user when restricted-admin role is enabled | SUSE | Rancher | Medium | 5.4 | 2022-05-02 07:05:16 | Deep Dive |
| CVE-2021-36784 | Privilege escalation for users with create/update permissions in Global Roles | SUSE | Rancher | High | 7.2 | 2022-05-02 07:05:14 | Deep Dive |