Suse Linux Enterprise High Performance Computing vulnerabilities

CVE-2024-46956 [HIGH] CWE-125 CVE-2024-46956: An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data acc An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

CVE-2024-46953 [HIGH] CWE-190 CVE-2024-46953: An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflo An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

CVE-2024-46951 [HIGH] CWE-824 CVE-2024-46951: An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implemen An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

CVE-2024-46955 [MEDIUM] CWE-125 CVE-2024-46955: An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bo An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

CVE-2023-32182 [MEDIUM] CWE-59 CVE-2023-32182: A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux En A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Perfor

CVE-2022-27239 [HIGH] CWE-787 CVE-2022-27239: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-li In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2021-4034 [HIGH] CWE-787 CVE-2021-4034: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec applicat A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variabl

CVE-2020-8025 [MEDIUM] CWE-279 CVE-2020-8025: A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux En A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects