Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Suse Subscribe
Filtered by product Subscription Management Tool
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-12472 1 Suse 1 Subscription Management Tool 2019-10-09 6.4 MEDIUM 9.1 CRITICAL
A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
CVE-2018-12470 1 Suse 1 Subscription Management Tool 2019-10-09 7.5 HIGH 9.8 CRITICAL
A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
CVE-2018-12471 1 Suse 1 Subscription Management Tool 2019-10-09 6.4 MEDIUM 8.1 HIGH
A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.