6 matches found
SUSE CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
OpenStack Identity Keystone Improper Privilege Management
OpenStack Identity Keystone before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID...
CVE-2014-8267
CVE-2014-8267 is a reflected XSS vulnerability affecting QPR Portal 2014.1.1 and earlier, exploitable via the RID parameter. The issue, confirmed across multiple sources (NVD entry and CERT advisory), allows remote attackers to inject arbitrary script/HTML in the victim’s browser. The risk is des...
QPR Portal 'RID' Parameter Cross-Site Scripting Vulnerability
QPR Software Suite is a suite of business management and performance management products from the Finnish company QPR Software.QPR Portal is one of the portal products that provides features such as full-screen mode to introduce integrated navigation options, copy schematic location links and ope...
QPR Portal HTML Injection Vulnerability
QPR Software Suite is a suite of business management and performance management products from the Finnish company QPR Software.QPR Portal is one of the portal products that provides features such as full-screen mode to introduce integrated navigation options, copy schematic location links and ope...
UBUNTU-CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...