CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

487 matches found

Prion•added 2014/04/15 2:55 p.m.•25 views

Design/Logic Flaw

The Nova EC2 API security group implementation in OpenStack Compute Nova 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for 1 addrules, 2 removerules, 3 destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows...

6CVSS7AI score0.01634EPSS

Exploits1References3Affected Software1

Debian CVE•added 2014/04/15 2:0 p.m.•28 views

CVE-2014-0167

6CVSS6.5AI score0.01634EPSS

Exploits1

Veeam•added 2013/07/09 12:0 a.m.•28 views

Veeam Backup Temporary Snapshot

Challenge A snapshot named VEEAM BACKUP TEMPORARY SNAPSHOT is found on a VMware Virtual Machine. Cause As detailed in the Veeam Backup & Replication User Guide, a snapshot is created on a VM that is being processed by a Veeam job. This creation of this snapshot causes the VM's base disks to be in...

6.7AI score

Exploits0

ThreatPost•added 2012/11/16 4:11 p.m.•14 views

VMware Security Update Fixes DoS, Other Vulnerabilities

Virtualization software maker VMware shipped a security update for its vSphere API yesterday that resolved a denial of service vulnerability in ESX and ESXi, as well as adding a number of open source security updates to the ESX Service Console. The patch affects the following releases: VMware ESX...

0.4AI score

Exploits0References3

Prion•added 2011/02/14 9:0 p.m.•32 views

Cross site request forgery (csrf)

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

6.8CVSS6.8AI score0.01589EPSS

Exploits1References12Affected Software1