CVE-2015-2687

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

Moderate: Red Hat Security Advisory: openstack-nova and python-novaclient security, bug fix, and enhancement update

An update for openstack-nova and python-novaclient is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

An update for openstack-nova is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

rhosp-director: libvirtd is deployed with no authentication

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

Low: Red Hat Security Advisory: openstack-heat security and bug fix update

An update for openstack-heat is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: eap7-jboss-ec2-eap security update

An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scori...

Intel NUC and Compute Stick DCI Local Information Disclosure Vulnerability

Intel NUC is Intel's Intel miniature PC, which is equivalent to a small desktop, convenient for you to work, study and play in any room. A local information disclosure vulnerability exists in Intel NUC and Compute Stick DCI. An attacker with physical access could exploit the vulnerability to obta...

Intel NUC and Compute Stick DCI Local Information Disclosure Vulnerability (CNVD-2017-10730)

Intel NUC is Intel's Intel micro PC, which is equivalent to a small desktop, convenient for you to work, study and play in any room. A local information disclosure vulnerability exists in Intel NUC and Compute Stick DCI. An attacker with physical access could exploit the vulnerability to obtain...

CVE-2017-2637

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

CVE-2017-5684

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information...

Information disclosure

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information...

CVE-2017-5684

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information...

CVE-2017-5684

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information...

CVE-2017-5684

The CVE-2017-5684 entry concerns BIOS-related information disclosure on Intel Compute Stick systems built on 6th Gen Intel Core processors. Affected condition: BIOS versions prior to CC047 may allow an attacker with physical access to the system to gain access to personal information. The issue i...

Google Cloud Platform Compute Engine Instance Metadata Enumeration (Windows)

Binary data enumerategooglecomputeenginewin.nbin...

Intel® NUC and Intel® Compute Stick DCI Disable

Summary: Intel® NUC and Intel® Compute Stick systems based on 6th Gen Intel® Core™ processors do not have DCI debug capability properly locked for BIOS only access. This would allow an attacker with physical possession of the system to potentially enable DCI from outside the BIOS. Description:...

Google Cloud Platform Compute Engine Instance Metadata Enumeration (Unix)

The remote host appears to be a Google Compute Engine instance. Nessus was able to use the metadata API to collect information about the system. TRUSTED...

DblTekGoIPPwn - Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, execute remote commands botnet style, and generate responses to challenges

Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. The Vulnerability On March 2nd, 2017, Trustwave...

Moderate: Red Hat Security Advisory: openstack-cinder, openstack-glance, and openstack-nova security update

An update for openstack-nova, openstack-cinder, openstack-glance, and python-oslo-concurrency is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scorin...

openstack-nova/glance/cinder: Malicious image may exhaust resources

A resource vulnerability in the OpenStack Compute nova, Block Storage cinder, and Image glance services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host...