CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3786 matches found

OSV•added 2012/07/17 9:55 p.m.•4 views

PYSEC-2012-40

The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...

6.8AI score

Exploits0References6

CVE•added 2012/07/17 9:0 p.m.•71 views

CVE-2012-3371

The CVE refers to OpenStack Nova (Compute) scheduler vulnerability in Folsom (2012.2) and Essex (2012.1). When scheduler filters DifferentHostFilter or SameHostFilter are enabled, remote authenticated users can trigger a denial of service by sending requests with many repeated IDs in the os:sched...

3.5CVSS6.1AI score0.00881EPSS

Exploits1References6Affected Software3

Cvelist•added 2012/07/17 9:0 p.m.•28 views

CVE-2012-3371

6AI score0.00881EPSS

Exploits1References6

Debian CVE•added 2012/07/17 9:0 p.m.•24 views

CVE-2012-3371

3.5CVSS5.9AI score0.00881EPSS

Exploits1

Ubuntu•added 2012/07/11 5:25 p.m.•46 views

USN-1501-1: Nova vulnerability

Dan Prince discovered that the Nova scheduler, when using DifferentHostFilter or SameHostFilter, would make repeated database instance lookup calls based on passed scheduler hints. An authenticated attacker could use this to cause a denial of service...

3.5CVSS5.3AI score0.00881EPSS

Exploits1

UbuntuCve•added 2012/07/11 3:0 p.m.•26 views

CVE-2012-3371

3.5CVSS5.9AI score0.00881EPSS

Exploits1References2

securityvulns•added 2012/07/09 12:0 a.m.•80 views

[USN-1497-1] Nova vulnerabilities

========================================================================== Ubuntu Security Notice USN-1497-1 July 03, 2012 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

5.5CVSS0.9AI score0.01381EPSS

Exploits2

Ubuntu•added 2012/07/03 4:47 p.m.•55 views

USN-1497-1: Nova vulnerabilities

Matthias Weckbecker discovered that, when using the OpenStack API to setup libvirt-based hypervisors, an authenticated user could inject files in arbitrary locations on the file system of the host running Nova. A remote attacker could use this to gain root privileges. This issue only affects Ubun...

5.5CVSS5.6AI score0.01381EPSS

Exploits2

UbuntuCve•added 2012/07/03 3:0 p.m.•23 views

CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...

5.5CVSS6AI score0.01381EPSS

Exploits1References2

UbuntuCve•added 2012/07/03 3:0 p.m.•29 views

CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

5.5CVSS6AI score0.01377EPSS

Exploits1References2

Fedora•added 2012/06/26 12:50 a.m.•30 views

[SECURITY] Fedora 17 Update: openstack-nova-2012.1-10.fc17

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

4.3CVSS2.4AI score0.01178EPSS

Exploits1

Fedora•added 2012/06/22 6:55 p.m.•41 views

[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-10.fc16

4.3CVSS2.4AI score0.01178EPSS

Exploits2

NVD•added 2012/06/21 3:55 p.m.•10 views

CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

4.3CVSS6.5AI score0.01178EPSS

Exploits1References9

OSV•added 2012/06/21 3:55 p.m.•1 views

DEBIAN-CVE-2012-2654

4.3CVSS7AI score0.01178EPSS

Exploits1References1

OSV•added 2012/06/21 3:55 p.m.•6 views

CVE-2012-2654

6.5AI score

Exploits0References11

PyPA•added 2012/06/21 3:55 p.m.•3 views

PYSEC-2012-37

4.3CVSS7AI score0.01178EPSS

Exploits1References11Affected Software1

Prion•added 2012/06/21 3:55 p.m.•14 views

Design/Logic Flaw

4.3CVSS7.1AI score0.01178EPSS

Exploits1References9Affected Software3

OSV•added 2012/06/21 3:55 p.m.•3 views

PYSEC-2012-37

7.3AI score

Exploits0References9

CVE•added 2012/06/21 3:0 p.m.•53 views

CVE-2012-2654

CVE-2012-2654 affects OpenStack Compute (Nova) EC2 and OS APIs in Folsom, Essex, and Diablo releases. The vulnerability arises from improper protocol validation when creating security groups if the network protocol isn’t specified in lowercase, allowing remote attackers to bypass access restricti...

4.3CVSS6.5AI score0.01178EPSS

Exploits1References9Affected Software3

Debian CVE•added 2012/06/21 3:0 p.m.•25 views

CVE-2012-2654

4.3CVSS6.4AI score0.01178EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by