Lucene search
+L

66 matches found

cvelist
cvelist
added 2020/05/06 11:43 p.m.43 views

CVE-2020-12689

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...

8.4AI score0.01562EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2020/05/06 12:0 a.m.3 views

PT-2020-13206 · Openstack +1 · Openstack Keystone +1

Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to 15.0.1 OpenStack Keystone version 16.0.0 Description: An issue allows any user authenticated within a limited scope to create an EC2 credential with escalated permission, such as obtaining admin while the...

8.8CVSS6.7AI score0.04918EPSS
Exploits0References31
prion
prion
added 2017/05/26 4:29 p.m.13 views

Authorization

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organizations can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global...

6.5CVSS8.6AI score0.01588EPSS
Exploits0References3Affected Software1
osv
osv
added 2017/05/26 4:29 p.m.18 views

CVE-2017-7505

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organizations can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global...

8.8CVSS6.7AI score
Exploits0References3
cvelist
cvelist
added 2017/05/26 4:0 p.m.20 views

CVE-2017-7505

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organizations can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global...

8.7AI score0.01588EPSS
Exploits0References3
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

ezContents 2.0.3 showpoll.php GLOBALS[admin_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

7.1AI score
Exploits0
Rows per page
Query Builder