Lucene search
K

446 matches found

OSV
OSV
added 2023/09/24 12:8 a.m.20 views

CVE-2023-1625 Information leak in api

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

7.4CVSS6.7AI score0.00709EPSS
Exploits1References8
Wired Threat Level
Wired Threat Level
added 2023/08/31 7:32 p.m.20 views

Apple's Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

Child safety group Heat Initiative plans to launch a campaign pressing Apple on child sexual abuse material scanning and user reporting. The company issued a rare, detailed response on Thursday...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2023/08/17 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-6293-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS5.2AI score0.00709EPSS
Exploits1References2
OSV
OSV
added 2023/08/16 12:17 p.m.7 views

USN-6293-1 heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS5.8AI score0.00709EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/08/16 12:17 p.m.55 views

USN-6293-1: OpenStack Heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS6.4AI score0.00709EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/08/16 12:0 a.m.26 views

Ubuntu 22.04 LTS : OpenStack Heat vulnerability (USN-6293-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6293-1 advisory. It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain...

7.4CVSS6.3AI score0.00709EPSS
Exploits1References2
Malwarebytes
Malwarebytes
added 2023/06/12 3:0 a.m.21 views

Strava heatmap loophole may reveal users' home addresses

Researchers at NC State University have outlined potential privacy issues with popular fitness app Strava which could lead to users' homes being pinpointed. The researchers' findings are detailed in a paper called Heat marks the spot: de-anonymising users' geographical data on the Strava heat map...

6.8AI score
Exploits0
OSV
OSV
added 2023/06/05 2:39 p.m.9 views

SUSE-SU-2023:2379-1 Security update for openstack-heat, python-Werkzeug

This update for openstack-heat, python-Werkzeug contains the following fixes: Security fixes included on this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment. bsc1209774 python-Werkzeug: - CVE-2023-25577:...

7.5CVSS7.5AI score0.0142EPSS
Exploits1References5
OSV
OSV
added 2023/06/05 2:38 p.m.10 views

SUSE-SU-2023:2378-1 Security update for openstack-heat, openstack-swift, python-Werkzeug

This update for openstack-heat, openstack-swift, python-Werkzeug contains the following fixes: Security fixes included in this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment bsc1209774. openstack-swift: -...

7.5CVSS6.9AI score0.0142EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.32 views

Ubuntu 18.04 LTS / 20.04 LTS : OpenStack Heat vulnerability (USN-6066-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6066-1 advisory. It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue t...

7.4CVSS6.3AI score0.00709EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/11 12:0 a.m.4 views

OpenStack 安全漏洞

OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack Heat. An authenticated remote user exploiting the vulnerability could gain access to sensitive data...

7.4CVSS6.4AI score0.00709EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2023/05/11 12:0 a.m.13 views

Ubuntu: Security Advisory (USN-6066-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS5.2AI score0.00709EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/05/10 11:18 a.m.46 views

USN-6066-1: OpenStack Heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS6.4AI score0.00709EPSS
Exploits1
OSV
OSV
added 2023/05/10 11:18 a.m.7 views

USN-6066-1 heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS5.8AI score0.00709EPSS
Exploits1References2
Veracode
Veracode
added 2023/04/28 1:53 a.m.23 views

Information Disclosure

openstack-heat is vulnerable to Information Disclosure. The vulnerability exists because the getenvironment function of service.py does not mask hidden parameter values, which allows an attacker to get sensitive data through the get stack environment API even when the encryptparametersandproperti...

7.4CVSS6.3AI score0.00709EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/03/28 1:50 a.m.3 views

SUSE CVE-2023-1625

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

8.8CVSS6.6AI score0.00709EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2023/03/27 12:0 a.m.29 views

CVE-2023-1625

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

7.4CVSS6.7AI score0.00709EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.4 views

PT-2023-17127

Name of the Vulnerable Software and Affected Versions OpenStack heat affected versions not specified Description An information leak was discovered in OpenStack heat, allowing a remote, authenticated attacker to use the 'stack show' command to reveal parameters that are supposed to remain hidden...

7.4CVSS6.7AI score0.00709EPSS
Exploits1References35
OSV
OSV
added 2023/03/27 12:0 a.m.3 views

UBUNTU-CVE-2023-1625

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

7.4CVSS5.8AI score0.00709EPSS
Exploits1References4
Schneier on Security
Schneier on Security
added 2023/03/24 9:6 p.m.10 views

Friday Squid Blogging: Creating Batteries Out of Squid Cells

This is fascinating: "When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its tentacle, it needs to regrow that tooth very rapidly, otherwise it can’t claw its prey," he explains. This was intriguing news ­ and it sparked an idea in Hopkins lab where he’d been...

6.5AI score
Exploits0
Rows per page
Query Builder