Lucene search
K

221 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.7 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.34 views

CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

5.9CVSS0.00601EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 10:16 p.m.12 views

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

7.7CVSS0.00262EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-46066

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 35.0.2 Description An issue allows Boot Script Injection of an iPXE script, which is a network boot firmware used to boot computers from a network. This occurs if an attacker is able to set the node.driver in...

7.7CVSS5.4AI score0.00262EPSS
Exploits0References19
CVE
CVE
added 2026/06/03 12:0 a.m.22 views

CVE-2026-46447

OpenStack Ironic

7.7CVSS5.8AI score0.00262EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application developed under the OpenStack open source framework. It is used to configure bare machines rather than virtual machines. OpenStack Ironic versions 35.0.x and earlier contain security vulnerabilities, which stem from a vulnerability that allo...

7.7CVSS5.2AI score0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.9 views

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.34 views

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

5.8CVSS0.00262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo. CVE-2026-46447 Note...

7.7CVSS5.9AI score0.00262EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/20 7:57 p.m.9 views

CVE-2026-44916

In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...

3CVSS5.8AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 3:32 a.m.5 views

GHSA-4G73-W726-53H3 OpenStack Ironic: Pre-Validation Checksum Calculation allows Denial of Service (DoS) via Infinite Block Devices

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

4.3CVSS5.8AI score0.00466EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/14 3:32 a.m.13 views

OpenStack Ironic: Pre-Validation Checksum Calculation allows Denial of Service (DoS) via Infinite Block Devices

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS5.8AI score0.00466EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/05/14 2:17 a.m.14 views

CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS0.00466EPSS
Exploits1References3
OSV
OSV
added 2026/05/14 2:17 a.m.5 views

DEBIAN-CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS5.8AI score0.00466EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/05/14 2:17 a.m.9 views

CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

4.3CVSS5.8AI score0.00466EPSS
Exploits1References3
OSV
OSV
added 2026/05/14 2:17 a.m.6 views

UBUNTU-CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS5.8AI score0.00466EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-44919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS5.9AI score0.00466EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/05/14 12:0 a.m.9 views

CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

6.5CVSS5.8AI score0.00466EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/14 12:0 a.m.37 views

CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

4.3CVSS0.00466EPSS
Exploits1References3
Rows per page
Query Builder