Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7818 matches found

NVD
NVDadded 2018/09/10 7:29 p.m.42 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0References7
UbuntuCve
UbuntuCveadded 2018/09/10 7:29 p.m.21 views

CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS6.1AI score0.01173EPSS
Exploits0References1
Prion
Prionadded 2018/09/10 7:29 p.m.21 views

Design/Logic Flaw

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

4CVSS6.3AI score0.02527EPSS
Exploits0References7Affected Software2
OSV
OSVadded 2018/09/10 7:29 p.m.23 views

CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS5.3AI score0.01173EPSS
Exploits0References3
OSV
OSVadded 2018/09/10 7:29 p.m.2 views

UBUNTU-CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS5.8AI score0.01173EPSS
Exploits0References2
OSV
OSVadded 2018/09/10 7:29 p.m.2 views

DEBIAN-CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS5.3AI score0.01173EPSS
Exploits0References1
OSV
OSVadded 2018/09/10 7:29 p.m.4 views

UBUNTU-CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS5.8AI score0.02527EPSS
Exploits0References2
OSV
OSVadded 2018/09/10 7:29 p.m.37 views

PYSEC-2018-94

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS3.5AI score0.01173EPSS
Exploits0References4
OSV
OSVadded 2018/09/10 7:29 p.m.25 views

PYSEC-2018-93

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS3.7AI score0.02527EPSS
Exploits0References8
OSV
OSVadded 2018/09/10 7:29 p.m.31 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0References7
CVE
CVEadded 2018/09/10 7:0 p.m.66 views

CVE-2018-14620

CVE-2018-14620 affects openstack-rabbitmq-container and openstack-containers shipped with Red Hat OpenStack Platform 12–14. Root cause: the rabbitmq_clusterer component is fetched over HTTP during docker build without integrity validation, enabling an attacker to inject malicious code into the im...

9.8CVSS9.4AI score0.00597EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2018/09/10 7:0 p.m.21 views

CVE-2018-14620

The OpenStack RabbitMQ container image insecurely retrieves the rabbitmqclusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of openstack-rabbitmq-container...

4.7CVSS9.5AI score0.00597EPSS
Exploits0References3
Cvelist
Cvelistadded 2018/09/10 7:0 p.m.31 views

CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

5.3CVSS5.2AI score0.01173EPSS
Exploits0References3
Cvelist
Cvelistadded 2018/09/10 7:0 p.m.44 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.2AI score0.02527EPSS
Exploits0References7
CVE
CVEadded 2018/09/10 7:0 p.m.95 views

CVE-2018-14635

The CVE-2018-14635 vulnerability affects OpenStack Neutron’s ml2 Linux Bridge driver. The issue allows non-privileged tenants to create and attach ports without assigning an IP address, bypassing IP address validation. This can lead to a potential denial of service if an IP outside the allowed al...

6.5CVSS6.1AI score0.02527EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2018/09/10 7:0 p.m.55 views

CVE-2018-14636

The CVE-2018-14636 issue affects OpenStack Neutron components vulnerable to an eavesdropping risk during live migration. When live-migrated, the Open vSwitch integration bridge can remain connected to the guest being migrated, exposing traffic from all instances sharing the same OVS instance. The...

5.3CVSS5.1AI score0.01173EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2018/09/10 7:0 p.m.18 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0
OSV
OSVadded 2018/08/31 12:16 p.m.8 views

SUSE-SU-2018:2576-1 Security update for OpenStack

This update for OpenStack fixes the following issues: The following security issue with openstack-keystone has been fixed: - CVE-2018-14432: Reduce duplication in federated authentication APIs. bsc1102151 Additionally, the following non-security issues have been fixed: openstack-dashboard: - Fetc...

5.3CVSS5.4AI score0.01618EPSS
Exploits0References7
NVD
NVDadded 2018/08/27 5:29 p.m.46 views

CVE-2017-15139

A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive...

7.5CVSS6AI score0.01244EPSS
Exploits0References4
Prion
Prionadded 2018/08/27 5:29 p.m.16 views

Design/Logic Flaw

A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive...

5CVSS7.3AI score0.01244EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder