CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7812 matches found

Positive Technologies•added 2017/04/27 12:0 a.m.•3 views

PT-2017-15467 · Openstack +1 · Openstack Identity Service +1

Name of the Vulnerable Software and Affected Versions: OpenStack Identity service keystone affected versions not specified Description: An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service. This issue allows an authenticated federated user to...

8.6CVSS6.4AI score0.02106EPSS

Exploits1References24

UbuntuCve•added 2017/04/27 12:0 a.m.•21 views

CVE-2017-2673

An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service keystone. An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles...

7.2CVSS6.8AI score0.02106EPSS

Exploits1References3

CNVD•added 2017/04/27 12:0 a.m.•3 views

OpenStack Keystone Security Bypass Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration and Rackspace, Inc. in the U.S. OpenStack Keystone is one of the projects used for authentication, providing identity, token, directory, and policy services. A security bypass...

7.2CVSS6.8AI score0.02106EPSS

Exploits1References1

OSV•added 2017/04/27 12:0 a.m.•1 views

UBUNTU-CVE-2017-2673

7.2CVSS6.9AI score0.02106EPSS

Exploits1References4

UbuntuCve•added 2017/04/21 3:59 p.m.•17 views

CVE-2016-6519

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

5.4CVSS6.1AI score0.01266EPSS

Exploits0References3

Prion•added 2017/04/21 3:59 p.m.•17 views

Cross site scripting

3.5CVSS5.6AI score0.01266EPSS

Exploits0References7Affected Software2

NVD•added 2017/04/21 3:59 p.m.•35 views

CVE-2016-6519

5.4CVSS5.1AI score0.01266EPSS

Exploits0References7

OSV•added 2017/04/21 3:59 p.m.•3 views

DEBIAN-CVE-2016-6519

5.4CVSS5AI score0.01266EPSS

Exploits0References1

OSV•added 2017/04/21 3:59 p.m.•1 views

UBUNTU-CVE-2016-6519

5.4CVSS6.1AI score0.01266EPSS

Exploits0References4

OSV•added 2017/04/21 3:59 p.m.•27 views

CVE-2016-6519

5.4CVSS5.3AI score

Exploits0References7

Debian CVE•added 2017/04/21 3:0 p.m.•23 views

CVE-2016-6519

5.4CVSS5.2AI score0.01266EPSS

Exploits0

Cvelist•added 2017/04/21 3:0 p.m.•36 views

CVE-2016-6519

5.1AI score0.01266EPSS

Exploits0References7

CVE•added 2017/04/21 3:0 p.m.•91 views

CVE-2016-6519

OpenStack Manila CVE-2016-6519 is a cross-site scripting (XSS) vulnerability in the Shares overview. The flaw allows remote authenticated users to inject arbitrary HTML/JavaScript via the Metadata field in the Create Share form, affecting Manila prior to 2.5.1. The issue arises in the web UI comp...

5.4CVSS5AI score0.01266EPSS

Exploits0References7Affected Software1

Huawei•added 2017/04/20 12:0 a.m.•67 views

Security Advisory - Buffer Overflow vulnerability in the FusionSphere OpenStack

The GaussDB of the FusionSphere OpenStack has a stack overflow vulnerability due to the lack of input validation on some parameters. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service DoS condition in the affected system...

6.3AI score0.00339EPSS

Exploits0Affected Software1

Prion•added 2017/04/12 10:59 p.m.•20 views

Security feature bypass

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...

5CVSS7.6AI score0.0291EPSS

Exploits0References5Affected Software2