7800 matches found
OpenStack multiple security vulnerabilities
Ceilometer information leakage, Neutron information leakage and DoS, Glance DoS, Horizon crossite scripting, Keystone restrictions bypass and privilege escalation, Nova timing attacks...
[USN-2323-1] OpenStack Horizon vulnerabilities
========================================================================== Ubuntu Security Notice USN-2323-1 August 21, 2014 horizon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-2322-1] OpenStack Glance vulnerability
========================================================================== Ubuntu Security Notice USN-2322-1 August 21, 2014 glance vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-2325-1] OpenStack Nova vulnerability
========================================================================== Ubuntu Security Notice USN-2325-1 August 21, 2014 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
DEBIAN-CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
Cross site scripting
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
CVE-2014-3594
CVE-2014-3594 affects OpenStack Horizon (Host Aggregates UI). The vulnerability allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name in the Host Aggregates interface, affecting Horizon releases before 2013.2.4, 2014.1 before 2014.1.2, and Juno before J...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
Ubuntu 14.04 LTS : OpenStack Ceilometer vulnerability (USN-2311-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2311-2 advisory. USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Tenable has extracted the preceding descripti...
Ubuntu 14.04 LTS : OpenStack Glance vulnerability (USN-2322-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2322-1 advisory. Thomas Leaman and Stuart McLaren discovered that OpenStack Glance did not properly honor the imagesizecap configuration option. A remote authenticated attacker...
Ubuntu: Security Advisory (USN-2324-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2321-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2325-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2323-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2311-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : OpenStack Horizon vulnerabilities (USN-2323-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2323-1 advisory. Jason Hullinger discovered that OpenStack Horizon did not properly perform input sanitization on Heat templates. If a user were tricked into using a...
Ubuntu 14.04 LTS : OpenStack Neutron vulnerabilities (USN-2321-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2321-1 advisory. Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacke...