Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7799 matches found

UbuntuCve
UbuntuCveadded 2013/11/23 6:55 p.m.41 views

CVE-2013-6384

1 impldb2.py and 2 implmongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information the DB2 or MongoDB password by reading the log file...

1.9CVSS5.9AI score0.0041EPSS
Exploits1References3
Prion
Prionadded 2013/11/23 6:55 p.m.13 views

Design/Logic Flaw

1 impldb2.py and 2 implmongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information the DB2 or MongoDB password by reading the log file...

1.9CVSS6.3AI score0.0041EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2013/11/23 6:0 p.m.23 views

CVE-2013-6384

1 impldb2.py and 2 implmongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information the DB2 or MongoDB password by reading the log file...

5.8AI score0.0041EPSS
Exploits1References3
CVE
CVEadded 2013/11/23 6:0 p.m.45 views

CVE-2013-6384

CVE-2013-6384 affects OpenStack Ceilometer 2013.2 and earlier. When logging level is INFO, impl_db2.py and impl_mongodb.py log the ceilometer.conf connection string, enabling local users to read sensitive information (DB2 or MongoDB password) from the log file. Multiple sources (SUSE, Ubuntu, Deb...

1.9CVSS6AI score0.0041EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2013/11/23 6:0 p.m.16 views

CVE-2013-6384

1 impldb2.py and 2 implmongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information the DB2 or MongoDB password by reading the log file...

1.9CVSS5.7AI score0.0041EPSS
Exploits1
OSV
OSVadded 2013/11/23 5:55 p.m.3 views

DEBIAN-CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

2.1CVSS6.6AI score0.00338EPSS
Exploits0References1
OSV
OSVadded 2013/11/23 5:55 p.m.9 views

CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

6.3AI score
Exploits0References3
OSV
OSVadded 2013/11/23 5:55 p.m.2 views

DEBIAN-CVE-2013-6858

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.6AI score0.01734EPSS
Exploits0References1
NVD
NVDadded 2013/11/23 5:55 p.m.30 views

CVE-2013-6858

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.5AI score0.01734EPSS
Exploits0References6
NVD
NVDadded 2013/11/23 5:55 p.m.26 views

CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

2.1CVSS6.4AI score0.00338EPSS
Exploits0References3
OSV
OSVadded 2013/11/23 5:55 p.m.5 views

CVE-2013-6858

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

5.4AI score
Exploits0References9
Prion
Prionadded 2013/11/23 5:55 p.m.19 views

Design/Logic Flaw

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

2.1CVSS6.9AI score0.00338EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2013/11/23 5:55 p.m.40 views

CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

2.1CVSS5.9AI score0.00338EPSS
Exploits0References1
Prion
Prionadded 2013/11/23 5:55 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.5AI score0.01734EPSS
Exploits0References6Affected Software3
Cvelist
Cvelistadded 2013/11/23 5:0 p.m.37 views

CVE-2013-6858

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

5.3AI score0.01734EPSS
Exploits0References6
CVE
CVEadded 2013/11/23 5:0 p.m.69 views

CVE-2013-6858

CVE-2013-6858 affects OpenStack Horizon (OpenStack Dashboard) 2013.2 and earlier. The root cause is improper sanitization of the Instance Name, enabling cross-site scripting (XSS) on the Volumes and Network Topology pages. Multiple advisories (Ubuntu USN-2062-1, Red Hat RHSA-2014:0365, Debian/OSV...

4.3CVSS5.4AI score0.01734EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2013/11/23 5:0 p.m.47 views

CVE-2013-4354

The CVE-2013-4354 entry concerns OpenStack Image Registry and Delivery Service (Glance) before version 2.1. The vulnerability arises from the API allowing a local user to add the tenant as a member of an image, enabling injection of images into arbitrary tenants. Affected component is the Glance ...

2.1CVSS6.6AI score0.00338EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2013/11/23 5:0 p.m.34 views

CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

6.3AI score0.00338EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2013/11/23 5:0 p.m.19 views

CVE-2013-4354

The API before 2.1 in OpenStack Image Registry and Delivery Service Glance makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image...

2.1CVSS6.4AI score0.00338EPSS
Exploits0
Debian CVE
Debian CVEadded 2013/11/23 5:0 p.m.27 views

CVE-2013-6858

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.5AI score0.01734EPSS
Exploits0
Rows per page
Query Builder