CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2023/03/06 12:0 a.m.•29 views

CVE-2022-3277

6.5CVSS5.3AI score0.00402EPSS

Exploits0

CNNVD•added 2023/03/06 12:0 a.m.•3 views

glance 安全漏洞

glance is a dictionary visualization repository open sourced by nlpweb. A security vulnerability exists in openstack-glance, which stems from a vulnerability that could allow an authenticated, remote attacker to tamper with images, thereby compromising the integrity of virtual machines created...

2.8CVSS5AI score0.00072EPSS

Exploits0References5

Vulnrichment•added 2023/03/06 12:0 a.m.•5 views

CVE-2022-4134

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images...

6.8AI score0.00072EPSS

Exploits0References3

CVE•added 2023/03/06 12:0 a.m.•99 views

CVE-2022-3277

CVE-2022-3277 affects OpenStack Neutron; an uncontrolled resource consumption flaw allows a remote authenticated user to query security groups for an invalid project, creating resources unconstrained by quotas and potentially causing a denial of service. The issue is tied to the OpenStack Neutron...

6.5CVSS6AI score0.00402EPSS

Exploits0References2Affected Software2

Cvelist•added 2023/03/06 12:0 a.m.•19 views

CVE-2022-4134

3.9AI score0.00072EPSS

Exploits0References3

CVE•added 2023/03/06 12:0 a.m.•92 views

CVE-2022-4134

CVE-2022-4134 affects OpenStack Glance. A flaw allows a remote, authenticated attacker to tamper with uploaded images, compromising the integrity of virtual machines created from those images. The available sources describe the vulnerable component as openstack-glance and confirm the impact is im...

2.8CVSS3.6AI score0.00072EPSS

Exploits0References3Affected Software2

Cvelist•added 2023/03/06 12:0 a.m.•17 views

CVE-2022-3277

6.6AI score0.00402EPSS

RedHat Linux•added 2023/02/28 3:49 p.m.•30 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (python-werkzeug) security update

An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.00366EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•24 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-glance) security update

An update for openstack-glance is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.7CVSS6.8AI score0.00615EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•2 views

openstack: Arbitrary file access through custom VMDK flat descriptor

A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized...

5.7CVSS7.3AI score0.00615EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•20 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-swift) security update

An update for openstack-swift is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS6.7AI score0.00247EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•11 views

openstack-swift: Arbitrary file access through custom S3 XML entities

A flaw was found in Swift's S3 XML parser. By supplying specially crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This issue impacts both s3api...

6.5CVSS5.8AI score0.00247EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•3 views

openstack: Arbitrary file access through custom VMDK flat descriptor

5.7CVSS7.3AI score0.00615EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•25 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-cinder) security update

An update for openstack-cinder is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.7CVSS6.8AI score0.00615EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•33 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.02514EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•23 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.7CVSS6.7AI score0.00615EPSS

RedHat Linux•added 2023/02/28 3:48 p.m.•2 views

openstack: Arbitrary file access through custom VMDK flat descriptor

5.7CVSS7.3AI score0.00615EPSS