Lucene search
K

27 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...

5CVSS6.7AI score0.00406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in the Ansible Engine when using the moduleargs feature. Tasks executed with the --check-mode option do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The greatest threat posed by this vulnerability is...

5.5CVSS6.8AI score0.00407EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Ansible

A flaw was identified in the use of insufficiently random values in Ansible. Two random password lookups of the same length result in the generation of the same value as the template caching action for the same file, since no re-evaluation occurs. The greatest risk posed by this vulnerability is...

5.5CVSS6.5AI score0.00435EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-12570

Malware in sbrugna...

9CVSS8.6AI score0.01269EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0010

Malware in sbrugna...

7.5CVSS7.8AI score0.02458EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0016

Malware in sbrugna...

7.8CVSS6.8AI score0.00587EPSS
Exploits0References27
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18793

Malware in sbrugna...

7.5CVSS7.4AI score0.00998EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-0004

Malware in sbrugna...

9.8CVSS8.6AI score0.0353EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21136

Malicious code in bioql PyPI...

3.1CVSS6.6AI score0.00099EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-3182

Malicious code in bioql PyPI...

6.3CVSS6.9AI score0.00248EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-1734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by...

7.4CVSS6.6AI score0.00444EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-8775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occu...

5.5CVSS6.5AI score0.00269EPSS
Exploits0References3
OSV
OSV
added 2025/07/11 1:15 p.m.11 views

CVE-2025-53862

A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information...

3.5CVSS5.7AI score0.00177EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 1:15 p.m.21 views

CVE-2025-53862

A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information...

3.5CVSS0.00177EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 1:15 p.m.13 views

CVE-2025-53861

A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks allowing attackers to read transmitted data...

3.1CVSS0.00099EPSS
Exploits0References2
CVE
CVE
added 2025/07/11 12:34 p.m.45 views

CVE-2025-53862

CVE-2025-53862 affects Red Hat Ansible. The vulnerability arises from three API endpoints that expose verbose, unauthenticated responses, enabling access to potentially sensitive information. Severity is low (CVSS 3.1: 3.5, ADJACENT access, low privileges, no user interaction). Public references ...

3.5CVSS6.4AI score0.00177EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/03/28 2:5 p.m.50 views

CVE-2025-2877 Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in eda

A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...

6.5CVSS0.00379EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2016-8614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible before version 2.2.0. The aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP ke...

7.5CVSS6.8AI score0.02458EPSS
Exploits1References1
Amazon
Amazon
added 2024/01/08 12:0 a.m.9 views

Medium: ansible-core

Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...

7.8CVSS7AI score0.00539EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-10729

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords a...

5CVSS9AI score0.00435EPSS
Exploits1References6
Rows per page
Query Builder