CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5762

Malicious code in bioql PyPI...

4CVSS9.2AI score0.06113EPSS

Exploits2References15

SUSE CVE•added 2023/02/15 4:55 a.m.•2 views

SUSE CVE-2016-9605

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...

6.1CVSS6.9AI score0.00305EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 4:20 a.m.•1 views

SUSE CVE-2018-1000225

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting XSS vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to...

9.8CVSS8.9AI score0.00268EPSS

Exploits0References11

OpenVAS•added 2022/03/23 12:0 a.m.•19 views

Fedora: Security Advisory for cobbler (FEDORA-2022-0c6402a6a3)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.4AI score0.00043EPSS

Exploits1References2

Fedora•added 2022/03/11 2:15 p.m.•35 views

[SECURITY] Fedora 34 Update: cobbler-3.2.2-10.fc34

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing...

7.8CVSS2.9AI score0.00043EPSS

Exploits1

Huntr•added 2022/03/02 3:26 p.m.•40 views

Improper Authorization

Description When configuring cobbler-web to authentificate via PAM. The authorization of a account validity is missing. Therefore expired accounts can still login. Proof of Concept Enable authnpam in the modules.conf Create a testuser to login $ useradd expireduser $ passwd expireduser 12345 $...

6.4CVSS2.1AI score0.00743EPSS

Exploits1References1

Fedora•added 2021/10/02 1:28 a.m.•32 views

[SECURITY] Fedora 34 Update: cobbler-3.2.2-2.fc34

9.8CVSS2.9AI score0.93171EPSS

Exploits0

OpenVAS•added 2021/10/02 12:0 a.m.•18 views

Fedora: Security Advisory for cobbler (FEDORA-2021-3a640d3d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.93171EPSS

Exploits0References2

Fedora•added 2021/09/29 12:21 a.m.•35 views

[SECURITY] Fedora 35 Update: cobbler-3.2.2-2.fc35

9.8CVSS2.9AI score0.93171EPSS

Exploits0

OpenVAS•added 2020/01/09 12:0 a.m.•30 views

Fedora Update for cobbler FEDORA-2019-502f1a2c67

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.36048EPSS

Exploits0References2

Fedora•added 2019/09/11 9:18 p.m.•39 views

[SECURITY] Fedora 29 Update: cobbler-2.8.5-0.1.fc29

9.8CVSS9.1AI score0.60008EPSS

Exploits0

Fedora•added 2018/12/05 2:36 a.m.•31 views

[SECURITY] Fedora 29 Update: cobbler-2.8.4-5.fc29

9.8CVSS9.1AI score0.60008EPSS

Exploits0

Prion•added 2018/08/22 9:29 p.m.•14 views

Input validation

4.3CVSS7AI score0.00305EPSS

Exploits0References1Affected Software1

OSV•added 2018/08/22 9:29 p.m.•1 views

CVE-2016-9605

6.1CVSS5.8AI score0.00305EPSS

Exploits0References1

CNVD•added 2018/08/22 12:0 a.m.•1 views

Cobbler Cross-Site Scripting Vulnerability

Cobbler is a network installation server suite that makes it possible to quickly set up a Linux network installation environment. A cross-site scripting vulnerability exists in cobbler-web in Cobbler 2.0.0+ and prior versions. A remote attacker can exploit this vulnerability by sending an...

6.1CVSS7.4AI score0.00268EPSS

Exploits0References1

Fedora•added 2018/06/20 2:49 p.m.•37 views

[SECURITY] Fedora 28 Update: cobbler-2.8.3-2.fc28

10CVSS9.1AI score0.0095EPSS

Exploits1

Fedora•added 2018/06/20 1:55 p.m.•36 views

[SECURITY] Fedora 27 Update: cobbler-2.8.3-2.fc27

10CVSS9.1AI score0.0095EPSS

Exploits1

Fedora•added 2014/07/28 3:24 a.m.•28 views

[SECURITY] Fedora 19 Update: cobbler-2.6.3-1.fc19

4CVSS2.7AI score0.06113EPSS

Exploits2

Tenable Nessus•added 2014/06/13 12:0 a.m.•27 views

openSUSE Security Update : cobbler (openSUSE-SU-2012:0557-1)

Specially crafted YAML could allow attackers to execute arbitrary code due to the use of yaml.load instead of yaml.safeload. Cobbler-web was prone to Cross-Site-Request-Forgery CSRF %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

8.8CVSS7.9AI score0.00706EPSS

Exploits0References7

Tenable Nessus•added 2014/06/13 12:0 a.m.•32 views

openSUSE Security Update : cobbler (openSUSE-SU-2011:0277-1)

/var/log/cobbler/ directory was owned by the web service user. Access to this account could potentially be abused to corrupt files during root filesystem operations by the Cobbler daemon CVE-2011-1551. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

6.9CVSS5.4AI score0.00036EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by