33 matches found
EUVD-2019-15067
Malware in sbrugna...
EUVD-2017-6575
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-15114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd...
OpenStack Neutron overlapping security group rules prevents compute node network configuration
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those...
GHSA-JR9M-V5QH-MH2J OpenStack Neutron overlapping security group rules prevents compute node network configuration
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those...
Huawei FusionCompute Command Injection Vulnerability (CNVD-2021-84882)
Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...
Huawei FusionCompute 命令注入漏洞
Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...
FusionCompute 信息泄露漏洞
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. FusionCompute suffers from an information disclosure vulnerability that originates from improper storage of specific information ...
Huawei FusionCompute Input Validation Error Vulnerability
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An input validation error vulnerability exists in Huawei FusionCompute version 8.0.0. The vulnerability stems from inadequate inp...
Huawei FusionCompute Information Disclosure Vulnerability (CNVD-2020-46462)
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An information disclosure vulnerability exists in Huawei FusionCompute version 8.0.0, which originates from the program failing t...
Huawei FusionCompute Information Disclosure Vulnerability (CNVD-2020-46464)
Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. An information disclosure vulnerability exists in Huawei FusionCompute version 8.0.0, which originates from the program failing t...
Privilege Escalation
openshift-ansible is vulnerable to privilege escalation. A remote unauthenticated attacker could exploit the flawed SSL Certificate Authentication component to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down...
Code injection
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server...
CVE-2019-5492
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server...
CVE-2019-5492
CVE-2019-5492 affects Element Plug-in for vCenter Server prior to 4.2.3, with NetApp HCI Compute Node versions prior to 1.4P2 bundle affecting the same plug-in. The vulnerability is that it may disclose sensitive account information to an unauthenticated attacker. The available connected document...
CVE-2019-5492
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server...
Security Bulletin: IBM System x and Flex Systems OpenSSH Vulnerabilities (CVE-2012-0814, CVE-2008-5161)
Summary Older versions of OpenSSH, used by several System x and Flex Systems products, contain multiple vulnerabilities. Vulnerability Details Abstract Older versions of OpenSSH, used by several System x and Flex Systems products, contain multiple vulnerabilities. Content Vulnerability Details:...
kubernetes: authentication/authorization bypass in the handling of non-101 responses
A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...
kubernetes: authentication/authorization bypass in the handling of non-101 responses
A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...
Critical: Red Hat Security Advisory: OpenShift Container Platform 3.10 security update
An update is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...