Lucene search
+L

67 matches found

osv
osv
added 2021/05/26 9:15 p.m.3 views

UBUNTU-CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

5.5CVSS6.8AI score0.00347EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2021/05/26 9:15 p.m.26 views

CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

5.5CVSS6.8AI score0.00347EPSS
Exploits0References2
osv
osv
added 2021/05/26 12:15 p.m.18 views

CVE-2021-20178

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS5.3AI score
Exploits0References6
osv
osv
added 2021/05/26 12:15 p.m.6 views

UBUNTU-CVE-2021-20178

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS6.9AI score0.00337EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2021/05/26 12:15 p.m.32 views

CVE-2021-20178

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS6.8AI score0.00337EPSS
Exploits0References3
debiancve
debiancve
added 2021/05/26 12:0 a.m.24 views

CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

5.5CVSS7AI score0.00347EPSS
Exploits0
debiancve
debiancve
added 2021/05/26 12:0 a.m.23 views

CVE-2021-20178

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS7AI score0.00337EPSS
Exploits0
alpinelinux
alpinelinux
added 2021/05/26 12:0 a.m.48 views

CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

5.5CVSS6.3AI score0.00347EPSS
Exploits0
ptsecurity
ptsecurity
added 2021/02/23 12:0 a.m.5 views

PT-2022-9169

Name of the Vulnerable Software and Affected Versions ansible affected versions not specified Description A flaw in the ansible module discloses credentials in the console log by default when using the bitbucket pipeline variable module, allowing an attacker to steal bitbucket pipeline credential...

5.5CVSS8AI score0.00307EPSS
Exploits0References227
redhatcve
redhatcve
added 2021/01/15 4:17 p.m.37 views

CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

5.5CVSS1.2AI score0.00347EPSS
Exploits0References3
redhatcve
redhatcve
added 2021/01/13 2:19 p.m.44 views

CVE-2021-20180

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS2.5AI score0.00307EPSS
Exploits0References3
osv
osv
added 2020/11/12 2:17 p.m.29 views

SUSE-SU-2020:3309-1 Security update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron, openstack-nova, python-Django, python-Flask-Cors, python-Pillow, python-ardana-packager, python-keystoneclient, python-keystonemiddleware, python-kombu, python-straight-plugin, python-urllib3, release-notes-suse-openstack-cloud, storm, storm-kit, venv-openstack-cinder, venv-openstack-swift

This update for ansible, ardana-ansible, ardana-cinder, ardana-glance, ardana-mq, ardana-nova, ardana-osconfig, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, grafana-natel-discrete-panel, openstack-cinder, openstack-monasca-installer, openstack-neutron,...

9.8CVSS8.9AI score0.65336EPSS
Exploits33References112
cvelist
cvelist
added 2020/10/16 8:31 p.m.18 views

CVE-2020-1666 Junos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnection

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactiv...

6.6CVSS6.5AI score0.00328EPSS
Exploits0References1
zdt
zdt
added 2019/12/09 12:0 a.m.572 views

Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit

// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13...

10CVSS0.3AI score0.55874EPSS
Exploits15
veracode
veracode
added 2019/05/02 4:48 a.m.44 views

Denial Of Service (DoS)

The openstack-nova packages provide OpenStack Compute Nova, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible...

6CVSS9.2AI score0.04863EPSS
Exploits7References13Affected Software1
redhat
redhat
added 2015/01/27 6:46 p.m.4 views

chromium-browser: same-origin-bypass in V8

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS7.5AI score0.02563EPSS
Exploits0References5
cnvd
cnvd
added 2015/01/26 12:0 a.m.6 views

Google Chrome V8 Same Origin Bypass Vulnerability

Google Chrome is a popular WEB browser. A security vulnerability in Google Chrome V8 Harmony proxy allows attackers to bypass the same-origin policy by calling JavaScript code via specially crafted Proxy.create and console.log...

4.3CVSS6.9AI score0.02563EPSS
Exploits0References1
seebug
seebug
added 2013/12/13 12:0 a.m.14 views

SiteServer 3.6.4 /siteserver/cms/console_logSite.aspx SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
osv
osv
added 2013/10/29 10:55 p.m.3 views

DEBIAN-CVE-2013-4261

OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...

3.5CVSS6.9AI score0.01738EPSS
Exploits2References1
nvd
nvd
added 2013/10/24 3:48 a.m.28 views

CVE-2013-5191

The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions...

2.1CVSS5.2AI score0.00341EPSS
Exploits0References1
Rows per page
Query Builder