Lucene search
K

350 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 3:9 a.m.22 views

OpenStack Glance Denial of service by creating a large number of images

OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by creating a large number of images using the task v2 API and then deleting them, a different...

4CVSS6.8AI score0.02101EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 3:5 a.m.20 views

OpenStack Glance improper validation of the image_size_cap configuration option

OpenStack Image Registry and Delivery Service Glance before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the imagesizecap configuration option, which allows remote authenticated users to cause a denial of service disk consumption by...

4CVSS6.8AI score0.02127EPSS
Exploits0References12Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:59 a.m.38 views

OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption

The image parser in OpenStack Cinder prior to 7.0.2, and 8.0.0 and above, prior to 9.0.0; Glance prior to 14.00; and Nova prior to 12.0.4 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image. This iss...

7.8CVSS6.7AI score0.03062EPSS
Exploits1References16Affected Software3
OSV
OSV
added 2022/05/14 1:59 a.m.4 views

GHSA-PJVW-P2V5-WF6Q OpenStack Nova Long server names grow nova-api log files significantly

OpenStack Compute Nova Essex before 2011.3 allows remote authenticated users to cause a denial of service Nova-API log file and disk consumption via a long server name...

4CVSS6AI score0.02073EPSS
Exploits1References9
OSV
OSV
added 2022/05/14 1:58 a.m.19 views

GHSA-MFMJ-GWG3-VHW7 OpenStack Compute (nova) allows remote authenticated users to cause a denial of service

OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...

6.8CVSS6.1AI score0.03353EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2022/05/14 1:58 a.m.34 views

OpenStack Compute (nova) allows remote authenticated users to cause a denial of service

OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...

6.8CVSS6AI score0.03353EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 1:58 a.m.38 views

OpenStack Nova DoS through ephemeral disk backing files

The libvirt driver in OpenStack Compute Nova before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service disk consumption by creating and deleting instances with unique ostype settings, which triggers the creation of a new ephemeral disk backing...

4CVSS6.7AI score0.0202EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/05/14 1:58 a.m.9 views

GHSA-HRV9-4X4C-9JC8 OpenStack Nova DoS through ephemeral disk backing files

The libvirt driver in OpenStack Compute Nova before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service disk consumption by creating and deleting instances with unique ostype settings, which triggers the creation of a new ephemeral disk backing...

4CVSS5.9AI score0.0202EPSS
Exploits0References8
OSV
OSV
added 2022/05/14 1:8 a.m.37 views

GHSA-G63P-MFCM-54C4 OpenStack Nova VMware instance leak potentially leading to compute DoS

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

4CVSS6AI score0.02006EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/14 1:8 a.m.20 views

OpenStack Nova VMware instance leak potentially leading to compute DoS

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

4CVSS6.7AI score0.02006EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2020/12/06 4:3 a.m.11 views

Denail Of Service (DoS)

Polygen is vulnerable to denial of service. Precompiled grammar objects with world-writable permissions that are generated allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...

2.1CVSS4.2AI score0.00326EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.25 views

EulerOS Virtualization 3.0.6.0 : git (EulerOS-SA-2020-1714)

According to the version of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via...

5.5CVSS6.3AI score0.01641EPSS
Exploits1References2
Mageia
Mageia
added 2020/04/01 1:56 a.m.38 views

Updated sympa packages fix security vulnerability

Updated sympa packages fix security vulnerability: Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters CVE-2020-9369...

7.5CVSS5.4AI score0.02915EPSS
Exploits0References2
OSV
OSV
added 2020/02/24 6:15 p.m.22 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.7AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2020/02/24 6:15 p.m.20 views

CVE-2020-9369

Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service disk consumption from temporary files, and a flood of notifications to listmasters via a series of requests with malformed parameters...

7.5CVSS6.9AI score0.02915EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2019-1843)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.01641EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/11/12 7:7 a.m.25 views

CVE-2019-16892

A vulnerability in Rubyzip, versions prior to 1.3.0, allows a crafted ZIP file to bypass application checks on ZIP entry sizes. This allows an attacker to spoof data regarding the uncompressed size of the ZIP file, causing a denial of service due to disk consumption. Availability of the system is...

7.1CVSS4.5AI score0.01581EPSS
Exploits1References3
OSV
OSV
added 2019/09/30 4:5 p.m.25 views

GHSA-5M2V-HC64-56H6 Rubyzip denial of service

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption...

5.5CVSS5.3AI score0.01581EPSS
Exploits1References14
CNVD
CNVD
added 2019/09/26 12:0 a.m.3 views

Rubyzip Resource Management Error Vulnerability

Rubyzip is a Ruby library for reading and writing zip files. Rubyzip is vulnerable to a resource management error. An attacker can exploit this vulnerability to cause a denial of service disk consumption with the help of specially crafted ZIP files...

7.1CVSS7.5AI score0.01581EPSS
Exploits1References1
OSV
OSV
added 2019/09/25 10:15 p.m.25 views

CVE-2019-16892

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service disk consumption...

5.5CVSS5.3AI score
Exploits0References7
Rows per page
Query Builder