CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...

6.5CVSS6.7AI score0.01203EPSS

Exploits0References3

PyPA•added 2020/06/10 5:15 p.m.•6 views

PYSEC-2020-228

6.5CVSS6.8AI score0.01203EPSS

Exploits0References3Affected Software1

Cvelist•added 2020/06/10 3:55 p.m.•18 views

CVE-2020-10755

6.5CVSS6.3AI score0.01203EPSS

Exploits0References3

RedhatCVE•added 2018/08/21 9:18 a.m.•27 views

CVE-2017-15139

An information-leak flaw was found in openstack-cinder deployments using the third-party EMC ScaleIO backend. It was possible for new volumes to contain previous data if they were created from storage pools which had disabled zero-padding. An attacker could exploit this flaw to obtain sensitive...

7.5CVSS0.3AI score0.01244EPSS

Exploits0References2

CNVD•added 2018/03/28 12:0 a.m.•2 views

Dell EMC ScaleIO Denial of Service Vulnerability

Dell EMC ScaleIO is a software-defined solution for converting DAS storage into shared data block storage from Dell, Inc. A security vulnerability exists in Dell EMC ScaleIO versions prior to 2.5, which stems from the program failing to properly handle packet data. A remote attacker could exploit...

7.5CVSS6.7AI score0.0146EPSS

Exploits1References1

OSV•added 2018/03/27 9:29 p.m.•4 views

CVE-2018-1205

Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service. As a result, a remote attacker could potentially send specifically crafted packet data to the MDM service causing it to crash...

7.5CVSS5.8AI score0.0146EPSS

Exploits1References1

NVD•added 2018/03/27 9:29 p.m.•16 views

CVE-2018-1205

7.5CVSS7.4AI score0.0146EPSS

Exploits1References1

OSV•added 2018/03/27 9:29 p.m.•3 views

CVE-2018-1237

Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent LIA. This component is deployed on every server in the ScaleIO cluster and is used for central management of ScaleIO nodes. A remote malicious user, having...

9.8CVSS5.8AI score0.01585EPSS

Exploits1References1

Prion•added 2018/03/27 9:29 p.m.•15 views

Input validation

5CVSS9.3AI score0.01585EPSS

Exploits1References1Affected Software1

Prion•added 2018/03/27 9:29 p.m.•11 views

Code injection

5CVSS7.4AI score0.0146EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/03/27 9:0 p.m.•16 views

CVE-2018-1238

Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent LIA. This component is used for central management of ScaleIO deployment and uses shell commands for certain actions. A remote malicious user, with network access to LIA and knowledge...

7.8AI score0.01517EPSS

Exploits1References1

Cvelist•added 2018/03/27 9:0 p.m.•15 views

CVE-2018-1237

9.5AI score0.01585EPSS

Exploits1References1

OSV•added 2017/11/28 7:29 a.m.•4 views

CVE-2017-8001

An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the...

8.4CVSS5.8AI score0.0037EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by