20 matches found
EUVD-2021-26892
Malware in sbrugna...
EUVD-2021-1313
Malware in sbrugna...
EUVD-2021-26897
Malware in sbrugna...
EUVD-2021-7697
Malicious code in bioql PyPI...
CVE-2021-20260
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-20260
CVE-2021-20260 affects the Foreman project, specifically the Datacenter plugin, where the API exposes the password to an authenticated local attacker with the view_hosts permission. This yields potential impacts to confidentiality, integrity, and availability. The NVD entry rates it as high (CVSS...
CVE-2021-3590
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-3590
The CVE-2021-3590 entry concerns the Foreman project, where a credential leak could expose the Azure Compute Profile password through the JSON output of the API. The described impact affects data confidentiality, integrity, and availability. There are no concrete remediation steps or exploit spec...
CVE-2021-3590
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability o...
Remote code execution
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability o...
CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability o...
CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability o...
GHSA-F2RP-4RV7-FC95 Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Versions of...
Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Versions...
CVE-2021-3590
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-20259
A vulnerability in foreman_fog_proxmox (CVE-2021-20259) allows an authenticated local attacker with view_hosts permission to access the Proxmox compute resource password via the API, compromising confidentiality, integrity, and availability. Affected: foreman_fog_proxmox versions prior to 0.13.1....
CVE-2021-20259
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-20260
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Foreman Information Disclosure Vulnerability
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides service provisioning, configuration management, and status reporting. An information disclosure vulnerability exists in Foreman project, which can be exploited by a local attacker to expose...