Lucene search
K

1517 matches found

Chainguard
Chainguard
added 2026/06/23 8:17 a.m.13 views

GHSA-3J69-69WJ-XQX2 vulnerabilities

Vulnerabilities for packages: openstack-glance-2026.1-fips, openstack-horizon-2025.2-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-placement-2025.2-fips, openstack-placement-2025.2, openstack-horizon-2026.1-fips, openstack-keystone-2026.1, openstack-glance-2025.1,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

CVE-2026-54911 vulnerabilities

Vulnerabilities for packages: openstack-glance-2026.1-fips, openstack-horizon-2025.2-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-placement-2025.2-fips, openstack-placement-2025.2, openstack-horizon-2026.1-fips, openstack-keystone-2026.1, openstack-glance-2025.1,...

6.5CVSS6.1AI score0.00272EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.21 views

GHSA-6V7P-G79W-8964 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, openstack-glance-2026.1-fips, dask-kubernetes-fips, openstack-horizon-2025.2-fips, openstack-glance-2025.2-fips, openstack-horizon-2025.1, openstack-placement-2025.2-fips, openstack-placement-2025.2, openstack-tempest-2026.1,...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-55748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some...

6CVSS6.1AI score0.0019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/18 8:48 a.m.8 views

CVE-2026-55748

A flaw was found in OpenStack Horizon. This vulnerability allows a highly privileged remote attacker, with user interaction, to craft a project name containing shell metacharacters. When scripts for OpenStack RC file downloading are produced, these metacharacters may be processed, potentially...

6CVSS5AI score0.0019EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/17 6:35 p.m.12 views

OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/17 6:35 p.m.6 views

GHSA-6WRM-X65G-HR4P OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.4AI score0.0019EPSS
Exploits0References4
NVD
NVD
added 2026/06/17 3:17 p.m.12 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 3:17 p.m.7 views

UBUNTU-CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.8AI score0.0019EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/17 2:12 p.m.7 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS
Exploits0
EUVD
EUVD
added 2026/06/17 2:12 p.m.10 views

EUVD-2026-37723

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.4AI score0.0019EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 2:12 p.m.15 views

CVE-2026-55748

OpenStack Horizon prior to 25.7.4 can generate scripts for downloading OpenStack RC files where a crafted project name containing shell metacharacters is possible. The description notes this as a security hardening opportunity rather than a vulnerability, and the CVSS 3.1 metrics indicate a MEDIU...

6CVSS5.4AI score0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 2:12 p.m.30 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/06 10:1 p.m.109 views

Exploit for CVE-2019-5513

VMware Horizon /broker/xml Vulnerability Scanner !Security...

5.3CVSS5.6AI score0.01232EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.58 views

SEC-Bench Pro: Can Language Models Solve Long-Horizon Software Security Tasks?

Large language models LLMs now support automated software security tasks, including vulnerability discovery and proof-of-concept PoC generation. Existing benchmarks do not faithfully evaluate LLMs in real-world bug hunting scenarios because they rely on fuzzing harnesses, target-specific...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/06 8:20 a.m.9 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/05 6:33 p.m.17 views

OpenStack Horizon has Incorrect Behavior Order

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/05 6:33 p.m.8 views

EUVD-2026-27406

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.02864EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/05 6:33 p.m.12 views

Incorrect Behavior Order

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order due to a write operation to the session storage backend occurring before authentication. An attacker can exhaust storage resources by sending unauthenticated requests. Remediation Upgrade horizon to version 25.7...

6.9CVSS5.8AI score0.00365EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 6:33 p.m.6 views

GHSA-VXVF-XVM3-P8J5 OpenStack Horizon has Incorrect Behavior Order

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0References5
Rows per page
Query Builder