Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4669

Malware in sbrugna...

2.9CVSS6.4AI score0.00564EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0174

Malware in sbrugna...

2.1CVSS6.4AI score0.00409EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0175

Malware in sbrugna...

4.3CVSS6.4AI score0.00681EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-2055

Malware in sbrugna...

4.6CVSS6.4AI score0.00355EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-4668

Malware in sbrugna...

4.3CVSS6.4AI score0.00856EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2042

Malware in sbrugna...

7.5CVSS6.4AI score0.01661EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3114

Malware in sbrugna...

2.1CVSS6.4AI score0.0033EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/26 8:39 p.m.25 views

Security Bulletin: Openstack Compute (Nova) noVNC proxy

Summary Fix OpenStack Nova allowing a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the noVNC component. By modifying untrusted URL input using multiple backslashes, an attacker could exploit this vulnerability to redirect a victim to arbitrary website...

6.1CVSS1.8AI score0.26792EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/22 5:3 a.m.21 views

Security Bulletin: PowerVC is impacted by an Openstack Nova vulnerability which could leak consoleauth tokens into log files (CVE-2015-9543)

Summary An issue discovered in Openstack Nova can leak consoleauth tokens into log files which can be used by an attacker with access to service's log files to gain additional access in to the Openstack based deployment. Vulnerability Details CVEID: CVE-2015-9543 DESCRIPTION: OpenStack Nova could...

3.3CVSS1AI score0.00407EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/09 11:31 p.m.33 views

Security Bulletin: PowerVC is impacted by an OpenStack Neutron vulnerability related to security group rules (CVE-2019-10876)

Summary OpenStack Neutron is vulnerable to a denial of service, caused by a flaw in the neutron-openvswitch-agent. By creating two security groups with separate/overlapping port ranges, a remote authenticated attacker could exploit this vulnerability to prevent Neutron from being able to configur...

6.5CVSS0.4AI score0.01757EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/09 9:43 p.m.28 views

Security Bulletin: PowerVC is impacted by an OpenStack Neutron denial of service vulnerability (CVE-2018-14635)

Summary Openstack Neutron is vulnerable to a denial of service, caused by improper validation of user-supplied input. By using specially-crafted content, a remote authenticated attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details CVEID: CVE-2018-14635...

6.5CVSS1.6AI score0.02527EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/10 1:6 a.m.14 views

Security Bulletin: Ceilometer database access unrestricted in PowerVC (CVE-2015-1937)

Summary IBM PowerVC is using a ceilometer database that does not have authentication enabled. Vulnerability Details CVEID: CVE-2015-1937 DESCRIPTION: IBM PowerVC NoSQL database used by ceilometer is listening on the remote port and is configured to allow connections without any authentication. A...

7.5CVSS0.3AI score0.01661EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:2 a.m.23 views

Security Bulletin: Nova Filter Scheduler bypass through rebuild action (CVE-2017-16239)

Summary OpenStack Nova could allow a remote authenticated attacker to bypass security restrictions. By rebuilding an instance, an attacker could exploit this vulnerability to achieve Filter Scheduler bypass. Vulnerability Details CVE-ID: CVE-2017-16239 Description: OpenStack Nova could allow a...

6.5CVSS1.1AI score0.0141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:0 a.m.30 views

Security Bulletin: IBM PowerVC is impacted by OpenStack Compute denial of service vulnerability (CVE-2016-7498)

Summary If an authenticated user deletes an instance while it is in resize state, it will cause the original instance to not be deleted from the compute node it was running on. An attacker can use this to launch a denial of service attack. All Nova setups are affected. Vulnerability Details CVEID...

6.8CVSS1.5AI score0.03353EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:0 a.m.21 views

Security Bulletin: IBM PowerVC is impacted by python oslo.middleware package information disclosure (CVE-2017-2592)

Summary IBM PowerVC may disclose some sensitive values in an error message. Vulnerability Details CVEID: CVE-2017-2592 DESCRIPTION: The OpenStack python oslo.middleware package could allow a local authenticated attacker to obtain sensitive information by including sensitive data in the CatchError...

5.9CVSS0.00467EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:0 a.m.22 views

Security Bulletin: IBM PowerVC is impacted by OpenStack Glance server-side request forgery (CVE-2017-7200)

Summary IBM PowerVC may disclose some sensitive information while creating images with 'copyfrom' feature in the v1 Image Service API. Vulnerability Details CVEID: CVE-2017-7200 DESCRIPTION: OpenStack Glance is vulnerable to server-side request forgery, caused by a flaw in the 'copyfrom' feature ...

5.8CVSS0.6AI score0.02034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 11:59 p.m.26 views

Security Bulletin: IBM PowerVC is affected by vulnerability in OpenStack Nova (CVE-2017-7214)

Summary OpenStack Nova could allow an attacker to obtain sensitive information from logs. Vulnerability Details CVEID: CVE-2017-7214 DESCRIPTION: Legacy notification exception contexts appearing in OpenStack Nova's ERROR level logs may include sensitive information such as account passwords and...

9.8CVSS0.6AI score0.02283EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 11:54 p.m.17 views

Security Bulletin: IBM PowerVC - Local escalation of privilege vulnerability in DB2 for Linux (CVE-2016-5995)

Summary IBM PowerVC is impacted by Local escalation of privilege vulnerability in DB2 for Linux CVE-2016-5995 Vulnerability Details CVE-ID: CVE-2016-5995 Description: DB2 for Linux, Unix and Windows is vulnerable to a privilege escalation due to code being built with binaries with libraries in...

7.3CVSS1.3AI score0.00413EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 11:50 p.m.31 views

Security Bulletin: IBM PowerVC is impacted by OpenStack Nova information disclosure vulnerabilities (CVE-2015-1850, CVE-2015-7548)

Summary IBM PowerVC is impacted by OpenStack Nova information disclosure vulnerailities CVE-2015-1850, CVE-2015-7548 Vulnerability Details CVEID: CVE-2015-1850 DESCRIPTION: OpenStack Nova could allow a local attacker to obtain sensitive information, caused by the failure to provide input format t...

3.5CVSS0.8AI score0.01803EPSS
Exploits0Affected Software1
Prion
Prion
added 2015/07/01 10:59 a.m.15 views

Authentication flaw

IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code...

4.6CVSS7.2AI score0.00355EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder