Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2220 matches found

NVD
NVDadded 2024/09/06 1:15 a.m.20 views

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS0.00274EPSS
Exploits0References3
CVE
CVEadded 2024/09/06 12:0 a.m.154 views

CVE-2024-44082

OpenStack Ironic and ironic-python-agent are affected by CVE-2024-44082 in image processing, allowing a crafted image to trigger undesired qemu-img behaviors and potentially expose data. Affected: Ironic before 26.0.1; Ironic (versions): =22.0.0 =23.1.0 =25.0.0 <26.0.1. Ironic-python-agent: =9...

4.3CVSS6.5AI score0.00274EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2024/09/06 12:0 a.m.24 views

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS6.5AI score0.00274EPSS
Exploits0
CNNVD
CNNVDadded 2024/09/06 12:0 a.m.4 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack program open-sourced by OpenStack. It is used to configure bare metal rather than virtual machines. A security vulnerability exists in OpenStack Ironic versions prior to 26.0.1 and ironic-python-agent versions prior to 9.13.1, which stems from an issue ...

4.3CVSS6.2AI score0.00274EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2024/09/06 12:0 a.m.22 views

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

6.4AI score0.00274EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/09/06 12:0 a.m.24 views

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

0.00274EPSS
Exploits0References3
OpenVAS
OpenVASadded 2024/09/06 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-6989-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.2AI score0.00274EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/09/05 12:0 a.m.18 views

Ubuntu 22.04 LTS / 24.04 LTS : OpenStack vulnerability (USN-6989-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6989-1 advisory. Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated...

4.3CVSS6.6AI score0.00274EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2024/09/04 4:4 p.m.32 views

USN-6989-1: OpenStack vulnerability

Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS6.5AI score0.00274EPSS
Exploits0
OSV
OSVadded 2024/09/04 4:4 p.m.3 views

USN-6989-1 ironic vulnerability

Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS5.8AI score0.00274EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/09/04 12:0 a.m.3 views

PT-2024-30939 · Openstack +3 · Openstack Ironic +4

Name of the Vulnerable Software and Affected Versions: OpenStack Ironic versions prior to 26.0.1 Ironic-python-agent versions prior to 9.13.1 Description: The issue concerns a vulnerability in image processing, where a crafted image could be used by an authenticated user to exploit undesired...

4.3CVSS6.4AI score0.00274EPSS
Exploits0References21
UbuntuCve
UbuntuCveadded 2024/09/04 12:0 a.m.22 views

CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS6.7AI score0.00274EPSS
Exploits0References2
OSV
OSVadded 2024/09/04 12:0 a.m.0 views

UBUNTU-CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS5.8AI score0.00274EPSS
Exploits0References3
Rosalinux
Rosalinuxadded 2024/09/03 12:11 p.m.20 views

Advisory ROSA-SA-2024-2474

software: libraw 0.20.2 OS: ROSA-CHROME packageevrstring: libraw-0.20.2-4 CVE-ID: CVE-2020-22628 BDU-ID: 2023-05897 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the LibRaw::stretch function of the LibRaw image processing library is related to an operation exceeding buffer boundaries in memory...

6.5CVSS7.6AI score0.00089EPSS
Exploits4
OSV
OSVadded 2024/07/25 11:55 p.m.2 views

USN-6200-2 imagemagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

5.5CVSS7AI score0.0011EPSS
Exploits2References3
OSV
OSVadded 2024/07/25 12:14 a.m.5 views

OSV-2024-679 Heap-buffer-overflow in readImage4v2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70554 Crash type: Heap-buffer-overflow WRITE 1 Crash state: readImage4v2 PCXHandler::read kimgiofuzzer.cc...

7.2AI score
Exploits0References1
OSV
OSVadded 2024/07/24 5:15 a.m.29 views

CVE-2024-40767

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

6.5CVSS6.4AI score0.00835EPSS
Exploits1References5
Cvelist
Cvelistadded 2024/07/24 12:0 a.m.29 views

CVE-2024-40767

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

0.00835EPSS
Exploits1References4
OSV
OSVadded 2024/07/15 12:17 p.m.15 views

RLSA-2024:4227 Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: buffer overflow in imagingcms.c CVE-2024-28219 For more details about...

6.5CVSS7.2AI score0.00354EPSS
Exploits0References2
Rockylinux
Rockylinuxadded 2024/07/15 12:17 p.m.14 views

python-pillow security update

An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...

6.7CVSS7.4AI score0.00354EPSS
Exploits0
Rows per page
Query Builder