EUVD-2014-3599

Malware in sbrugna...

Rust atom crate 竞争条件问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust atom crate, which stems from an insecure Send implementation that allows data contention across threads. No details of the vulnerability are provided at this time...

Authorization Bypass

cfme is vulnerable to authorization bypass. The vulnerability exists through an insecure send method...

Design/Logic Flaw

vmdb/app/controllers/applicationcontroller/performance.rb in Red Hat CloudForms 3.1 Management Engine CFME before 5.3 allows remote authenticated users to gain privileges via unspecified vectors, related to an "insecure send method."...

CVE-2014-3642

vmdb/app/controllers/applicationcontroller/performance.rb in Red Hat CloudForms 3.1 Management Engine CFME before 5.3 allows remote authenticated users to gain privileges via unspecified vectors, related to an "insecure send method."...

PT-2014-5433 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.3 Description: The issue allows remote authenticated users to gain privileges via unspecified vectors, related to an "insecure send method" in the vmdb/app/controllers/application controller/performance....

CFME: dangerous send method in performance.rb

It was found that Red Hat CloudForms contained an insecure send method that accepted user-supplied arguments. An authenticated user could use this flaw to modify the program flow in a way that could result in privilege escalation...