CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2023/02/15 5:13 a.m.•1 views

SUSE CVE-2015-7713

OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...

5CVSS7AI score0.01522EPSS

SUSE CVE•added 2023/02/15 5:7 a.m.•2 views

SUSE CVE-2016-1973

Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service use-after-free via unspecified vectors...

8.8CVSS7.8AI score0.01001EPSS

Exploits0References14

SUSE CVE•added 2023/02/15 4:37 a.m.•1 views

SUSE CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

4.2CVSS6.8AI score0.00385EPSS

SUSE CVE•added 2023/02/15 4:28 a.m.•2 views

SUSE CVE-2018-10847

prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of...

8.8CVSS6.8AI score0.00264EPSS

SUSE CVE•added 2023/02/15 3:55 a.m.•2 views

SUSE CVE-2020-17376

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

7.6CVSS8.7AI score0.00385EPSS

Exploits1References6

SUSE CVE•added 2023/02/15 3:30 a.m.•2 views

SUSE CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

7.5CVSS9.1AI score0.00228EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:24 a.m.•1 views

SUSE CVE-2022-35970

TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...

7.5CVSS7.7AI score0.00064EPSS

Exploits0References3

OSV•added 2023/02/14 8:15 p.m.•1 views

CVE-2023-23382

Azure Machine Learning Compute Instance Information Disclosure Vulnerability...

6.5CVSS6.9AI score0.0148EPSS

NVD•added 2023/02/14 8:15 p.m.•11 views

CVE-2023-23382

Azure Machine Learning Compute Instance Information Disclosure Vulnerability...

6.5CVSS6.5AI score0.0148EPSS

ATTACKERKB•added 2023/02/14 8:15 p.m.•1 views

CVE-2023-23382

Azure Machine Learning Compute Instance Information Disclosure Vulnerability...

6.5CVSS6.8AI score0.0148EPSS

Exploits0References2Affected Software1

Prion•added 2023/02/14 8:15 p.m.•17 views

Information disclosure

Azure Machine Learning Compute Instance Information Disclosure Vulnerability...

4CVSS6.5AI score0.0148EPSS

CVE•added 2023/02/14 7:32 p.m.•104 views

CVE-2023-23382

CVE-2023-23382 affects Azure Machine Learning Compute Instance. Multiple sources describe an information-disclosure vulnerability in the Compute Instance that can be exploited remotely to access sensitive data. CVSSv3 base score is 6.5 (MEDIUM) with network access, low attack complexity and low p...

6.5CVSS6.5AI score0.0148EPSS

Vulnrichment•added 2023/02/14 7:32 p.m.•12 views

CVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure Vulnerability

...

6.5CVSS6.8AI score0.0148EPSS

Cvelist•added 2023/02/14 7:32 p.m.•14 views

CVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure Vulnerability

...

6.5CVSS7AI score0.0148EPSS

Kitploit•added 2023/02/03 11:30 a.m.•34 views

Aws-Security-Assessment-Solution - An AWS Tool To Help You Create A Point In Time Assessment Of Your AWS Account Using Prowler And Scout As Well As Optional AWS Developed Ransomware Checks

Self-Service Security Assessment too l Cybersecurity remains a very important topic and point of concern for many CIOs, CISOs, and their customers. To meet these important concerns, AWS has developed a primary set of services customers should use to aid in protecting their accounts. Amazon...

7.2AI score

Exploits0References11

NVD•added 2023/01/30 11:15 p.m.•14 views

CVE-2022-32518

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert Versions prior to V7.9.0...

9.8CVSS8.6AI score0.0038EPSS

Prion•added 2023/01/30 11:15 p.m.•16 views

Design/Logic Flaw

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert Versions prior to V7.9.0...

7.5CVSS9.2AI score0.0038EPSS

Prion•added 2023/01/30 11:15 p.m.•12 views

Design/Logic Flaw

7.5CVSS9.2AI score0.0038EPSS