Lucene search
K

71 matches found

OSV
OSV
added 3 days ago5 views

PYSEC-2026-437 Openstack Magnum Unsafe Credential Handling

OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform...

9.8CVSS7.2AI score0.01867EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/04 12:31 a.m.2 views

EUVD-2017-18957

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS5.9AI score0.00455EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 11:17 p.m.7 views

CVE-2017-20234

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS0.00455EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/03 10:49 p.m.15 views

CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS0.00455EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/03 10:49 p.m.3 views

CVE-2017-20234

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS5.9AI score0.00455EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/03 10:49 p.m.2 views

CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS5.9AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2026/04/03 10:49 p.m.11 views

CVE-2017-20234

CVE-2017-20234 affects GarrettCom Magnum 6K and 10K managed switches, where an authentication bypass exists due to a hardcoded string in the authentication mechanism. The vulnerability allows unauthenticated attackers to access administrative functions and sensitive switch configuration without v...

9.8CVSS5.9AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.7 views

Belden GarrettCom Magnum 6K和Belden GarrettCom Magnum 10K 信任管理问题漏洞

Both the Belden GarrettCom Magnum 6K and the Belden GarrettCom Magnum 10K are modular industrial Ethernet switches produced by the American company Belden. Both devices have vulnerabilities related to trust management. These vulnerabilities stem from hardcoded strings within the authentication...

9.8CVSS5.8AI score0.00455EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30258

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS5.9AI score0.00455EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2992

Malware in sbrugna...

7.7CVSS6.4AI score0.00433EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-3973

Malware in sbrugna...

4.3CVSS6.4AI score0.01487EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2957

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01867EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-7404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL...

9.8CVSS8.2AI score0.01867EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/04/15 11:12 p.m.12 views

SUSE CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

9.8CVSS8AI score0.01063EPSS
Exploits1References3
Veracode
Veracode
added 2024/04/15 10:42 a.m.14 views

Remote Code Execution (RCE)

magnum is vulnerable to Remote Code Execution RCE. The vulnerability is due to a race condition bug within certmanager.py, which allows a remote attacker to execute arbitrary code...

9.8CVSS8.4AI score0.01063EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2024/04/12 3:37 p.m.7 views

GHSA-JX7X-9R98-H5XR OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

6.3CVSS9.7AI score0.01063EPSS
Exploits1References9
NVD
NVD
added 2024/04/12 1:15 p.m.11 views

CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

9.8CVSS7.5AI score0.01063EPSS
Exploits1References3
OSV
OSV
added 2024/04/12 1:15 p.m.3 views

CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

9.8CVSS7.6AI score0.01063EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/04/12 1:15 p.m.17 views

CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

9.8CVSS7.4AI score0.01063EPSS
Exploits1References4
OSV
OSV
added 2024/04/12 1:15 p.m.1 views

UBUNTU-CVE-2024-28718

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...

9.8CVSS7.7AI score0.01063EPSS
Exploits1References5
Rows per page
Query Builder