71 matches found
PYSEC-2026-437 Openstack Magnum Unsafe Credential Handling
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform...
EUVD-2017-18957
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234
CVE-2017-20234 affects GarrettCom Magnum 6K and 10K managed switches, where an authentication bypass exists due to a hardcoded string in the authentication mechanism. The vulnerability allows unauthenticated attackers to access administrative functions and sensitive switch configuration without v...
Belden GarrettCom Magnum 6K和Belden GarrettCom Magnum 10K 信任管理问题漏洞
Both the Belden GarrettCom Magnum 6K and the Belden GarrettCom Magnum 10K are modular industrial Ethernet switches produced by the American company Belden. Both devices have vulnerabilities related to trust management. These vulnerabilities stem from hardcoded strings within the authentication...
PT-2026-30258
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
EUVD-2012-2992
Malware in sbrugna...
EUVD-2015-3973
Malware in sbrugna...
EUVD-2022-2957
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-7404
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL...
SUSE CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...
Remote Code Execution (RCE)
magnum is vulnerable to Remote Code Execution RCE. The vulnerability is due to a race condition bug within certmanager.py, which allows a remote attacker to execute arbitrary code...
GHSA-JX7X-9R98-H5XR OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...
CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...
CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...
CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...
UBUNTU-CVE-2024-28718
An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the certmanager.py. component...