Lucene search
+L

35 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-1520

Malware in sbrugna...

6.5CVSS6.6AI score0.01106EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3970

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.01311EPSS
Exploits1References2
vulnersosv
vulnersosv
added 2025/03/24 9:30 p.m.6 views

org.opendaylight.faas:features4-faas (>=1.2.0-Carbon <=1.3.3), org.opendaylight.faas:odl-faas-all (>=1.2.0-Carbon <=1.3.3) +67 more potentially affected by CVE-2025-29315 via org.opendaylight.sfc:sfc-provider (>=0.0.1-Helium <=0.9.3)

org.opendaylight.sfc:sfc-provider MAVEN version =0.0.1-Helium, =1.2.0-Carbon, =1.2.0-Carbon, =1.2.0-Carbon, =1.0.0-Beryllium, =0.6.0, =0.5.0-Carbon, =0.5.0-Carbon, =0.5.0-Carbon, =0.5.0-Carbon, =0.6.0, =0.9.0, =0.9.0, =0.11.4 and more Source cves: CVE-2025-29315 Source advisory:...

9.8CVSS5.8AI score0.00378EPSS
Exploits0
snyk
snyk
added 2025/03/24 9:30 p.m.4 views

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to the use of insecure Shiro options secureCookies=False and httpOnly=False. An attacker in a MitM position can access sensitive information in transit. Remediation There is no fixed version for...

8.2CVSS6.5AI score0.00204EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2023/07/25 3:30 p.m.5 views

networking-bagpipe (>=8.0.1 <=10.0.1), networking-baremetal (=1.0.1) +8 more potentially affected by CVE-2023-3637 via neutron (>=12.1.1 <=15.3.4)

neutron PYPI version =12.1.1, =8.0.1, =15.0.0, =13.0.1, =5.1.0, =13.0.2, =13.0.2, =14.0.1, =14.3.0 Source cves: CVE-2023-3637 Source advisory: OSV:GHSA-R3JH-QHGJ-GVR8...

6.5CVSS6.4AI score0.00969EPSS
Exploits0
cve
cve
added 2022/11/27 12:0 a.m.68 views

CVE-2022-45930

OpenDaylight ODL prior to 0.16.5 is affected by a SQL injection in the AAA domain management path. Specifically, the deleteDomain function in DomainStore.java (aaa-idm-store-h2) handles /auth/v1/domains/ in a way that can allow arbitrary SQL execution. This is caused by the SQL construction/handl...

7.5CVSS7.9AI score0.00687EPSS
Exploits1References2Affected Software1
cve
cve
added 2022/11/27 12:0 a.m.70 views

CVE-2022-45932

OpenDaylight (ODL) AAA component contains a SQL injection in the deleteRole path of RoleStore.deleteRole, exploitable via the /auth/v1/roles/ API. Affects ODL versions prior to 0.16.5. The vulnerability can allow a malicious user to execute arbitrary SQL against the backend database. Remediation:...

7.5CVSS7.9AI score0.00599EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/11/27 12:0 a.m.37 views

CVE-2022-45930

A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface...

8.2AI score0.00687EPSS
Exploits1References2
vulnersosv
vulnersosv
added 2022/05/24 7:13 p.m.4 views

networking-bagpipe (>=8.0.1 <=10.0.1), networking-baremetal (=1.0.1) +8 more potentially affected by CVE-2021-40797 via neutron (>=12.1.1 <=15.3.4)

neutron PYPI version =12.1.1, =8.0.1, =15.0.0, =13.0.1, =5.1.0, =13.0.2, =13.0.2, =14.0.1, =14.3.0 Source cves: CVE-2021-40797 Source advisory: OSV:GHSA-CPX3-696P-3CW9...

6.5CVSS6.5AI score0.0176EPSS
Exploits1
osv
osv
added 2022/05/13 1:41 a.m.16 views

GHSA-GJQ3-997P-HG6F OpenDaylight NULL Pointer Dereference

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...

5.3CVSS5.2AI score0.01311EPSS
Exploits1References2
github
github
added 2022/05/13 1:41 a.m.24 views

OpenDaylight NULL Pointer Dereference

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...

5.3CVSS6.8AI score0.01311EPSS
Exploits1References3Affected Software1
redhat
redhat
added 2018/08/29 4:20 p.m.66 views

Moderate: Red Hat Security Advisory: opendaylight security and bug fix update

An update for OpenDaylight is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.9CVSS6.8AI score0.05119EPSS
Exploits0References13
redhat
redhat
added 2018/07/19 2:27 p.m.89 views

Important: Red Hat Security Advisory: openstack-tripleo-heat-templates security update

An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 13.0 Queens for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS7.3AI score0.0087EPSS
Exploits0References13
prion
prion
added 2018/04/27 4:29 p.m.13 views

Design/Logic Flaw

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

5CVSS6.7AI score0.01704EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2018/04/27 4:29 p.m.26 views

CVE-2015-1857

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

5.3CVSS5.1AI score0.01704EPSS
Exploits0References3
cvelist
cvelist
added 2018/04/27 4:0 p.m.23 views

CVE-2015-1857

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

5.1AI score0.01704EPSS
Exploits0References3
cve
cve
added 2018/04/27 4:0 p.m.50 views

CVE-2015-1857

CVE-2015-1857 concerns OpenDaylight Helium’s odl-mdsal-apidocs feature, where failure to enforce AAA restrictions enables remote disclosure of sensitive information. Root cause: insufficient authentication/authorization/logging controls. Impact: confidentiality exposure without explicit exploit o...

5.3CVSS5.1AI score0.01704EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2017/07/20 12:0 a.m.6 views

OpenDaylight odl-mdsal-xsql component resource management error vulnerability

OpenDaylight, a project of the Linux Foundation, is a community-driven, open-source software-defined networking framework that includes a collection of modules to perform networking tasks that need to be done quickly.OpenDaylight odl-mdsal-xsql is one of the XML-based query components used to...

5.3CVSS6.6AI score0.01311EPSS
Exploits1References1
cnvd
cnvd
added 2017/07/04 12:0 a.m.4 views

OpenDaylight odl-restconf Denial of Service Vulnerability

OpenDaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security vulnerability exists in odl-restconf...

6.5CVSS6.5AI score0.01106EPSS
Exploits1References1
redhatcve
redhatcve
added 2017/05/04 4:49 a.m.30 views

CVE-2017-1000360

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0...

5.3CVSS3.1AI score0.01311EPSS
Exploits1References1
Rows per page
Query Builder