Lucene search
K

231 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-0025

Malware in sbrugna...

6.8CVSS6.1AI score0.01585EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0067

Malware in sbrugna...

9.1CVSS8.7AI score0.02464EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3715

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.02836EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45147

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00367EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14023

Malicious code in bioql PyPI...

2.8CVSS5.5AI score0.00155EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-44021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious...

2.8CVSS5.9AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-10141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in...

9.1CVSS8.1AI score0.02464EPSS
Exploits0References2
OSV
OSV
added 2025/05/08 6:30 p.m.9 views

GHSA-Q3M2-CRGQ-5P3Q OpenStack Ironic fails to restrict paths used for file:// image URLs

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS6.8AI score0.00155EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/05/08 6:30 p.m.42 views

OpenStack Ironic fails to restrict paths used for file:// image URLs

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS6.5AI score0.00155EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2025/05/08 5:16 p.m.10 views

PYSEC-2025-38

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS6.8AI score0.00155EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/08 5:16 p.m.3 views

DEBIAN-CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS5.6AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 5:16 p.m.6 views

PYSEC-2025-38

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS6.8AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2025/05/08 5:16 p.m.45 views

CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS0.00155EPSS
Exploits0References3
OSV
OSV
added 2025/05/08 5:16 p.m.1 views

UBUNTU-CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS5.8AI score0.00155EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/05/08 12:0 a.m.9 views

CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS3.8AI score0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/08 12:0 a.m.38 views

CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/08 12:0 a.m.5 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack program open-sourced by OpenStack. It is used to configure bare metal rather than virtual machines. A security vulnerability exists in OpenStack Ironic versions prior to 29.0.1, which stems from an unexpected file that may be written to the target node...

2.8CVSS5.4AI score0.00155EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/08 12:0 a.m.2 views

PT-2025-20397 · Openstack +1 · Openstack Ironic +1

Name of the Vulnerable Software and Affected Versions: OpenStack Ironic versions prior to 24.1.3 OpenStack Ironic versions prior to 26.1.1 OpenStack Ironic versions prior to 29.0.1 Description: The issue allows a malicious project assigned as a node owner to provide a path to any local file...

2.8CVSS5.2AI score0.00155EPSS
Exploits0References23
CVE
CVE
added 2025/05/08 12:0 a.m.86 views

CVE-2025-44021

OpenStack Ironic prior to 29.0.1 is vulnerable to a local-file write during image handling when a deployment is performed via the API. A malicious project assigned as a node owner can supply a path to a local file (readable by ironic-conductor), which may then be written to the target node’s disk...

2.8CVSS3.8AI score0.00155EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/05/08 12:0 a.m.9 views

CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

2.8CVSS5.6AI score0.00155EPSS
Exploits0
Rows per page
Query Builder