7754 matches found
CVE-2023-3637 Openstack-neutron: unrestricted creation of security groups (fix for cve-2022-3277)
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
CVE-2023-3637 Openstack-neutron: unrestricted creation of security groups (fix for cve-2022-3277)
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
CVE-2023-3637
Summary: CVE-2023-3637 affects OpenStack Networking (neutron) within Red Hat OpenStack Platform. The flaw is an uncontrolled resource consumption vulnerability where a remote authenticated user can query a list of security groups for an invalid project, causing resources to be created and not con...
CVE-2023-3637
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
CVE-2023-3637
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
PT-2023-25557 · Openstack · Openstack Neutron
Name of the Vulnerable Software and Affected Versions: openstack-neutron affected versions not specified Description: An uncontrolled resource consumption flaw was found in openstack-neutron, allowing a remote authenticated user to query a list of security groups for an invalid project. This issu...
OpenStack openstack-neutron 资源管理错误漏洞
OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. A security vulnerability exists in OpenStack openstack-neutron that stems from the unrestricted creation of resources by querying a list of security groups for an invalid project, which can...
Ubuntu: Security Advisory (USN-6241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6241-1: OpenStack vulnerability
Jan Wasilewski and Gorka Eguileor discovered that OpenStack incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes, please see the upstream advisory and...
Ubuntu 22.04 LTS / 23.04 : OpenStack vulnerability (USN-6241-1)
The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6241-1 advisory. Jan Wasilewski and Gorka Eguileor discovered that OpenStack incorrectly handled deleted volume attachments. An authenticated user or attacker could possib...
SUSE: Security Advisory (SUSE-SU-2023:2844-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2023-3637
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
SUSE: Security Advisory (SUSE-SU-2023:2815-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:2816-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Virtuozzo Hybrid Infrastructure 5.4 Update 3 (5.4.3-100)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover core storage, the system configuration, updates, documentation, and the compute services. Additionally, this release delivers stability improvements and addresses issues found in previous releases...
SUSE: Security Advisory (SUSE-SU-2023:2624-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:2628-1 Security update for cloud-init
This update for cloud-init fixes the following issues: - CVE-2023-1786: Do not expose sensitive data gathered from the CSP. bsc1210277 - CVE-2022-2084: Fixed a bug which caused logging schema failures can include password hashes. bsc1210652 - Update to version 23.1 + Support transactional-updates...
Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities
Summary IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils CVE-2022-37601 is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone CVE-2021-3563 is vulnerable to bypass security restriction...
SUSE: Security Advisory (SUSE-SU-2023:2552-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Keystone 输入验证错误漏洞
Keystone is a powerful CMS for OpenStack open source. used to help you build and scale faster than any other Cms or application framework. Keystone versions prior to 7.0.0 have an input validation error vulnerability that stems from the inclusion of an open redirect. An attacker exploiting this...