Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7796 matches found

Tenable Nessus
Tenable Nessusadded 2024/11/04 12:0 a.m.8 views

RHEL 6 : openstack-neutron (RHSA-2015:0044)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0044 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...

4CVSS5.5AI score0.03936EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2024/11/04 12:0 a.m.15 views

RHEL 6 : kernel (RHSA-2013:1080)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1080 advisory. Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network...

7.2CVSS6.2AI score0.01022EPSS
Exploits4References27
Tenable Nessus
Tenable Nessusadded 2024/11/04 12:0 a.m.13 views

RHEL 6 : Django (RHSA-2014:0456)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0456 advisory. The Django web framework is used by horizon, the OpenStack Dashboard, which is a web interface for managing OpenStack services. A flaw was...

10CVSS6.3AI score0.05603EPSS
Exploits0References9
RedHat Linux
RedHat Linuxadded 2024/10/30 1:12 a.m.21 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.19 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8CVSS6.7AI score0.01262EPSS
Exploits0References14
Virtuozzo
Virtuozzoadded 2024/10/29 12:0 a.m.21 views

Virtuozzo Hybrid Infrastructure 6.3 (6.3.0-170)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service and our ecosystem of backup and disaster recovery solutions. Additionally, this release delivers stability and security improvements, and addresses issues found in previous releases...

7.5AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2024/10/16 8:30 p.m.0 views

openstack-ironic: Specially crafted image may allow authenticated users to gain access to potentially sensitive data

A vulnerability was found in OpenStack Ironic. This flaw allows an authenticated user to use a specially crafted image to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS5.7AI score0.00545EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2024/10/09 7:34 p.m.35 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.36 security update

Red Hat OpenShift Container Platform release 4.15.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

7.3CVSS7.3AI score0.8833EPSS
Exploits16References15
Veracode
Veracodeadded 2024/10/09 4:34 a.m.3 views

Man-in-the-middle(MitM)

OpenStack Ironic is vulnerable to Man-in-the-middleMitM. The vulnerability is due to the lack of checksum validation on the supplied imagesource URLs, allows for the possibility of malicious actors manipulating the image data during the conversion process...

5.3CVSS6.6AI score0.00661EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVEadded 2024/10/07 5:58 a.m.13 views

CVE-2024-47211

A flaw was found in OpenStack Ironic. The lack of checksum verification allows an attacker with access to the images to modify an image without the change noticed by OpenStack. This issue leads to integrity issues in the image. Mitigation Mitigation for this issue is either not available or the...

6.3CVSS7AI score0.00661EPSS
Exploits0References3
OSV
OSVadded 2024/10/04 6:31 p.m.13 views

GHSA-8H22-6QWX-Q4W9 OpenStack Ironic fails to verify checksums of supplied image_source URLs

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

6.9CVSS5.4AI score0.00661EPSS
Exploits0References9
Github Security Blog
Github Security Blogadded 2024/10/04 6:31 p.m.20 views

OpenStack Ironic fails to verify checksums of supplied image_source URLs

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS6.8AI score0.00661EPSS
Exploits0References9Affected Software1
NVD
NVDadded 2024/10/04 6:15 p.m.20 views

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS0.00661EPSS
Exploits0References5
OSV
OSVadded 2024/10/04 6:15 p.m.10 views

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS6.8AI score
Exploits0References5
OSV
OSVadded 2024/10/04 6:15 p.m.5 views

DEBIAN-CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS6.3AI score0.00661EPSS
Exploits0References1
OSV
OSVadded 2024/10/04 6:15 p.m.1 views

UBUNTU-CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS5.8AI score0.00661EPSS
Exploits0References6
Cvelist
Cvelistadded 2024/10/04 12:0 a.m.15 views

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

0.00661EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/10/04 12:0 a.m.17 views

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

7.2AI score0.00661EPSS
Exploits0References4
CVE
CVEadded 2024/10/04 12:0 a.m.98 views

CVE-2024-47211

The CVE-2024-47211 issue in OpenStack Ironic is due to lack of checksum validation for image_source URLs when converting images to raw format for streaming. Affected ranges include OpenStack Ironic releases before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x...

5.3CVSS6.7AI score0.00661EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/10/04 12:0 a.m.4 views

PT-2024-32480 · Openstack +1 · Openstack Ironic +1

Name of the Vulnerable Software and Affected Versions: OpenStack Ironic versions prior to 21.4.4 OpenStack Ironic versions 22.x through 23.x before 23.0.3 OpenStack Ironic versions 23.x through 24.x before 24.1.3 OpenStack Ironic versions 25.x through 26.x before 26.1.0 Description: The issue is...

6.9CVSS6.8AI score0.00661EPSS
Exploits0References23
Debian CVE
Debian CVEadded 2024/10/04 12:0 a.m.14 views

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

5.3CVSS6.3AI score0.00661EPSS
Exploits0
Rows per page
Query Builder