CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-2655

Malware in sbrugna...

5CVSS6.4AI score0.00298EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-4268

Malicious code in bioql PyPI...

2.1CVSS6.3AI score0.00059EPSS

Exploits0References6

CNNVD•added 2023/10/03 12:0 a.m.•2 views

Puppet Server Security Vulnerability

Puppet Server is a software from Puppet Labs in the United States that is used to push configurations from a master server to other servers. A security vulnerability exists in Puppet Server that stems from the presence of a denial of service DOS vulnerability...

7.5CVSS6.6AI score0.0015EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:24 a.m.•1 views

SUSE CVE-2014-9568

puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter...

2.1CVSS6.2AI score0.00131EPSS

Exploits0References3

CNVD•added 2022/10/11 12:0 a.m.•34 views

Puppet puppetlabs-apt module command injection vulnerability

Puppet is a client/server C/S architecture-based configuration management tool from Puppet Labs that can be used to manage configuration files, users, cron tasks, packages, system services, etc. A command injection vulnerability exists in versions of Puppet Puppetlabs-apt module prior to 9.0.0. T...

9.8CVSS4.3AI score0.03006EPSS

Exploits0References1

Positive Technologies•added 2022/10/07 12:0 a.m.•1 views

PT-2022-21443 · Puppet +1 · Puppetlabs-Apt +1

Name of the Vulnerable Software and Affected Versions: puppetlabs-apt versions prior to 9.0.0 Description: Command injection is possible in the puppetlabs-apt module. A malicious actor can exploit this issue if they can provide unsanitized input to the module. This condition is rare in most...

9.8CVSS7.9AI score0.03006EPSS

Exploits0References15

Github Security Blog•added 2022/05/14 12:56 a.m.•9 views

Puppet Labs Facter allows local users to obtain sensitive Amazon EC2 IAM instance metadata

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS6.5AI score0.00059EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/14 12:56 a.m.•15 views

GHSA-J436-H7HM-RX46 Puppet Labs Facter allows local users to obtain sensitive Amazon EC2 IAM instance metadata

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS5.8AI score0.00059EPSS

Exploits0References5

CNVD•added 2021/11/13 12:0 a.m.•26 views

Puppet Server Information Disclosure Vulnerability

Puppet Server is a software from Puppet Labs in the U.S. for pushing configurations from the primary server to other servers. an information disclosure vulnerability exists in Puppet Agent and Puppet Server, which stems from a lack of restrictions and protections in the HTTP transport process,...

9.8CVSS8.8AI score0.00397EPSS

Exploits0References1

CNVD•added 2019/07/31 12:0 a.m.•1 views

Unspecified Vulnerability in Puppet

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs, which can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is the enterprise version of Puppet. A security vulnerability exists in...

6.5CVSS6.8AI score0.00384EPSS

Exploits0References1

Veracode•added 2019/05/02 5:1 a.m.•20 views

Remote Code Execution

Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. A cross-site scripting XSS flaw was found in the way the Red Hat Satellite web interface...

4.3CVSS5.9AI score0.00417EPSS

Exploits1References8Affected Software3

OSV•added 2015/02/23 5:59 p.m.•4 views

CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS6AI score0.00059EPSS

Exploits0References1

NVD•added 2015/02/23 5:59 p.m.•9 views

CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS6.1AI score0.00059EPSS

Exploits0References1

UbuntuCve•added 2015/02/23 5:59 p.m.•16 views

CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS5.9AI score0.00059EPSS

Exploits0References2

Prion•added 2015/02/23 5:59 p.m.•11 views

Code injection

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS6.7AI score0.00059EPSS

Exploits0References1Affected Software1

Debian CVE•added 2015/02/23 5:0 p.m.•15 views

CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

2.1CVSS6.1AI score0.00059EPSS

Exploits0

CVE•added 2015/02/23 5:0 p.m.•46 views

CVE-2015-1426

CVE-2015-1426 affects Puppet Labs Facter 1.6.0 through 2.4.0. The vulnerability allows local users to obtain sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node. The connected documents corroborate this issue across multiple sources (OSV, CNVD, NVD, GN advisories)....

2.1CVSS6.3AI score0.00059EPSS

Exploits0References1Affected Software2

Cvelist•added 2015/02/23 5:0 p.m.•13 views

CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

6.1AI score0.00059EPSS

Exploits0References1