Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2015-0036

Malware in sbrugna...

3.5CVSS6.1AI score0.01499EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-2069

Malware in sbrugna...

2.1CVSS6AI score0.00383EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2062

Malicious code in bioql PyPI...

1.9CVSS6.2AI score0.00438EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2506

Malicious code in bioql PyPI...

2.1CVSS6.2AI score0.00368EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2024/11/07 12:27 p.m.15 views

USN-6882-2: Cinder regression

USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Martin Kaesberger discovered that Cinder incorrectly handled QCOW2...

6.5CVSS6.9AI score0.01025EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/07/26 3:12 a.m.2 views

SUSE CVE-2024-40767

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

6.5CVSS8.5AI score0.00941EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/07/08 12:0 a.m.15 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Nova vulnerability (USN-6884-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6884-1 advisory. Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to...

6.5CVSS6.9AI score0.00835EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4463

OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...

2.1CVSS6.3AI score0.00368EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-4469

OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...

1.9CVSS6.2AI score0.00438EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.3 views

SUSE CVE-2015-5163

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

3.5CVSS6.7AI score0.01499EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/17 4:55 a.m.12 views

OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image

OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...

2.1CVSS6.8AI score0.00383EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2022/05/17 4:55 a.m.4 views

GHSA-M674-HMX2-FFHQ OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image

OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...

6.9CVSS5.9AI score0.00383EPSS
Exploits0References10
OSV
OSV
added 2022/05/17 4:41 a.m.4 views

GHSA-5644-2V3H-5W4X OpenStack Nova denial of service through compressed disk images

OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...

2.1CVSS5.9AI score0.00368EPSS
Exploits0References8
OSV
OSV
added 2022/05/17 4:41 a.m.4 views

GHSA-2W87-5QCJ-J6GX OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image

OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...

1.9CVSS6AI score0.00438EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2022/05/17 3:44 a.m.29 views

OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

3.5CVSS6AI score0.01499EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2022/05/17 3:44 a.m.25 views

GHSA-Q73F-VJC2-3GQF OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

7.1CVSS5.8AI score0.01499EPSS
Exploits0References11
Veracode
Veracode
added 2019/01/15 8:55 a.m.30 views

Denial Of Service (DoS)

openstack-nova is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a...

2.1CVSS5.4AI score0.00383EPSS
Exploits0References10Affected Software1
CNVD
CNVD
added 2016/08/02 12:0 a.m.2 views

IBM PowerVC Information Disclosure Vulnerability (CNVD-2016-05956)

IBM PowerVC is a suite of virtualization management solutions. IBM PowerVC is affected by the OpenStack Nova information disclosure vulnerability. A local attacker can exploit the vulnerability to read arbitrary files from the host via qcow2 support for file overwrite image conversion...

6AI score
Exploits0References1
OSV
OSV
added 2015/08/19 3:59 p.m.9 views

CVE-2015-5163

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

6AI score
Exploits0References4
OSV
OSV
added 2015/08/19 3:59 p.m.11 views

PYSEC-2015-39

The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...

3.5CVSS6AI score0.01499EPSS
Exploits0References4
Rows per page
Query Builder