Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990181)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990181 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extentchangeset-byteschanged in...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0037

Malware in sbrugna...

2.3CVSS6AI score0.00705EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2025/05/20 12:0 a.m.5 views

Nextcloud Server Quota Limit Bypass Vulnerability (GHSA-qqgg-hhfq-vhww)

Nextcloud Server is prone to a quota limit bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.6AI score0.00662EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 2:31 p.m.24 views

CVE-2025-47793 Nextcloud Server and Groupfolders app vulnerable to bypass of group folder quota limit using attachment in text file

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud...

4.3CVSS0.00662EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/16 2:31 p.m.18 views

CVE-2025-47793 Nextcloud Server and Groupfolders app vulnerable to bypass of group folder quota limit using attachment in text file

Nextcloud Server is a self hosted personal cloud system, and the Nextcloud Groupfolders app provides admin-configured folders shared by everyone in a group or team. In Nextcloud Server prior to 30.0.2, 29.0.9, and 28.0.1, Nextcloud Enterprise Server prior to 30.0.2 and 29.0.9, and Nextcloud...

4.3CVSS7.1AI score0.00662EPSS
Exploits0References4
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

DEBIAN-CVE-2022-49075

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extentchangeset-byteschanged in qgroupreservedata to record how many bytes we set for EXTENTQGROUPRESERVED state. Currently the byteschanged is set as "unsigned int", and...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 1:54 a.m.8 views

CVE-2022-49075 btrfs: fix qgroup reserve overflow the qgroup limit

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extentchangeset-byteschanged in qgroupreservedata to record how many bytes we set for EXTENTQGROUPRESERVED state. Currently the byteschanged is set as "unsigned int", and...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References11
Veracode
Veracode
added 2023/06/13 8:24 a.m.29 views

Privilege Escalation

github.com/rancher/rancher is vulnerable to Privilege Escalation. Users who have update access to a namespace can move it into a project they don't have access to, giving them access to resources that are only available for that project, allowing access to project-specific resources such as proje...

8.8CVSS6.7AI score0.01026EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2023/06/06 1:59 a.m.17 views

GHSA-8VHC-HWHC-CPJ4 Rancher users retain access after moving namespaces into projects they don't have access to

Impact A vulnerability was identified in which users with update privileges on a namespace, can move that namespace into a project they don't have access to. After the namespace transfer is completed, their previous permissions are still preserved, which enables them to gain access to...

8.8CVSS8.8AI score0.01026EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/17 4:48 a.m.29 views

OpenStack Nova VMWare driver leaks rescued images

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...

2.3CVSS6.8AI score0.00705EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.7 views

The vulnerability in the cpu.cfs_quota_us function of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the cpu.cfsquotaus function located in kernel/sched/fair.c in the Linux operating system is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to cause service interruptions...

5.5CVSS6.7AI score0.00949EPSS
Exploits1References20Affected Software2
Veracode
Veracode
added 2019/01/15 9:2 a.m.26 views

Denial Of Service (DoS)

openstack-nova is vulnerable to denial of service DoS attacks. The vulnerability exists as the VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue...

2.7CVSS5.6AI score0.0171EPSS
Exploits2References12Affected Software1
Hacker One
Hacker One
added 2016/10/03 10:19 a.m.69 views

Nextcloud: Bypassing quota limit

Hi an user can upload files despite having a limited quota by changing value of "OC-Total-Length" in header to "A" or adding "X-Expected-Entity-Length" in header with "A" value in normal insuffisant storage we have: PUT /remote.php/webdav/a.jpg HTTP/1.1 Content-Type: application/octet-stream...

4CVSS2.3AI score0.00888EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.25 views

Oracle Solaris Third-Party Patch Update : nova (multiple_vulnerabilities_in_nova)

The remote Solaris system is missing necessary patches to address security updates : - The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service...

2.7CVSS5.5AI score0.0171EPSS
Exploits2References4
NVD
NVD
added 2014/10/06 2:55 p.m.31 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS6.2AI score0.0171EPSS
Exploits1References5
OSV
OSV
added 2014/10/06 2:55 p.m.7 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

6.1AI score
Exploits0References7
Prion
Prion
added 2014/10/06 2:55 p.m.25 views

Design/Logic Flaw

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS6.4AI score0.0171EPSS
Exploits2References5Affected Software1
CVE
CVE
added 2014/10/06 2:0 p.m.90 views

CVE-2014-3608

CVE-2014-3608 affects the OpenStack Nova VMware driver. The vulnerability arises when a VM is put into RESCUE, causing quota bypass and DoS via image deletion; it stems from an incomplete fix for CVE-2014-2573. Affected: OpenStack Nova VMware driver (2013.2 to 2013.2.2 and before 2014.1.3). Impac...

2.7CVSS6.2AI score0.0171EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2014/10/06 2:0 p.m.44 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

6.1AI score0.0171EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2014/10/06 2:0 p.m.32 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS6.1AI score0.0171EPSS
Exploits1
Rows per page
Query Builder