48 matches found
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2018-7750
CVE-2018-7750 affects Paramiko’s SSH server transport.py: before fixes, it did not verify that authentication completed before processing other requests (e.g., channel-open), enabling a customized SSH client to bypass authentication. Affected series include 1.17.6 and earlier in 1.x, 1.18.x befor...
CVE-2019-5418
CVE-2019-5418 (Rails/Action View) affects Rails/Action View versions prior to 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3. The flaw is a File Content Disclosure via specially crafted accept headers in combination with calls to render file:, allowing an attacker to disclose contents of arbitrary fi...
CVE-2018-1058
CVE-2018-1058 affects PostgreSQL 9.3–10, where a flaw in search_path handling allowed a logged-in user to modify query behavior for other users and potentially execute code with the database superuser privileges. The related connected advisories confirm upstream remediation: PostgreSQL upstream f...
CVE-2018-10855
CVE-2018-10855 affects Ansible: versions 2.5 prior to 2.5.5 and 2.4 prior to 2.4.5 do not honor the no_log flag for failed tasks, which can cause sensitive data passed to a task to be exposed in logs and on the user’s terminal when the task fails. Red Hat advisories (RHSA-2018:1948, RHSA-2019:005...
CVE-2019-5419
CVE-2019-5419 describes a denial-of-service in Ruby on Rails Action View triggered by specially crafted Accept headers, affecting Rails <5.2.2.1, <5.1.6.2, <5.0.7.2,
CVE-2017-11610
CVE-2017-11610 affects the XML-RPC server in Supervisor. An authenticated client can send a crafted XML-RPC request that exploits nested supervisord namespace lookups to execute arbitrary commands on the server, running with the same user as supervisord (potentially root). The issue is triggered ...
CVE-2018-11627
CVE-2018-11627 affects the Sinatra Ruby gem (pre-2.0.2) with an XSS in the 400 Bad Request page triggered by a params parser exception. Fedora/RH advisories (e.g., RHSA-2019:0212, RHSA-2019:0315) document fixes and package updates for rubygem-sinatra across affected Fedora/RHEL releases; OpenVAS/...
CVE-2018-1053
PostgreSQL CVE-2018-1053 affects 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2. pg_upgrade creates a file in the current working directory containing the output of pg_dumpall -g, under the umask in effect when pg_upgrade was invoked, not un...
CVE-2018-3760
CVE-2018-3760 is a Local File Inclusion/path-traversal vulnerability in Ruby on Rails’ Sprockets, caused by a flaw in the server-side routine forbidden_request?() that allowed access to files outside the application root when the Sprockets server is used in production. Affected versions include S...
CVE-2013-0186
CVE-2013-0186 covers multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM. The affected component is ManageIQ EVM; the underlying root cause is not explicitly described in the provided documents, but the NVD entry notes remote code injection via unspecified vectors with user intera...
CVE-2019-16892
CVE-2019-16892 in Rubyzip: A crafted ZIP can bypass ZIP-entry size checks because the uncompressed size data can be spoofed, enabling a denial of service via disk consumption. Affected: rubyzip before 1.3.0. Root cause: manipulated size metadata in ZIP entries. Impact: local DoS through excessive...
CVE-2018-1000544
CVE-2018-1000544 affects the rubyzip gem (versions up to and including 1.2.1). It enables a Directory Traversal in Zip::File that can write arbitrary files to the filesystem when processing crafted ZIPs (e.g., using symlinks or absolute paths). Public advisories (e.g., Debian DLA-2307-1, RH advis...
CVE-2014-0081
CVE-2014-0081 affects Ruby on Rails: multiple XSS flaws in actionview/lib/action_view/helpers/number_helper.rb allow remote injection via format, negative_format, or units in number_to_currency, number_to_percentage, and number_to_human. Affected Rails versions: 3.2.x before 3.2.17, 4.0.x before ...
CVE-2020-25716
CVE-2020-25716 affects CloudForms (CFME) prior to version 5.11.10.1, enabling a role-based privilege escalation via export/import of administrator files by a user in a specific group. The flaw stems from an incomplete fix for CVE-2020-10783 and can compromise data confidentiality and integrity; t...
CVE-2019-10159
CVE-2019-10159 affects cfme-gemset versions 5.10.4.3 and below and 5.9.9.3 and below, due to an improper authorization in the migration log controller that can leak VM migration logs to any unprivileged user. Documents consistently identify the issue as a data-leak vulnerability in cfme-gemset. A...
CVE-2018-16476
The CVE-2018-16476 issue affects Ruby on Rails’ Active Job integration via deserialization using GlobalId, exposing information due to a broken access control in Active Job (versions >= 4.2.0). Public sources note vulnerable components include rubygem-activejob and related Rails frameworks, wi...
CVE-2018-10905
CVE-2018-10905 affects Red Hat CloudForms Management Engine (cfme) via an improper access control in the dRuby (DRb) component. A local attacker with access to an unprivileged shell can execute arbitrary commands as a highly privileged user (root). The issue is documented across Red Hat advisorie...
CVE-2020-10778
CVE-2020-10778 affects Red Hat CloudForms (CFME) 4.7 and 5, where read-only widgets can be edited by removing the disabled attribute due to missing server-side validation, bypassing business logic. The issue is addressed in Red Hat Security Advisory RHSA-2020:3574 for CloudForms 4.7.16 (and relat...
CVE-2020-10777
CVE-2020-10777 is a cross-site scripting vulnerability in Red Hat CloudForms (Report Menu title) affecting CloudForms 4.7 and 5. The issue arises from improper sanitization of HTML/JavaScript in the report menu title, enabling a stored XSS attack against an application administrator. Public sourc...
CVE-2018-1104
CVE-2018-1104 affects Ansible Tower up to version 3.2.3, where users who can define variables in a job template can achieve remote code execution on the Tower server. Public sources document this as a corrected issue in Red Hat CloudForms advisories RHSA-2018-1328 and RHSA-2018-1972, indicating p...
CVE-2020-10783
CVE-2020-10783 affects Red Hat CloudForms Management Engine (CFME) 4.7/5.0.x; a role-based privilege escalation allowed an attacker with a specific group (EVM-Operator) to perform actions reserved for higher-privileged roles (EVM-Super-administrator), including exporting/importing administrator f...
CVE-2018-1101
CVE-2018-1101 affects Ansible Tower before 3.2.4, where rights of system administrators within organizations can be escalated by organization admins, enabling password resets and full system access. Connected advisories (RHSA-2018:1972 and RHSA-2018:1328) indicate CloudForms/Ansible Tower fixes w...
CVE-2014-0057
CVE-2014-0057 affects Red Hat CloudForms Management Engine 5.2 (ServiceController, x_button method). The vulnerability allows remote attackers to invoke arbitrary methods via unsanitized input, enabling potential arbitrary code execution or other impact as described by CVE details (base score 7.5...
CVE-2017-12148
CVE-2017-12148 affects Ansible Tower's UI (SCM repos). If a Tower project definition lacks the 'delete before update' flag, a committer to the upstream playbook can insert a Trojan playbook that, when run by Tower, adds git hooks to the checked-out repository and may execute arbitrary commands as...
CVE-2013-6443
CVE-2013-6443 affects CloudForms 3.0 Management Engine prior to 5.2.1.6, where a GET request for a destructive action could bypass Rails protect_from_forgery and enable CSRF exploitation. The issue arises in the CloudForms web application where CSRF protections could be bypassed, allowing unautho...
CVE-2014-0197
CVE-2014-0197 is a Cross-Site Request Forgery (CSRF) vulnerability in CFME/Red Hat CloudForms Management Engine caused by a permissive check of the referrer header. Affected component is CFME web application; impact is partial confidentiality, integrity, and availability compromises per CVSS 3.1/...
CVE-2017-12191
The CVE-2017-12191 entry describes a CloudForms/Vmware issue where the CloudForms account configuration uses a shared, privileged account for VMRC functions. This flaws allows attackers to view and modify VMRC settings and the controlled virtual machines. Red Hat RHSA-2018:0374 documents a securi...
CVE-2012-5604
The CVE describes an authentication bypass in the ruby gem ldap_fluff when used with Active Directory for Red Hat CloudForms 1.1. Affects rubygem-ldap_fluff components; exploit vectors are not specified in the provided docs, but remote authentication bypass is stated. The issue is tracked as CVE-...
CVE-2017-2632
CVE-2017-2632 affects Red Hat CloudForms Management Engine (CFME) where a logic error in valid_role() could let a tenant administrator create groups with higher privileges. Technical details across connected sources show the issue exists in CFME versions prior to the fixed releases (e.g., CFME 5....
CVE-2016-5383
The CVE-2016-5383 issue affects Red Hat CloudForms Management Engine (CFME) 4.1, where the web UI did not properly filter input in certain fields, allowing remote authenticated attackers to execute arbitrary code on the host. Root cause: insufficient input filtering (listed as “Lack of field filt...
CVE-2016-5402
CVE-2016-5402 affects Red Hat CloudForms Management Engine (CFME). A code injection flaw exists in how capacity and utilization imported control files are processed, allowing a remote, authenticated attacker to execute arbitrary code as the CFME user. Public details come from Red Hat RHSA-2016:28...
CVE-2017-2639
CloudForms Management Engine is affected by CVE-2017-2639, where it does not verify that the server hostname matches the domain name in the certificate when using a custom CA with connections to RHEV/OpenShift. This can allow an attacker to spoof RHEV/OpenShift systems and potentially harvest sen...
CVE-2017-7530
CVE-2017-7530 affects CloudForms Management Engine (cfme) prior to 5.7.3 and 5.8.x prior to 5.8.1, where privilege checks can be bypassed when API users trigger arbitrary methods via VMs filtered by MiqExpression. This could let an attacker perform disallowed actions (e.g., destroying VMs). The i...
CVE-2020-10779
CVE-2020-10779 affects Red Hat CloudForms 4.7 and 5, where an insecure direct object reference (IDOR) and functional level access control bypass occur due to a missing privilege check. The issue enables an attacker with sufficient criteria and low privileges to access some sensitive data within C...
CVE-2020-14325
CVE-2020-14325 describes a vulnerability in Red Hat CloudForms prior to 5.11.7.0 where a User Impersonation/authorization flaw could let an attacker create or use an RBAC user (with groups/roles such as EvmGroup-super_administrator) and perform API requests as a super administrator. The related R...
CVE-2016-7047
CVE-2016-7047 affects Red Hat CloudForms Management Engine (CloudForms API) before versions 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with MiqReportResults API permission could view data from other tenants or groups, causing information disclosure. Connected Red Hat advisories indicate broader CloudFo...
CVE-2020-14369
CVE-2020-14369 is a CSRF issue affecting Red Hat CloudForms (CFME) via the cfme-gemset API notifications. The vulnerability allows an attacker to coerce an authenticated user into performing state-changing actions by forged HTTP requests, for example provisioning VMs or running Ansible playbooks,...
CVE-2017-2664
CloudForms Management Engine (cfme) is affected by CVE-2017-2664. The issue is a lack of RBAC controls on certain methods in the Rails application, enabling privilege escalation for an attacker with access. Affected versions are cfme before 5.7.3 and 5.8.x before 5.8.1. Red Hat advisories RHSA-20...
CVE-2012-5603
CVE-2012-5603 affects Red Hat CloudForms (Katello component) prior to CloudForms 1.1. The issue is an insufficient permission check in proxies_controller.rb, enabling an authenticated remote attacker to read consumer certificates or alter other users’ settings by abusing the target system UUID. T...
CVE-2012-4574
CVE-2012-4574 affects Red Hat CloudForms with the Pulp component. The issue arises because the Pulp configuration file, pulp.conf, was installed with world-readable permissions, allowing local users to read the administrative password. The RHSA-2012:1543 update for CloudForms System Engine 1.1 fi...
CVE-2013-4423
CloudForms (Red Hat CloudForms) is affected by CVE-2013-4423, where user passwords are stored in a recoverable format, enabling potential disclosure of cleartext passwords. The vulnerability concerns the storage mechanism rather than a specific exploit, and public details describe an information ...
CVE-2017-2653
CVE-2017-2653 affects Red Hat CloudForms Management Engine (CFME) and components cfme, cfme-appliance, and cfme-gemset on Red Hat Enterprise Linux 7. Unused delete routes could be reachable via GET requests, bypassing CSRF protection and enabling route usage, potentially in conjunction with addit...
CVE-2012-5605
CVE-2012-5605 affects Red Hat CloudForms System Engine prior to version 1.1. The issue arises from grinder cache in /var/lib/pulp/cache/grinder/ using world-writable permissions, enabling local attackers to read or modify grinder cache files. The RHSA-2012:1543 advisory documents this vulnerabili...
CVE-2015-7502
Summary: CVE-2015-7502 affects Red Hat CloudForms Management Engine (CFME) 3.2/5.4.4 and CFME 4.0/5.5.0. The issue is improper encryption of data stored in the backend PostgreSQL database, enabling local attackers to access sensitive information by exploiting access to database exports or log fil...
CVE-2016-7071
CVE-2016-7071 concerns Red Hat CloudForms/CFME where, prior to updates 5.6.2.2 and 5.7.0.7, permissions were not properly enforced for VM IDs supplied by users. A remote, authenticated attacker could exploit this to execute arbitrary VMs on managed systems if they knows the VM ID. The connected R...
CVE-2012-3538
CVE-2012-3538 affects Red Hat CloudForms (System Engine) 1.1 and is caused by Pulp logging administrative passwords to a world-readable log file (production.log). This local, file-based disclosure allows a user with access to the log to read administrative credentials and potentially take control...
CVE-2016-4471
CVE-2016-4471 affects ManageIQ/CloudForms prior to 4.1, where remote authenticated users could execute arbitrary code. The vulnerability is documented across multiple feeds with concrete references (NVD entry CVE-2016-4471; CNVD/Red Hat advisories). Affected software is ManageIQ in CloudForms bef...