Lucene search
K
RedhatOpenstack

210 matches found

CVE
CVE
added 2020/03/16 3:3 p.m.156 views

CVE-2020-1736

CVE-2020-1736 concerns Ansible Engine where moving a file with atomic_move cannot set the destination file mode. If the destination does not exist, the move can render the new file world-readable; if the file exists, permissions may be loosened before the move, potentially exposing sensitive data...

3.3CVSS3.6AI score0.00401EPSS
CVE
CVE
added 2015/06/15 3:0 p.m.153 views

CVE-2015-3209

CVE-2015-3209 : Heap-based buffer overflow in the QEMU PCNET network device allows remote code execution via crafted packet sequences (TXSTATUS_STARTPACKET then TXSTATUS_DEVICEOWNS). This is a QEMU vulnerability discussed in multiple advisories (notably Arista/Security Advisory 0013 and F5/Multi-...

7.5CVSS6.5AI score0.09668EPSS
CVE
CVE
added 2022/03/23 7:46 p.m.153 views

CVE-2021-4180

The CVE affects openstack-tripleo-heat-templates (older than 11.6.1). The underlying issue is an information exposure: an external user can discover internal IP addresses or hostnames by inspecting the www_authenticate_uri parameter in configuration files. This data leakage is specifically tied t...

4.3CVSS4AI score0.00754EPSS
CVE
CVE
added 2017/03/27 3:0 p.m.151 views

CVE-2017-5973

Technical details about CVE-2017-5973 are not publicly provided in the connected documents. Available records reference QEMU's xhci_kick_epctx vulnerability but do not expose deeper data (affected versions, exploit info, or fixes). Monitor for updates.

5.5CVSS5.5AI score0.00456EPSS
CVE
CVE
added 2018/10/09 10:0 p.m.149 views

CVE-2018-17963

CVE-2018-17963 affects QEMU’s net/iov path. The vulnerability is introduced by qemu_deliver_packet_iov in net/net.c, which accepts packet sizes greater than INT_MAX, enabling a remote attacker to trigger a denial of service (and potentially other unspecified impact) by sending oversized packets. ...

9.8CVSS9.7AI score0.04782EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.148 views

CVE-2016-8576

CVE-2016-8576 affects QEMU’s USB xHCI emulation. The vulnerability is in xhci_ring_fetch (hw/usb/hcd-xhci.c), where failure to limit the number of TRBs can be exploited by a local privileged guest to cause an infinite loop and a DoS of the QEMU process. The initial documents do not specify exploi...

6CVSS5.3AI score0.00386EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.141 views

CVE-2016-8909

CVE-2016-8909 is an issue in QEMU’s Intel High Definition Audio emulation. The vulnerability exists in the intel_hda_xfer function (hw/audio/intel-hda.c) where an entry with the same value for buffer length and pointer position can be supplied by a local attacker (local guest OS administrator), l...

6CVSS6.1AI score0.00441EPSS
CVE
CVE
added 2016/07/12 7:0 p.m.140 views

CVE-2016-4428

OpenStack Horizon (Dashboard) is affected by an XSS vulnerability (CVE-2016-4428) present in Horizon 8.0.1 and earlier and 9.0.0–9.0.1. The issue arises from injecting an AngularJS template into a dashboard form, allowing a remote authenticated user to inject arbitrary script/HTML. Impact reporte...

5.4CVSS5AI score0.02068EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.140 views

CVE-2016-9921

According to connected sources, CVE-2016-9921 affects QEMU with Cirrus CLGD 54xx VGA Emulator. The root cause is a divide-by-zero in cirrus_do_copy when Cirrus VGA graphics mode is VGA, which can be triggered during VGA data copying. Impact is guest-privileged code causing a host DoS by crashing ...

6.5CVSS6.3AI score0.00394EPSS
CVE
CVE
added 2019/06/03 6:4 p.m.138 views

CVE-2019-3895

CVE-2019-3895 describes an access-control flaw in the OpenStack Octavia service when deployed with Red Hat OpenStack Platform Director. The issue lets an attacker cause new amphorae to run from an arbitrary image; a remote attacker could upload a compromised amphora image and Octavia could spawn ...

8CVSS7.6AI score0.01421EPSS
CVE
CVE
added 2020/03/16 3:8 p.m.138 views

CVE-2020-1738

CVE-2020-1738 affects Ansible Engine. Root cause: when the module package or service is used and the parameter 'use' is omitted, an attacker with local access can influence which module is sent via the ansible facts file if a prior task ran under a malicious user. Affected: all versions in the 2....

3.9CVSS4AI score0.00381EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.136 views

CVE-2016-8910

CVE-2016-8910 affects QEMU: the rtl8139_cplus_transmit function in hw/net/rtl8139.c can allow a local privileged user to cause a denial of service (infinite loop/CPU usage) by failing to limit the ring descriptor count. No public details on patch/version are provided in the connected documents.

6CVSS6AI score0.00407EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.136 views

CVE-2016-9911

CVE-2016-9911 (QEMU) : A memory leak vulnerability in QEMU built with USB EHCI emulation. The leak occurs while processing packet data in ehci_init_transfer, allowing a guest user/process to leak host memory and potentially cause a DoS on the host. The available connected documents confirm the pr...

6.5CVSS6.3AI score0.00367EPSS
CVE
CVE
added 2018/04/24 6:0 p.m.133 views

CVE-2018-1059

The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...

6.1CVSS5.8AI score0.00878EPSS
CVE
CVE
added 2023/01/18 12:0 a.m.133 views

CVE-2022-3100

The CVE-2022-3100 issue affects the openstack-barbican component and enables an access policy bypass via a query string when calling the API. This vulnerability is discussed across multiple sources, with explicit confirmation in the SUSE-SU-2023:0071-1 security update: openstack-barbican Fixes CV...

5.9CVSS5.4AI score0.00433EPSS
CVE
CVE
added 2017/05/23 3:56 a.m.129 views

CVE-2017-8309

CVE-2017-8309 refers to a memory leak in QEMU’s audio subsystem (audio.c) that can be exploited remotely to cause a denial of service by repeatedly starting and stopping audio capture. The initial description explicitly states the issue and impact. Connected sources list the CVE in vendor advisor...

7.8CVSS7.1AI score0.04544EPSS
CVE
CVE
added 2016/01/08 9:0 p.m.127 views

CVE-2015-7512

CVE-2015-7512 is a buffer overflow in the PC-Net II Ethernet controller emulation (hw/net/pcnet.c) of QEMU. The flaw occurs when handling packets for guests with a larger MTU, allowing a remote attacker to trigger a denial of service (guest OS crash) or potentially execute arbitrary code. Connect...

9CVSS9.3AI score0.0773EPSS
CVE
CVE
added 2016/04/08 4:0 p.m.127 views

CVE-2016-2857

CVE-2016-2857 is a QEMU vulnerability in the IP checksum routines: the net_checksum_calculate function in net/checksum.c permits local (guest) users to trigger an out-of-bounds heap read, crashing the QEMU process via a crafted packet payload length. Multiple Nessus/MIRACLE-Linux advisories refer...

8.4CVSS6.6AI score0.00564EPSS
CVE
CVE
added 2018/09/19 4:0 p.m.127 views

CVE-2018-17206

Open vSwitch 2.7.x–2.7.6 contains a buffer over-read in the decode_bundle function (lib/ofp-actions.c) during BUNDLE action decoding, classified as CVE-2018-17206. The issue is documented in multiple advisories (e.g., RHSA/RHSA-like entries) and Debian/DLA disclosures; exploitation details and ex...

4.9CVSS5.3AI score0.02046EPSS
CVE
CVE
added 2016/04/07 7:0 p.m.126 views

CVE-2016-1714

CVE-2016-1714 – QEMU firmware config flaw. Local CAP_SYS_RAWIO users can trigger out-of-bounds reads/writes in hw/nvram/fw_cfg.c (fw_cfg_write/fw_cfg_read) when Firmware Configuration device emulation is enabled, potentially crashing the guest or allowing code execution on the host. Affected: QEM...

8.1CVSS8.5AI score0.06085EPSS
CVE
CVE
added 2016/11/04 9:0 p.m.124 views

CVE-2016-8669

CVE-2016-8669 affects QEMU: the serial_update_parameters function in hw/char/serial.c can be triggered by a divider value greater than baud base to cause a divide-by-zero and QEMU process crash. It is a local privilege vulnerability (guest to host) with denial of service as the impact. The connec...

6CVSS5.9AI score0.00362EPSS
CVE
CVE
added 2014/11/01 11:0 p.m.123 views

CVE-2014-3615

CVE-2014-3615 concerns the VGA emulator in QEMU. The issue allows a privileged guest (local to the host) to read host memory by setting the display to a high resolution, due to a memory-access flaw in VGA emulation. Public context in connected advisories confirms this was addressed by backporting...

2.1CVSS6.1AI score0.0045EPSS
CVE
CVE
added 2019/08/01 1:27 p.m.123 views

CVE-2018-10899

CVE-2018-10899 affects Jolokia versions 1.2 through 1.6.0 (up to before 1.6.1). Affected instances are vulnerable to a system-wide CSRF when origin/referrer checks are not properly enforced, which could lead to Remote Code Execution. The root cause is insufficient CSRF protection under strict ori...

8.8CVSS8.7AI score0.02665EPSS
CVE
CVE
added 2016/06/01 10:0 p.m.122 views

CVE-2016-5126

Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...

7.8CVSS7.9AI score0.00701EPSS
CVE
CVE
added 2014/02/06 10:0 p.m.120 views

CVE-2013-6393

CVE-2013-6393 affects LibYAML: the yaml_parser_scan_tag_uri function in scanner.c of LibYAML before 0.1.5 performs an incorrect cast, enabling a heap-based buffer overflow that can crash the application and possibly allow arbitrary code execution via crafted YAML tags. The initial description and...

6.8CVSS5.4AI score0.09312EPSS
CVE
CVE
added 2016/12/23 10:0 p.m.120 views

CVE-2016-9907

The CVE-2016-9907 issue affects Quick Emulator (QEMU) built with usb-guest USB redirector support. It describes a memory-leak flaw that can occur while destroying the usbredir device (usbredir_handle_destroy), allowing a guest user to leak host memory and potentially cause DoS on the host. Red Ha...

6.5CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2017/07/25 2:0 p.m.118 views

CVE-2017-7980

CVE-2017-7980 detailed : A heap-based buffer overflow in QEMU’s Cirrus CLGD 54xx VGA Emulator (Cirrus CLGD 54xx) used with Quick Emulator/ QEMU up to version 2.8 enables a local privileged guest to execute arbitrary code or cause a denial of service by exploiting a vulnerability when a VNC client...

7.8CVSS7.2AI score0.00625EPSS
CVE
CVE
added 2016/05/25 3:0 p.m.117 views

CVE-2016-4020

CVE-2016-4020 : In QEMU, the patch_instruction function in hw/i386/kvmvapic.c fails to initialize imm32, enabling a local guest OS administrator to leak host stack memory via the Task Priority Register (TPR). Several advisories (Debian DLA-574-1, CentOS/CESA-2017:1856, Gentoo GLSA-201609-01) docu...

6.5CVSS6.4AI score0.00372EPSS
CVE
CVE
added 2017/05/23 3:56 a.m.113 views

CVE-2017-8379

CVE-2017-8379 is a memory-leak issue in QEMU keyboard input event handling that can allow a local privileged guest user to exhaust host memory and cause a denial of service. The vulnerability is listed among fixes in Red Hat RHSA-2017:2408, which notes remediation by rebasing to QEMU 2.9.0 and re...

6.5CVSS6.1AI score0.00413EPSS
CVE
CVE
added 2019/12/10 2:19 p.m.110 views

CVE-2013-2166

The CVE-2013-2166 entry concerns python-keystoneclient versions 0.2.3 to 0.2.5, where the middleware memcache encryption bypass is documented. Multiple connected records (GHSA-C3XQ-CJ8F-7829 and OSV entries) confirm the same issue and reference advisories like RHSA-2013:0992. The vulnerability ce...

9.8CVSS9.2AI score0.01764EPSS
CVE
CVE
added 2013/07/30 9:0 p.m.109 views

CVE-2013-2882

CVE-2013-2882 affects Google V8 (used by Google Chrome) prior to Chrome/Chromium 28.0.1500.95, where type confusion could lead to remote denial of service and possibly other unspecified impact. Connected sources reference the same CVE in relation to Chromium/V8 vulnerabilities, but none of the do...

7.5CVSS9.3AI score0.02493EPSS
CVE
CVE
added 2018/09/19 4:0 p.m.108 views

CVE-2018-17204

Open vSwitch (OVS) 2.7.x–2.7.6 is affected by CVE-2018-17204 due to a logic error in parse_group_prop_ntr_selection_method within lib/ofp-util.c. During decoding of a group mod, the code validates the group type/command only after the full group mod is parsed, but the OpenFlow 1.5 decoder may use...

4.3CVSS4.8AI score0.01911EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.108 views

CVE-2022-3146

CVE-2022-3146 is described in public advisories as a vulnerability in Red Hat OpenStack Platform (tripleo-ansible) where an insecure default configuration leaves a sensitive file with insufficient permissions. This can allow a local attacker to brute-force the relevant directory and discover the ...

5.5CVSS4.9AI score0.002EPSS
CVE
CVE
added 2019/12/30 7:36 p.m.106 views

CVE-2012-5474

Affected software : Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1). Vulnerability : the file /etc/openstack-dashboard/local_settings is world readable, exposing the secret key value. Impact (as described) : exposure of secret key information;...

5.5CVSS5.5AI score0.00338EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.106 views

CVE-2016-6888

CVE-2016-6888 in QEMU (net_tx_pkt_init in hw/net/net_tx_pkt.c) has an integer overflow when handling the maximum fragmentation count, triggering an unchecked multiplication and a NULL pointer dereference. This allows a local privileged user/guest to cause a denial of service (QEMU process crash)....

4.4CVSS6.1AI score0.00381EPSS
CVE
CVE
added 2018/02/19 5:0 p.m.106 views

CVE-2017-18191

CVE-2017-18191 - OpenStack Nova: In OpenStack Nova 15.x (up to 15.1.0) and 16.x (up to 16.1.1), detaching and reattaching an encrypted volume can allow an attacker to access the underlying raw volume and corrupt the LUKS header, causing a denial of service on the compute host (data loss is noted ...

7.8CVSS7.3AI score0.03755EPSS
CVE
CVE
added 2015/11/06 9:0 p.m.104 views

CVE-2015-5225

CVE-2015-5225 : In QEMU, a heap-based buffer overflow arises in the vnc_refresh_server_surface() function of the VNC display driver. A local attacker within the guest could exploit this to cause heap memory corruption and host process crash, or possibly execute arbitrary code on the host. The pro...

7.2CVSS7.3AI score0.00533EPSS
CVE
CVE
added 2017/03/31 3:0 p.m.103 views

CVE-2008-7313

CVE-2008-7313 concerns the Snoopy library’s _httpsrequest function, where remote attackers could execute arbitrary commands due to an incomplete fix for CVE-2008-4796. The issue is noted across multiple sources (Debian security tracker, Gentoo GLSA, IBM PowerKVM advisories, and CVE listings), oft...

9.8CVSS8.9AI score0.04544EPSS
CVE
CVE
added 2019/12/10 2:22 p.m.103 views

CVE-2013-2167

CVE-2013-2167 affects python-keystoneclient versions 0.2.3 through 0.2.5, where the middleware memcache signing bypass creates a security feature bypass vulnerability. Connected sources confirm the issue is described as a middleware signing bypass in that range of versions, with related advisorie...

9.8CVSS9.2AI score0.01696EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.102 views

CVE-2016-7466

CVE-2016-7466 is a memory-leak denial-of-service issue in QEMU’s USB xHCI emulation when MSI-X is used. The usb_xhci_exit path can leak memory during repeated USB unplug actions, allowing a local privileged user (guest) to exhaust host memory or crash the QEMU process. Public details confirm the ...

6CVSS5.4AI score0.00421EPSS
CVE
CVE
added 2023/03/23 12:0 a.m.102 views

CVE-2022-3101

The CVE-2022-3101 entry affects tripleo-ansible, where an insecure default configuration leaves a sensitive file with insufficient permissions. This enables a local attacker to brute-force the relevant directory to discover the file, leading to disclosure of important OpenStack deployment configu...

5.5CVSS4.9AI score0.00201EPSS
CVE
CVE
added 2016/12/10 12:0 a.m.101 views

CVE-2016-7422

CVE-2016-7422 affects QEMU’s virtio/virtio.c: virtqueue_map_desc allows a local guest OS administrator to trigger a NULL pointer dereference by using a large I/O descriptor buffer length, leading to QEMU process crash. Remediation in connected docs shows fixes via rebases to QEMU 2.9.0 (RHSA-2017...

6CVSS5AI score0.00364EPSS
CVE
CVE
added 2019/04/05 4:1 a.m.100 views

CVE-2019-10876

CVE-2019-10876 affects OpenStack Neutron: versions 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with overlapping port ranges, an authenticated user can trigger an Open vSwitch firewall KeyError, preventing Neutron from configuring networks on com...

6.5CVSS6.1AI score0.01757EPSS
CVE
CVE
added 2014/10/31 2:0 p.m.99 views

CVE-2014-3708

CVE-2014-3708 affects OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1. The vulnerability arises from how an IP filter is processed in the list active servers API request, allowing remote authenticated users to cause a denial of service (CPU consumption). Public advisories (R...

4CVSS6.2AI score0.02783EPSS
CVE
CVE
added 2018/09/10 7:0 p.m.96 views

CVE-2018-14635

The CVE-2018-14635 vulnerability affects OpenStack Neutron’s ml2 Linux Bridge driver. The issue allows non-privileged tenants to create and attach ports without assigning an IP address, bypassing IP address validation. This can lead to a potential denial of service if an IP outside the allowed al...

6.5CVSS6.1AI score0.02527EPSS
CVE
CVE
added 2023/03/06 12:0 a.m.96 views

CVE-2022-4134

CVE-2022-4134 affects OpenStack Glance. A flaw allows a remote, authenticated attacker to tamper with uploaded images, compromising the integrity of virtual machines created from those images. The available sources describe the vulnerable component as openstack-glance and confirm the impact is im...

2.8CVSS3.6AI score0.00323EPSS
CVE
CVE
added 2018/09/19 4:0 p.m.95 views

CVE-2018-17205

Open vSwitch CVE-2018-17205 affects 2.7.x–2.7.6 in the bundle commit path (ofproto_rule_insert__) where, if a flow fails to be added, OvS reverts previous flows from the same bundle. While reinserting old flows, an assertion failure on rule state != RULE_INITIALIZED occurs because the old flow st...

7.5CVSS5.2AI score0.02531EPSS
CVE
CVE
added 2018/10/19 10:0 p.m.95 views

CVE-2018-18438

CVE-2018-18438 affects QEMU and is caused by integer overflows due to using a signed integer for a size value in IOReadHandler and related functions. The vulnerability is rooted in QEMU’s IO read path, where a size parameter can overflow, enabling an overflow condition. The CVE entry itself lists...

5.5CVSS7.1AI score0.0044EPSS
CVE
CVE
added 2022/12/21 11:14 p.m.94 views

CVE-2022-38065

The CVE-2022-38065 issue affects the OpenStack oslo.privsep functionality (git master 05194e7618 and earlier). The vulnerability arises from overly permissive privileged operations in tools leveraging this library inside containers, causing privilege escalation. The described impact is High with ...

8.8CVSS8.8AI score0.00596EPSS
CVE
CVE
added 2018/07/27 1:0 p.m.92 views

CVE-2017-2622

CVE-2017-2622 affects OpenStack Workflow (mistral). The vulnerability arises from a log directory being world-readable, enabling an information disclosure vulnerability for a malicious local user. Affected component: mistral service within OpenStack; root cause is improper directory permissions e...

5.9CVSS5.2AI score0.00372EPSS
Total number of security vulnerabilities210