Lucene search
K
RedhatOpenstack

48 matches found

CVE
CVE
added 2020/08/07 3:24 p.m.3198 views

CVE-2020-9490

CVE-2020-9490 affects Apache HTTP Server versions 2.4.20–2.4.43. A specially crafted value for the Cache-Digest header in an HTTP/2 request could cause a crash when the server subsequently attempts to HTTP/2 PUSH a resource. Mitigation for unpatched servers is to disable HTTP/2 PUSH via H2Push of...

7.5CVSS8.3AI score0.89744EPSS
In wild
CVE
CVE
added 2019/08/13 12:0 a.m.864 views

CVE-2019-9514

CVE-2019-9514 corresponds to an HTTP/2 vulnerability where an attacker floods a peer by sending HEADERS frames, causing unbounded memory growth and potential DoS. Public details in connected advisories show affected stacks include Go HTTP/2 implementations and Go-based tools, with remediation via...

7.8CVSS7.9AI score0.82813EPSS
CVE
CVE
added 2019/08/13 8:50 p.m.558 views

CVE-2019-9515

CVE-2019-9515 concerns an HTTP/2 settings flood that can cause memory/CPU exhaustion. Arista’s security advisory (Security Advisory 0043) states the vulnerability is in Go’s gRPC HTTP/2 usage and can affect TerminAttr, OpenConfig, CVP, and certain Wi‑Fi OpenConfig-enabled components when enabled....

7.8CVSS7.7AI score0.87806EPSS
CVE
CVE
added 2018/07/30 3:0 p.m.528 views

CVE-2018-10903

The CVE-2018-10903 issue affects python-cryptography versions >=1.9.0 and

7.5CVSS7.2AI score0.03196EPSS
CVE
CVE
added 2021/03/18 12:0 a.m.461 views

CVE-2020-27827

CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...

7.5CVSS7.2AI score0.03235EPSS
CVE
CVE
added 2020/02/11 7:42 p.m.452 views

CVE-2020-1711

CVE-2020-1711 affects the QEMU iSCSI Block driver: an out-of-bounds heap buffer access in iscsi_co_block_status() when processing iSCSI server responses for LBA status. A remote attacker could crash QEMU or potentially execute code with host-QEMU privileges, via a crafted response from the iSCSI ...

7.7CVSS6.4AI score0.04018EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.364 views

CVE-2018-2562

CVE-2018-2562 affects the MySQL Server component (Partition subcomponent) of Oracle MySQL. Affected versions include 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.19 and earlier. The vulnerability allows a low-privileged, network-attacker with access via multiple protocols to cause a hang or cr...

7.5CVSS6.7AI score0.03389EPSS
CVE
CVE
added 2015/05/13 6:0 p.m.327 views

CVE-2015-3456

The CVE-2015-3456 VENOM issue affects QEMU’s Floppy Disk Controller emulation (FDC), also used by VirtualBox and other virtualization stacks in Xen 4.5.x and earlier and KVM. The vulnerability is a buffer/out-of-bounds condition in the FDC where certain commands (notably FD_CMD_READ_ID and FD_CMD...

7.7CVSS7.5AI score0.15275EPSS
CVE
CVE
added 2019/07/11 6:30 p.m.317 views

CVE-2019-10192

CVE-2019-10192 is a heap-buffer overflow in Redis HyperLogLog used by SETRANGE. Affected: Redis HyperLogLog in 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. By corrupting a hyperloglog, an attacker can cause Redis to write up to 3 bytes beyond the end of a heap-allocated buffer. Imp...

7.2CVSS6.8AI score0.26048EPSS
CVE
CVE
added 2019/12/20 11:0 p.m.314 views

CVE-2019-16786

Waitress (Python WSGI server) before version 1.4.0 exposed an HTTP request-smuggling vulnerability related to Transfer-Encoding. If a request’s Transfer-Encoding header was not finalised as chunked, Waitress could ignore the header and fall back to Content-Length, potentially allowing HTTP pipeli...

7.5CVSS7AI score0.02545EPSS
CVE
CVE
added 2019/11/22 11:26 p.m.309 views

CVE-2019-11287

CVE-2019-11287 affects Pivotal RabbitMQ and RabbitMQ for Pivotal Platform web management plugin. Versions 3.7.x before 3.7.21, 3.8.x before 3.8.1, and 1.16.x before 1.16.7 and 1.17.x before 1.17.4 are vulnerable. The vulnerability allows a crafted X-Reason HTTP header to inject a malicious Erlang...

7.5CVSS5.6AI score0.04519EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.305 views

CVE-2018-2755

CVE-2018-2755 affects Oracle MySQL Server (Server: Replication) and is present in supported MySQL/MariaDB branches up to specific prior versions: 5.5.59 and earlier, 5.6.39 and earlier, and 5.7.21 and earlier. The issue allows takeover of MySQL Server and requires logon with user interaction; imp...

7.7CVSS6.6AI score0.00848EPSS
CVE
CVE
added 2019/07/11 6:30 p.m.301 views

CVE-2019-10193

CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...

7.2CVSS6.8AI score0.23703EPSS
CVE
CVE
added 2019/12/20 11:0 p.m.297 views

CVE-2019-16785

Summary: The vulnerability CVE-2019-16785 affects Waitress (Python WSGI server) up to v1.3.1. It relates to RFC7230’s line-termination rule: Waitress may treat messages inconsistently when a proxy uses LF vs CRLF, enabling HTTP request smuggling/splitting. Impact is the front-end and back-end par...

7.5CVSS7.1AI score0.02714EPSS
CVE
CVE
added 2018/07/13 10:0 p.m.274 views

CVE-2018-10875

CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...

7.8CVSS7.7AI score0.00587EPSS
CVE
CVE
added 2019/10/08 6:44 p.m.264 views

CVE-2019-14846

CVE-2019-14846 affects Ansible Engine where all 2.x lines up to 2.8.5 (and similar older branches) could disclose credentials because plugins logging at DEBUG level log sensitive data. The flaw does not affect Ansible modules (they run in a separate process). Public docs show multiple vendors/adv...

7.8CVSS7.3AI score0.00509EPSS
CVE
CVE
added 2020/03/31 4:20 p.m.255 views

CVE-2019-14905

The CVE-2019-14905 issue affects Ansible Engine’s nxos_file_copy module, where the filename parameter could be crafted to inject OS commands on NXOS devices. This is a local attack with potential confidentiality, integrity, and availability impacts as described (loss of confidentiality, etc.). Af...

7.3CVSS6AI score0.00736EPSS
CVE
CVE
added 2018/03/13 9:0 p.m.219 views

CVE-2018-1000127

The CVE-2018-1000127 issue affects memcached prior to 1.4.37, caused by an Integer Overflow in items.c:item_free() that can lead to data corruption and deadlocks due to reusing hash-table entries from a free list. It is exploitable over the network to the memcached service. The vulnerability is f...

7.5CVSS7.7AI score0.02316EPSS
CVE
CVE
added 2020/02/19 2:41 p.m.214 views

CVE-2012-6685

Nokogiri prior to 1.5.4 is vulnerable to XML External Entity (XXE) attacks. The issue arises in the XML parsing path (XXE) and is documented under CVE-2012-6685. Exploitation details are not provided beyond the XXE description. Affected software: Nokogiri (Ruby library). Root cause: XXE in XML pr...

7.5CVSS7.3AI score0.02168EPSS
CVE
CVE
added 2017/08/02 7:0 p.m.207 views

CVE-2017-10664

CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...

7.5CVSS7.2AI score0.04028EPSS
CVE
CVE
added 2016/04/13 3:0 p.m.200 views

CVE-2015-8080

CVE-2015-8080 is an in Redis where the getnum function in lua_struct.c can overflow an integer if a Lua script processes a large number. Affects Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6. The described impact is memory corruption and application crash, with potential sandbox circumvention....

7.5CVSS8AI score0.05362EPSS
CVE
CVE
added 2020/03/24 12:0 a.m.198 views

CVE-2020-10684

Ansible Engine vulnerable scope: versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7 allow an attacker to alter ansible_facts when inject is enabled, potentially leading to privilege escalation or code injection. Connected advisories confirm the same underlying issue and pro...

7.9CVSS7.1AI score0.00345EPSS
CVE
CVE
added 2019/04/23 3:57 p.m.192 views

CVE-2019-0223

CVE-2019-0223 concerns Apache Qpid Proton (C library and bindings) versions 0.9–0.27.0. Under TLS with OpenSSL versions before 1.1.0, a peer could be connected anonymously even when peer cert verification is configured, enabling a potential undetected man-in-the-middle attack if TLS traffic is in...

7.4CVSS7AI score0.06201EPSS
CVE
CVE
added 2018/03/05 2:0 p.m.182 views

CVE-2018-1000115

CVE-2018-1000115 – Memcached UDP amplification vulnerability. Memcached 1.5.5 contains an Insufficient Control of Network Message Volume (CWE-406) in UDP support, enabling a remote attacker to perform a denial-of-service via UDP traffic to port 11211 (amplification ~1:50,000). The issue is mitiga...

7.5CVSS7.4AI score0.88368EPSS
CVE
CVE
added 2018/07/02 1:0 p.m.182 views

CVE-2018-10874

CVE-2018-10874 affects Ansible. The issue arises when inventory variables are loaded from the current working directory during ad-hoc commands, which attackers can control, enabling arbitrary code execution (local attacker could compromise the target via manipulated inventory vars). The NVD entry...

7.8CVSS7.8AI score0.00485EPSS
CVE
CVE
added 2019/11/14 12:0 a.m.157 views

CVE-2019-14818

The CVE-2019-14818 issue affects DPDK packages in multiple lines: 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4, and 19.x.x before 19.08.1. A malicious master or a container with access to a vhost_user socket can send crafted VRING_SET_NUM messages, causing a memory leak th...

7.5CVSS7.1AI score0.02815EPSS
CVE
CVE
added 2015/06/15 3:0 p.m.156 views

CVE-2015-3209

CVE-2015-3209 : Heap-based buffer overflow in the QEMU PCNET network device allows remote code execution via crafted packet sequences (TXSTATUS_STARTPACKET then TXSTATUS_DEVICEOWNS). This is a QEMU vulnerability discussed in multiple advisories (notably Arista/Security Advisory 0013 and F5/Multi-...

7.5CVSS6.5AI score0.09668EPSS
CVE
CVE
added 2017/05/23 3:56 a.m.130 views

CVE-2017-8309

CVE-2017-8309 refers to a memory leak in QEMU’s audio subsystem (audio.c) that can be exploited remotely to cause a denial of service by repeatedly starting and stopping audio capture. The initial description explicitly states the issue and impact. Connected sources list the CVE in vendor advisor...

7.8CVSS7.1AI score0.04544EPSS
CVE
CVE
added 2016/06/01 10:0 p.m.125 views

CVE-2016-5126

Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...

7.8CVSS7.9AI score0.00701EPSS
CVE
CVE
added 2017/07/25 2:0 p.m.119 views

CVE-2017-7980

CVE-2017-7980 detailed : A heap-based buffer overflow in QEMU’s Cirrus CLGD 54xx VGA Emulator (Cirrus CLGD 54xx) used with Quick Emulator/ QEMU up to version 2.8 enables a local privileged guest to execute arbitrary code or cause a denial of service by exploiting a vulnerability when a VNC client...

7.8CVSS7.2AI score0.00625EPSS
CVE
CVE
added 2013/07/30 9:0 p.m.110 views

CVE-2013-2882

CVE-2013-2882 affects Google V8 (used by Google Chrome) prior to Chrome/Chromium 28.0.1500.95, where type confusion could lead to remote denial of service and possibly other unspecified impact. Connected sources reference the same CVE in relation to Chromium/V8 vulnerabilities, but none of the do...

7.5CVSS9.3AI score0.02493EPSS
CVE
CVE
added 2018/02/19 5:0 p.m.110 views

CVE-2017-18191

CVE-2017-18191 - OpenStack Nova: In OpenStack Nova 15.x (up to 15.1.0) and 16.x (up to 16.1.1), detaching and reattaching an encrypted volume can allow an attacker to access the underlying raw volume and corrupt the LUKS header, causing a denial of service on the compute host (data loss is noted ...

7.8CVSS7.3AI score0.03755EPSS
CVE
CVE
added 2015/11/06 9:0 p.m.105 views

CVE-2015-5225

CVE-2015-5225 : In QEMU, a heap-based buffer overflow arises in the vnc_refresh_server_surface() function of the VNC display driver. A local attacker within the guest could exploit this to cause heap memory corruption and host process crash, or possibly execute arbitrary code on the host. The pro...

7.2CVSS7.3AI score0.00533EPSS
CVE
CVE
added 2018/09/19 4:0 p.m.96 views

CVE-2018-17205

Open vSwitch CVE-2018-17205 affects 2.7.x–2.7.6 in the bundle commit path (ofproto_rule_insert__) where, if a flow fails to be added, OvS reverts previous flows from the same bundle. While reinserting old flows, an assertion failure on rule state != RULE_INITIALIZED occurs because the old flow st...

7.5CVSS5.2AI score0.02531EPSS
CVE
CVE
added 2018/07/19 1:0 p.m.93 views

CVE-2017-2673

The CVE-2017-2673 entry concerns an authorization-check flaw in OpenStack Keystone federation configurations. An authenticated federated user could request permissions to a project and be unintentionally granted all related roles, including administrative roles, due to inadequate authorization ch...

7.2CVSS6.6AI score0.02106EPSS
CVE
CVE
added 2016/07/12 7:0 p.m.89 views

CVE-2016-4985

CVE-2016-4985 affects the OpenStack Ironic project, specifically the ironic-api service. The vulnerability allows an attacker with network access to the ironic-api to bypass authentication and retrieve full details of a registered node by knowing the node’s MAC address and sending a crafted POST ...

7.5CVSS7.1AI score0.02836EPSS
CVE
CVE
added 2018/08/27 5:0 p.m.88 views

CVE-2017-15139

CVE-2017-15139 affects OpenStack Cinder up to Queens, specifically ScaleIO volumes using thin volumes with zero padding. The vulnerability can lead to leakage of sensitive data between tenants when new volumes are created in certain configurations. Public documentation in connected items confirms...

7.5CVSS7.2AI score0.01244EPSS
CVE
CVE
added 2019/03/26 5:45 p.m.88 views

CVE-2018-16856

CVE-2018-16856 affects the OpenStack Load Balancing service (openstack-octavia) in Red Hat OpenStack Platform Director installations. In affected builds, openstack-octavia before versions 2.0.2-5 and 3.0.1-0.20181009115732 creates log files readable by all users, allowing sensitive data such as p...

7.5CVSS7.3AI score0.00878EPSS
CVE
CVE
added 2018/07/26 2:0 p.m.87 views

CVE-2017-7539

CVE-2017-7539 affects QEMU’s NBD server: an assertion-failure during initial connection negotiation can crash qemu-nbd, enabling a remote DoS. Affected product: QEMU/NBD server prior to 2.10.1. Root cause: I/O coroutine in the initial negotiation is undefined. Impact: Denial of service via server...

7.5CVSS7.1AI score0.05529EPSS
CVE
CVE
added 2013/11/19 7:0 p.m.79 views

CVE-2013-4386

Foreman (prior to 1.2.3) contains SQL injection vulnerabilities in app/models/concerns/host_common.rb that allow remote attackers to execute arbitrary SQL via the fqdn or hostgroup parameters. This impacts Foreman versions before 1.2.3; remediation is to upgrade to 1.2.3 or later (as noted by Red...

7.5CVSS8.8AI score0.01243EPSS
CVE
CVE
added 2021/05/06 4:23 p.m.79 views

CVE-2021-31918

CVE-2021-31918 affects tripleo-ansible as shipped in Red Hat OpenStack Platform 16.1.6. The Ansible log file is readable by unprivileged users during stack update and creation, creating a data confidentiality risk. Red Hat RHSA-2021:2119 documents this issue and provides remediation guidance via ...

7.5CVSS7.4AI score0.00998EPSS
CVE
CVE
added 2015/03/09 2:0 p.m.78 views

CVE-2014-3691

Foreman/foreman-proxy is affected by CVE-2014-3691 due to failure to validate SSL certificates in SSL-enabled mode, allowing remote attackers to bypass authentication and issue arbitrary API requests without a certificate. Affected versions: Foreman prior to 1.5.4 and foreman-proxy in Foreman 1.6...

7.5CVSS7.6AI score0.01706EPSS
CVE
CVE
added 2019/03/26 5:55 p.m.78 views

CVE-2019-3830

CVE-2019-3830 affects OpenStack Ceilometer (ceilometer-agent) where the agent prints sensitive configuration data to log files, exposing confidentiality. The issue is in ceilometer prior to version 12.0.0.0rc1. Red Hat and OSV/Red Hat advisories confirm the vulnerability and reference the fix: up...

7.8CVSS7.2AI score0.00386EPSS
CVE
CVE
added 2013/09/16 7:0 p.m.71 views

CVE-2013-4182

CVE-2013-4182 affects Foreman prior to 1.2.2, specifically the API at /api/v1/hosts handled by hosts_controller.rb, where access checks were insufficient. This allowed remote attackers to access arbitrary hosts via the API request. The publicly documented remediation is to upgrade to Foreman 1.2....

7.5CVSS6.9AI score0.02395EPSS
CVE
CVE
added 2016/04/15 5:0 p.m.68 views

CVE-2015-5271

CVE-2015-5271 affects TripleO Heat templates: the swiftproxy pipeline does not properly order Keystone before Swift staticweb middleware when staticweb is enabled, potentially allowing remote attackers to obtain sensitive information from private containers via unspecified vectors. This is docume...

7.5CVSS7.1AI score0.02415EPSS
CVE
CVE
added 2018/04/23 9:0 p.m.65 views

CVE-2016-9599

puppet-tripleo vulnerable to an access-control flaw in IPtables rules management prior to versions 5.5.0 and 6.2.0. The issue allows creation of TCP/UDP rules with empty port values, which can be exploited to access unauthorized resources when SSL is enabled. Affected component: puppet-tripleo IP...

7.5CVSS7.5AI score0.00852EPSS
CVE
CVE
added 2016/04/11 9:0 p.m.54 views

CVE-2015-5329

The CVE-2015-5329 issue affects TripleO Heat templates (tripleo-heat-templates) used with Red Hat Enterprise Linux OpenStack Platform 7.0. The root cause is improper use of RabbitMQ credentials, leading deployed overcloud services to be accessible with default credentials (guest/guest). Descripti...

7.5CVSS7.2AI score0.01517EPSS
CVE
CVE
added 2019/12/10 1:17 p.m.53 views

CVE-2013-1793

CVE-2013-1793 concerns openstack-utils and openstack-db with insecure password creation. The available connected documents confirm the affected components but do not provide remediation details. NVD metrics indicate a Network attack vector with no authentication required, and a high impact on con...

7.5CVSS7.6AI score0.01026EPSS