48 matches found
CVE-2020-9490
CVE-2020-9490 affects Apache HTTP Server versions 2.4.20–2.4.43. A specially crafted value for the Cache-Digest header in an HTTP/2 request could cause a crash when the server subsequently attempts to HTTP/2 PUSH a resource. Mitigation for unpatched servers is to disable HTTP/2 PUSH via H2Push of...
CVE-2019-9514
CVE-2019-9514 corresponds to an HTTP/2 vulnerability where an attacker floods a peer by sending HEADERS frames, causing unbounded memory growth and potential DoS. Public details in connected advisories show affected stacks include Go HTTP/2 implementations and Go-based tools, with remediation via...
CVE-2019-9515
CVE-2019-9515 concerns an HTTP/2 settings flood that can cause memory/CPU exhaustion. Arista’s security advisory (Security Advisory 0043) states the vulnerability is in Go’s gRPC HTTP/2 usage and can affect TerminAttr, OpenConfig, CVP, and certain Wi‑Fi OpenConfig-enabled components when enabled....
CVE-2018-10903
The CVE-2018-10903 issue affects python-cryptography versions >=1.9.0 and
CVE-2020-27827
CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...
CVE-2020-1711
CVE-2020-1711 affects the QEMU iSCSI Block driver: an out-of-bounds heap buffer access in iscsi_co_block_status() when processing iSCSI server responses for LBA status. A remote attacker could crash QEMU or potentially execute code with host-QEMU privileges, via a crafted response from the iSCSI ...
CVE-2018-2562
CVE-2018-2562 affects the MySQL Server component (Partition subcomponent) of Oracle MySQL. Affected versions include 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.19 and earlier. The vulnerability allows a low-privileged, network-attacker with access via multiple protocols to cause a hang or cr...
CVE-2015-3456
The CVE-2015-3456 VENOM issue affects QEMU’s Floppy Disk Controller emulation (FDC), also used by VirtualBox and other virtualization stacks in Xen 4.5.x and earlier and KVM. The vulnerability is a buffer/out-of-bounds condition in the FDC where certain commands (notably FD_CMD_READ_ID and FD_CMD...
CVE-2019-10192
CVE-2019-10192 is a heap-buffer overflow in Redis HyperLogLog used by SETRANGE. Affected: Redis HyperLogLog in 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. By corrupting a hyperloglog, an attacker can cause Redis to write up to 3 bytes beyond the end of a heap-allocated buffer. Imp...
CVE-2019-16786
Waitress (Python WSGI server) before version 1.4.0 exposed an HTTP request-smuggling vulnerability related to Transfer-Encoding. If a request’s Transfer-Encoding header was not finalised as chunked, Waitress could ignore the header and fall back to Content-Length, potentially allowing HTTP pipeli...
CVE-2019-11287
CVE-2019-11287 affects Pivotal RabbitMQ and RabbitMQ for Pivotal Platform web management plugin. Versions 3.7.x before 3.7.21, 3.8.x before 3.8.1, and 1.16.x before 1.16.7 and 1.17.x before 1.17.4 are vulnerable. The vulnerability allows a crafted X-Reason HTTP header to inject a malicious Erlang...
CVE-2018-2755
CVE-2018-2755 affects Oracle MySQL Server (Server: Replication) and is present in supported MySQL/MariaDB branches up to specific prior versions: 5.5.59 and earlier, 5.6.39 and earlier, and 5.7.21 and earlier. The issue allows takeover of MySQL Server and requires logon with user interaction; imp...
CVE-2019-10193
CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...
CVE-2019-16785
Summary: The vulnerability CVE-2019-16785 affects Waitress (Python WSGI server) up to v1.3.1. It relates to RFC7230’s line-termination rule: Waitress may treat messages inconsistently when a proxy uses LF vs CRLF, enabling HTTP request smuggling/splitting. Impact is the front-end and back-end par...
CVE-2018-10875
CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...
CVE-2019-14846
CVE-2019-14846 affects Ansible Engine where all 2.x lines up to 2.8.5 (and similar older branches) could disclose credentials because plugins logging at DEBUG level log sensitive data. The flaw does not affect Ansible modules (they run in a separate process). Public docs show multiple vendors/adv...
CVE-2019-14905
The CVE-2019-14905 issue affects Ansible Engine’s nxos_file_copy module, where the filename parameter could be crafted to inject OS commands on NXOS devices. This is a local attack with potential confidentiality, integrity, and availability impacts as described (loss of confidentiality, etc.). Af...
CVE-2018-1000127
The CVE-2018-1000127 issue affects memcached prior to 1.4.37, caused by an Integer Overflow in items.c:item_free() that can lead to data corruption and deadlocks due to reusing hash-table entries from a free list. It is exploitable over the network to the memcached service. The vulnerability is f...
CVE-2012-6685
Nokogiri prior to 1.5.4 is vulnerable to XML External Entity (XXE) attacks. The issue arises in the XML parsing path (XXE) and is documented under CVE-2012-6685. Exploitation details are not provided beyond the XXE description. Affected software: Nokogiri (Ruby library). Root cause: XXE in XML pr...
CVE-2017-10664
CVE-2017-10664 affects qemu-nbd in QEMU. The issue arises because SIGPIPE is not ignored, allowing remote attackers to trigger a denial of service (daemon crash) by disconnecting during a server-to-client reply. The vulnerability is referenced across multiple advisories and Nessus plugins (e.g., ...
CVE-2015-8080
CVE-2015-8080 is an in Redis where the getnum function in lua_struct.c can overflow an integer if a Lua script processes a large number. Affects Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6. The described impact is memory corruption and application crash, with potential sandbox circumvention....
CVE-2020-10684
Ansible Engine vulnerable scope: versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7 allow an attacker to alter ansible_facts when inject is enabled, potentially leading to privilege escalation or code injection. Connected advisories confirm the same underlying issue and pro...
CVE-2019-0223
CVE-2019-0223 concerns Apache Qpid Proton (C library and bindings) versions 0.9–0.27.0. Under TLS with OpenSSL versions before 1.1.0, a peer could be connected anonymously even when peer cert verification is configured, enabling a potential undetected man-in-the-middle attack if TLS traffic is in...
CVE-2018-1000115
CVE-2018-1000115 – Memcached UDP amplification vulnerability. Memcached 1.5.5 contains an Insufficient Control of Network Message Volume (CWE-406) in UDP support, enabling a remote attacker to perform a denial-of-service via UDP traffic to port 11211 (amplification ~1:50,000). The issue is mitiga...
CVE-2018-10874
CVE-2018-10874 affects Ansible. The issue arises when inventory variables are loaded from the current working directory during ad-hoc commands, which attackers can control, enabling arbitrary code execution (local attacker could compromise the target via manipulated inventory vars). The NVD entry...
CVE-2019-14818
The CVE-2019-14818 issue affects DPDK packages in multiple lines: 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4, and 19.x.x before 19.08.1. A malicious master or a container with access to a vhost_user socket can send crafted VRING_SET_NUM messages, causing a memory leak th...
CVE-2015-3209
CVE-2015-3209 : Heap-based buffer overflow in the QEMU PCNET network device allows remote code execution via crafted packet sequences (TXSTATUS_STARTPACKET then TXSTATUS_DEVICEOWNS). This is a QEMU vulnerability discussed in multiple advisories (notably Arista/Security Advisory 0013 and F5/Multi-...
CVE-2017-8309
CVE-2017-8309 refers to a memory leak in QEMU’s audio subsystem (audio.c) that can be exploited remotely to cause a denial of service by repeatedly starting and stopping audio capture. The initial description explicitly states the issue and impact. Connected sources list the CVE in vendor advisor...
CVE-2016-5126
Summary of CVE-2016-5126 family in Debian DLA-1927-1 (qemu security update) Debian DLA-1927-1 documents multiple QEMU vulnerabilities, including CVE-2016-5126 (heap-based buffer overflow in iscsi_aio_ioctl in block/iscsi.c) which allows a local guest user to crash the QEMU process or potentially ...
CVE-2017-7980
CVE-2017-7980 detailed : A heap-based buffer overflow in QEMU’s Cirrus CLGD 54xx VGA Emulator (Cirrus CLGD 54xx) used with Quick Emulator/ QEMU up to version 2.8 enables a local privileged guest to execute arbitrary code or cause a denial of service by exploiting a vulnerability when a VNC client...
CVE-2013-2882
CVE-2013-2882 affects Google V8 (used by Google Chrome) prior to Chrome/Chromium 28.0.1500.95, where type confusion could lead to remote denial of service and possibly other unspecified impact. Connected sources reference the same CVE in relation to Chromium/V8 vulnerabilities, but none of the do...
CVE-2017-18191
CVE-2017-18191 - OpenStack Nova: In OpenStack Nova 15.x (up to 15.1.0) and 16.x (up to 16.1.1), detaching and reattaching an encrypted volume can allow an attacker to access the underlying raw volume and corrupt the LUKS header, causing a denial of service on the compute host (data loss is noted ...
CVE-2015-5225
CVE-2015-5225 : In QEMU, a heap-based buffer overflow arises in the vnc_refresh_server_surface() function of the VNC display driver. A local attacker within the guest could exploit this to cause heap memory corruption and host process crash, or possibly execute arbitrary code on the host. The pro...
CVE-2018-17205
Open vSwitch CVE-2018-17205 affects 2.7.x–2.7.6 in the bundle commit path (ofproto_rule_insert__) where, if a flow fails to be added, OvS reverts previous flows from the same bundle. While reinserting old flows, an assertion failure on rule state != RULE_INITIALIZED occurs because the old flow st...
CVE-2017-2673
The CVE-2017-2673 entry concerns an authorization-check flaw in OpenStack Keystone federation configurations. An authenticated federated user could request permissions to a project and be unintentionally granted all related roles, including administrative roles, due to inadequate authorization ch...
CVE-2016-4985
CVE-2016-4985 affects the OpenStack Ironic project, specifically the ironic-api service. The vulnerability allows an attacker with network access to the ironic-api to bypass authentication and retrieve full details of a registered node by knowing the node’s MAC address and sending a crafted POST ...
CVE-2017-15139
CVE-2017-15139 affects OpenStack Cinder up to Queens, specifically ScaleIO volumes using thin volumes with zero padding. The vulnerability can lead to leakage of sensitive data between tenants when new volumes are created in certain configurations. Public documentation in connected items confirms...
CVE-2018-16856
CVE-2018-16856 affects the OpenStack Load Balancing service (openstack-octavia) in Red Hat OpenStack Platform Director installations. In affected builds, openstack-octavia before versions 2.0.2-5 and 3.0.1-0.20181009115732 creates log files readable by all users, allowing sensitive data such as p...
CVE-2017-7539
CVE-2017-7539 affects QEMU’s NBD server: an assertion-failure during initial connection negotiation can crash qemu-nbd, enabling a remote DoS. Affected product: QEMU/NBD server prior to 2.10.1. Root cause: I/O coroutine in the initial negotiation is undefined. Impact: Denial of service via server...
CVE-2013-4386
Foreman (prior to 1.2.3) contains SQL injection vulnerabilities in app/models/concerns/host_common.rb that allow remote attackers to execute arbitrary SQL via the fqdn or hostgroup parameters. This impacts Foreman versions before 1.2.3; remediation is to upgrade to 1.2.3 or later (as noted by Red...
CVE-2021-31918
CVE-2021-31918 affects tripleo-ansible as shipped in Red Hat OpenStack Platform 16.1.6. The Ansible log file is readable by unprivileged users during stack update and creation, creating a data confidentiality risk. Red Hat RHSA-2021:2119 documents this issue and provides remediation guidance via ...
CVE-2014-3691
Foreman/foreman-proxy is affected by CVE-2014-3691 due to failure to validate SSL certificates in SSL-enabled mode, allowing remote attackers to bypass authentication and issue arbitrary API requests without a certificate. Affected versions: Foreman prior to 1.5.4 and foreman-proxy in Foreman 1.6...
CVE-2019-3830
CVE-2019-3830 affects OpenStack Ceilometer (ceilometer-agent) where the agent prints sensitive configuration data to log files, exposing confidentiality. The issue is in ceilometer prior to version 12.0.0.0rc1. Red Hat and OSV/Red Hat advisories confirm the vulnerability and reference the fix: up...
CVE-2013-4182
CVE-2013-4182 affects Foreman prior to 1.2.2, specifically the API at /api/v1/hosts handled by hosts_controller.rb, where access checks were insufficient. This allowed remote attackers to access arbitrary hosts via the API request. The publicly documented remediation is to upgrade to Foreman 1.2....
CVE-2015-5271
CVE-2015-5271 affects TripleO Heat templates: the swiftproxy pipeline does not properly order Keystone before Swift staticweb middleware when staticweb is enabled, potentially allowing remote attackers to obtain sensitive information from private containers via unspecified vectors. This is docume...
CVE-2016-9599
puppet-tripleo vulnerable to an access-control flaw in IPtables rules management prior to versions 5.5.0 and 6.2.0. The issue allows creation of TCP/UDP rules with empty port values, which can be exploited to access unauthorized resources when SSL is enabled. Affected component: puppet-tripleo IP...
CVE-2015-5329
The CVE-2015-5329 issue affects TripleO Heat templates (tripleo-heat-templates) used with Red Hat Enterprise Linux OpenStack Platform 7.0. The root cause is improper use of RabbitMQ credentials, leading deployed overcloud services to be accessible with default credentials (guest/guest). Descripti...
CVE-2013-1793
CVE-2013-1793 concerns openstack-utils and openstack-db with insecure password creation. The available connected documents confirm the affected components but do not provide remediation details. NVD metrics indicate a Network attack vector with no authentication required, and a high impact on con...