17 matches found
CVE-2020-25717
CVE-2020-25717 affects Samba: an authenticated user mapping domain users to local users can lead to privilege escalation. Public references in Connected documents confirm this is a Samba issue (no exploit details provided here). Several advisories and vendor notes indicate patches or updated pack...
CVE-2018-1000807
CVE-2018-1000807 concerns Python-pyOpenSSL before 17.5.0, with a CWE-416 Use-After-Free in X509 object handling that can lead to denial of service or remote code execution. The vulnerability is reported as fixed in 17.5.0. Connected sources (SUSE-SU-2024:1626-1; SUSE-SU-2024:3749-1; OSV entries) ...
CVE-2018-10915
CVE-2018-10915 affects libpq: the PostgreSQL client library may fail to reset internal state between connections, enabling untrusted host/hostaddr parameters to bypass client-side security and potentially enable access to higher-privilege connections or related SQL-injection impacts via PQescape(...
CVE-2021-3656
CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...
CVE-2019-16789
Affected software: Waitress (Python WSGI server) up to version 1.4.0. Vulnerability arises when a front-end proxy sends requests with Transfer-Encoding containing invalid whitespace characters; Waitress may parse such requests as chunked while the front-end uses Content-Length, enabling HTTP requ...
CVE-2018-11806
CVE-2018-11806 affects QEMU where the SLiRP networking back-end (mbuf.c) can perform a heap-based buffer overflow when reassembling fragmented datagrams. The described impact in the connected documents includes a potential host compromise via arbitrary code execution or denial of service due to a...
CVE-2016-3710
CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...
CVE-2016-1568
CVE-2016-1568 is a use-after-free in QEMU’s AHCI emulation (hw/ide/ahci.c) when IDE AHCI Emulation is enabled. A guest user can cause a denial of service (QEMU process crash) and potentially execute arbitrary code via an invalid AHCI NCQ AIO command. The issue is triggered by use-after-free in NC...
CVE-2017-7466
CVE-2017-7466 is a vulnerability in Ansible prior to version 2.3, where input validation of data returned by client systems could be exploited by a compromised client to execute arbitrary code on the Ansible server with the server’s privileges. Public sources in the provided documents reference R...
CVE-2019-3895
CVE-2019-3895 describes an access-control flaw in the OpenStack Octavia service when deployed with Red Hat OpenStack Platform Director. The issue lets an attacker cause new amphorae to run from an arbitrary image; a remote attacker could upload a compromised amphora image and Octavia could spawn ...
CVE-2016-1714
CVE-2016-1714 – QEMU firmware config flaw. Local CAP_SYS_RAWIO users can trigger out-of-bounds reads/writes in hw/nvram/fw_cfg.c (fw_cfg_write/fw_cfg_read) when Firmware Configuration device emulation is enabled, potentially crashing the guest or allowing code execution on the host. Affected: QEM...
CVE-2016-2857
CVE-2016-2857 is a QEMU vulnerability in the IP checksum routines: the net_checksum_calculate function in net/checksum.c permits local (guest) users to trigger an out-of-bounds heap read, crashing the QEMU process via a crafted packet payload length. Multiple Nessus/MIRACLE-Linux advisories refer...
CVE-2018-10899
CVE-2018-10899 affects Jolokia versions 1.2 through 1.6.0 (up to before 1.6.1). Affected instances are vulnerable to a system-wide CSRF when origin/referrer checks are not properly enforced, which could lead to Remote Code Execution. The root cause is insufficient CSRF protection under strict ori...
CVE-2022-38065
The CVE-2022-38065 issue affects the OpenStack oslo.privsep functionality (git master 05194e7618 and earlier). The vulnerability arises from overly permissive privileged operations in tools leveraging this library inside containers, causing privilege escalation. The described impact is High with ...
CVE-2018-10898
CVE-2018-10898 affects openstack-tripleo-heat-templates prior to 8.0.2-40. When deploying with Director in RHOSP13, Opendaylight is configured with easily guessable default credentials, as described in multiple sources (Red Hat RHSA-2018:2214 and CNVD/OSV entries). The issue arises from default c...
CVE-2017-2627
CVE-2017-2627 affects openstack-tripleo-common as shipped with Red Hat OpenStack Enterprise 10 and 11. The sudoers configuration for the mistral user contains wildcards enabling directory traversal, and it grants passwordless root access to the validations user. These issues create local privileg...
CVE-2016-4474
CVE-2016-4474 affects Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) overcloud-full images. The image build process uses a default root password (ROOTPW/rootpw), enabling potential remote root access via unspecified vectors. Red Hat ad...