Openstack Cloud Security Vulnerabilities and Issues — Openstack Cloud CVE List

Lucene search

SuseOpenstack Cloud

10 matches found

cve•added 2016/05/05 6:59 p.m.•1066 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

5.8CVSS6.3AI score0.86045EPSS

In wild

cve•added 2016/05/05 6:59 p.m.•1062 views

CVE-2016-3718

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.5CVSS6.7AI score0.87335EPSS

In wild

cve•added 2017/10/17 1:29 p.m.•367 views

CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.6AI score0.00387EPSS

cve•added 2017/10/17 1:29 p.m.•366 views

CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.7AI score0.00346EPSS

cve•added 2017/10/17 1:29 p.m.•333 views

CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3CVSS6.9AI score0.01473EPSS

cve•added 2017/10/17 1:29 p.m.•259 views

CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3CVSS6.7AI score0.01113EPSS

cve•added 2017/10/17 1:29 p.m.•235 views

CVE-2017-13087

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3CVSS6.6AI score0.00324EPSS

cve•added 2017/10/17 1:29 p.m.•223 views

CVE-2017-13088

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3CVSS6.6AI score0.00279EPSS

cve•added 2016/07/05 1:59 a.m.•152 views

CVE-2016-4956

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

5.3CVSS6.4AI score0.02275EPSS

cve•added 2016/07/05 1:59 a.m.•136 views

CVE-2016-4955

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.

5.9CVSS6.3AI score0.05194EPSS