Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pacemaker configuration system vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2015-5190
The pcsd web UI in PCS 0.9.139 and previous versions allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
4.9
CVSSv2
CVE-2015-5189
Race condition in pcsd in PCS 0.9.139 and previous versions uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
4.3
CVSSv2
CVE-2015-3983
The pcs daemon (pcsd) in PCS 0.9.137 and previous versions does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE...
Fedora Pacemaker Configuration System
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started