Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack 5.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-7231
The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove prior to 2013.2.4 and 2014.1 prior to 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.
Openstack Cinder
Openstack Nova
Openstack Trove
Redhat Openstack 5.0
2.1
CVSSv2
CVE-2014-7230
The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove prior to 2013.2.4 and 2014.1 prior to 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
Openstack Trove
Openstack Cinder
Openstack Nova
Redhat Openstack 5.0
Canonical Ubuntu Linux 14.04
7.7
CVSSv2
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
5
CVSSv2
CVE-2012-6685
Nokogiri prior to 1.5.4 is vulnerable to XXE attacks
Nokogiri Nokogiri
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openshift 2.0
Redhat Openstack 4.0
Redhat Openstack 6.0
Redhat Openstack Foreman -
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
1 Article
2.6
CVSSv2
CVE-2020-1738
A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2....
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
2.1
CVSSv2
CVE-2020-1736
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restricti...
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
Fedoraproject Fedora 31
Fedoraproject Fedora 32
4.3
CVSSv2
CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
Nokogiri Nokogiri
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openstack 3.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
4.3
CVSSv2
CVE-2013-6461
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
Nokogiri Nokogiri
Debian Debian Linux 10.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
Redhat Openstack 3.0
Redhat Enterprise Mrg 2.0
Redhat Cloudforms Management Engine 5.0
9
CVSSv2
CVE-2016-9603
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support prior to 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process insi...
Qemu Qemu
Redhat Enterprise Linux Desktop 7.0
Citrix Xenserver 7.0
Redhat Enterprise Linux Workstation 7.0
Citrix Xenserver 7.1
Redhat Openstack 5.0
Redhat Enterprise Linux Server 7.0
Redhat Openstack 7.0
Citrix Xenserver 6.0.2
Debian Debian Linux 7.0
Citrix Xenserver 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Citrix Xenserver 6.2.0
Redhat Enterprise Linux Workstation 6.0
Redhat Openstack 6.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Openstack 10
NA
CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
Qemu Qemu 6.1.50
Fedoraproject Fedora 33
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 37
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 8.0
Redhat Openstack Platform 13.0
Redhat Openstack Platform 10.0
Redhat Enterprise Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »