Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack 13 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-10899
A flaw was found in Jolokia versions from 1.2 to prior to 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
Jolokia Jolokia
Redhat Openstack 13
6.4
CVSSv2
CVE-2019-14859
A flaw was found in all python-ecdsa versions prior to 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker coul...
Python-ecdsa Project Python-ecdsa
Redhat Ceph Storage 2.0
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Openstack 15
Redhat Virtualization 4.0
5.5
CVSSv2
CVE-2019-10156
A flaw exists in the way Ansible templating was implemented in versions prior to 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variab...
Redhat Ansible
Redhat Openstack 13
Redhat Openstack 14
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1.9
CVSSv2
CVE-2020-10685
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x prior to 2.7.17 and 2.8.x prior to 2.8.11 and 2.9.x prior to 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as ass...
Redhat Ansible Tower
Redhat Ansible Engine
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Ceph Storage 2.0
Redhat Storage 3.0
Redhat Openstack 13
Redhat Openstack 15
Debian Debian Linux 10.0
2.6
CVSSv2
CVE-2020-1738
A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2....
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
4
CVSSv2
CVE-2019-14433
An issue exists in OpenStack Nova prior to 17.0.12, 18.x prior to 18.2.2, and 19.x prior to 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could ...
Openstack Nova
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Debian Debian Linux 10.0
4
CVSSv2
CVE-2019-14856
ansible prior to 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
Redhat Ansible
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Redhat Openstack 13
3.6
CVSSv2
CVE-2020-10684
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x before 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker co...
Redhat Openstack 10
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
1 Github repository
6
CVSSv2
CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 prior to 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote us...
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
2.1
CVSSv2
CVE-2020-1736
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restricti...
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »