Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nova vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-3280
OpenStack Compute (nova) prior to 2014.2.4 (juno) and 2015.1.x prior to 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
Openstack Nova
4
CVSSv2
CVE-2012-1585
OpenStack Compute (Nova) Essex prior to 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
Openstack Nova
6
CVSSv2
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova prior to 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
Openstack Nova
NA
CVE-2022-37394
An issue exists in OpenStack Nova prior to 23.2.2, 24.x prior to 24.1.2, and 25.x prior to 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user ma...
Openstack Nova
2.1
CVSSv2
CVE-2015-9543
An issue exists in OpenStack Nova prior to 18.2.4, 19.x prior to 19.1.0, and 20.x prior to 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy ar...
Openstack Nova
4.3
CVSSv2
CVE-2015-8749
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) prior to 2015.1.3 (kilo) and 12.0.x prior to 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow malicious users to obtain sensi...
Openstack Nova
5
CVSSv2
CVE-2011-3147
Versions of nova prior to 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
Openstack Nova
4.3
CVSSv2
CVE-2020-17362
search.php in the Nova Lite theme prior to 1.3.9 for WordPress allows Reflected XSS.
Themeinprogress Nova Lite
4
CVSSv2
CVE-2017-17051
An issue exists in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regress...
Openstack Nova 16.0.3
5
CVSSv2
CVE-2015-3951
RLE Nova-Wind Turbine HMI devices store cleartext credentials, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Rle Nova-wind Turbine Hmi Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »