Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nova vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-8749
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) prior to 2015.1.3 (kilo) and 12.0.x prior to 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow malicious users to obtain sensi...
Openstack Nova
356
VMScore
CVE-2012-1585
OpenStack Compute (Nova) Essex prior to 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
Openstack Nova
NA
CVE-2022-37394
An issue exists in OpenStack Nova prior to 23.2.2, 24.x prior to 24.1.2, and 25.x prior to 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user ma...
Openstack Nova
312
VMScore
CVE-2016-2140
The libvirt driver in OpenStack Compute (Nova) prior to 2015.1.4 (kilo) and 12.0.x prior to 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root di...
Openstack Nova
445
VMScore
CVE-2011-3147
Versions of nova prior to 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
Openstack Nova
383
VMScore
CVE-2011-4076
OpenStack Nova prior to 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an malicious user t...
Openstack Nova
534
VMScore
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova prior to 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
Openstack Nova
605
VMScore
CVE-2015-3280
OpenStack Compute (nova) prior to 2014.2.4 (juno) and 2015.1.x prior to 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
Openstack Nova
187
VMScore
CVE-2015-9543
An issue exists in OpenStack Nova prior to 18.2.4, 19.x prior to 19.1.0, and 20.x prior to 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy ar...
Openstack Nova
445
VMScore
CVE-2018-7956
Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions prior to 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.
Huawei Vip App
Huawei Mate 20 Firmware -
Huawei Nova 3i Firmware -
Huawei Nova 3 Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »