Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack neutron vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2014-7821
OpenStack Neutron prior to 2014.1.4 and 2014.2.x prior to 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.
Openstack Neutron
Fedoraproject Fedora 20
Redhat Openstack 4.0
356
VMScore
CVE-2014-6414
OpenStack Neutron prior to 2014.2.4 and 2014.1 prior to 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
Openstack Neutron
Canonical Ubuntu Linux 14.04
356
VMScore
CVE-2014-3555
OpenStack Neutron prior to 2013.2.4, 2014.x prior to 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
Openstack Neutron 2014.1
Openstack Neutron 2014.1.1
Openstack Neutron Juno-1
Openstack Neutron 2013.2.4
312
VMScore
CVE-2018-14636
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete....
Openstack Neutron
Openstack Neutron 13.0.0
312
VMScore
CVE-2015-5240
Race condition in OpenStack Neutron prior to 2014.2.4 and 2015.1 prior to 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: befor...
Openstack Neutron 2015.1.1
Openstack Neutron 2014.2.3
Openstack Neutron 2015.1.0
187
VMScore
CVE-2014-0056
The l3-agent in OpenStack Neutron 2012.2 prior to 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.
Openstack Neutron 2013.2.2
Openstack Neutron 2012.2.4
Openstack Neutron 2013.1.1
Openstack Neutron 2012.2.2
Openstack Neutron 2013.1.3
Openstack Neutron 2012.2.1
Openstack Neutron 2013.2
Openstack Neutron 2013.1.4
Openstack Neutron 2013.1.5
Openstack Neutron 2013.1
Openstack Neutron 2012.2.3
Openstack Neutron 2013.1.2
Openstack Neutron 2012.2
Openstack Neutron 2013.2.1
Canonical Ubuntu Linux 13.10
NA
CVE-2023-3637
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were...
Redhat Openstack Platform 13.0
Redhat Openstack Platform 16.2
NA
CVE-2022-3277
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were...
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 16.2
Openstack Neutron
NA
CVE-2022-37394
An issue exists in OpenStack Nova prior to 23.2.2, 24.x prior to 24.1.2, and 25.x prior to 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user ma...
Openstack Nova
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2