Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nova vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2013-0326
OpenStack nova base images permissions are world readable
Openstack Nova -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2019-14433
An issue exists in OpenStack Nova prior to 17.0.12, 18.x prior to 18.2.2, and 19.x prior to 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could ...
Openstack Nova
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Debian Debian Linux 10.0
NA
CVE-2012-3361
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
Openstack Essex 2012.1
Openstack Folsom 2012.2
Openstack Diablo 2011.3
NA
CVE-2013-4469
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual si...
Openstack Havana -
Openstack Grizzly -
Openstack Folsom -
NA
CVE-2013-4463
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix fo...
Openstack Havana -
Openstack Grizzly -
Openstack Folsom -
NA
CVE-2013-0208
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.
Openstack Essex -
Openstack Folsom -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
NA
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of...
Openstack Folsom 2012.2
Openstack Essex 2012.1
NA
CVE-2012-5625
OpenStack Compute (Nova) Folsom prior to 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows malicious users to obtain sensitive information by reading the memory of ...
Openstack Folsom 2012.2
Openstack Grizzly -
NA
CVE-2013-1068
The OpenStack Nova (python-nova) package 1:2013.2.3-0 prior to 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 prior to 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 prior to 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 prior to 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 a...
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 13.10
NA
CVE-2013-1838
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to th...
Openstack Folsom 2012.2
Openstack Grizzly 2012.2
Openstack Essex 2012.1
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »