Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack 1 vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv2
CVE-2020-1739
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by read...
Redhat Ansible Tower
Redhat Ansible
Redhat Cloudforms Management Engine 5.0
Redhat Openstack 13
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 10.0
3.7
CVSSv2
CVE-2020-1733
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is cr...
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 10.0
1 Github repository
6
CVSSv2
CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 prior to 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote us...
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
2.7
CVSSv2
CVE-2015-6815
The process_tx_desc function in hw/net/e1000.c in QEMU prior to 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows malicious users to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Desktop 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Linux 5.0
Redhat Openstack 6.0
Xen Xen 4.4.3
Xen Xen 4.5.1
6.4
CVSSv2
CVE-2019-14859
A flaw was found in all python-ecdsa versions prior to 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker coul...
Python-ecdsa Project Python-ecdsa
Redhat Ceph Storage 2.0
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Openstack 15
Redhat Virtualization 4.0
5
CVSSv2
CVE-2019-14818
A flaw was found in all dpdk version 17.x.x prior to 17.11.8, 16.x.x prior to 16.11.10, 18.x.x prior to 18.11.4 and 19.x.x prior to 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a...
Dpdk Data Plane Development Kit
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Openstack 10
Redhat Enterprise Linux Fast Datapath 8.0
Redhat Virtualization Eus 4.2
Fedoraproject Fedora 31
2.1
CVSSv2
CVE-2019-14846
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not af...
Redhat Ansible Engine
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Redhat Openstack 13
Redhat Ansible Engine 2.0
Redhat Ansible Engine 2.8.0
7.8
CVSSv2
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
7.8
CVSSv2
CVE-2019-9515
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame ...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 4.1
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
5.5
CVSSv2
CVE-2019-10156
A flaw exists in the way Ansible templating was implemented in versions prior to 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variab...
Redhat Ansible
Redhat Openstack 13
Redhat Openstack 14
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »