Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ansible ansible vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2019-19340
A flaw was found in Ansible Tower, versions 3.6.x prior to 3.6.2 and 3.5.x prior to 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is ...
Redhat Ansible Tower
Redhat Enterprise Linux 7.0
543
VMScore
CVE-2019-14904
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of ...
Redhat Ansible
Debian Debian Linux 9.0
Debian Debian Linux 10.0
517
VMScore
CVE-2020-5313
libImaging/FliDecode.c in Pillow prior to 6.2.2 has an FLI buffer overflow.
Python Pillow
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
2 Github repositories
516
VMScore
CVE-2019-17498
In libssh2 v1.9.0 and previous versions versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an malicious user to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclo...
Libssh2 Libssh2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Bootstrap Os -
1 Github repository
516
VMScore
CVE-2013-2233
Ansible prior to 1.2.1 makes it easier for remote malicious users to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys.
Redhat Ansible
505
VMScore
CVE-2015-1482
Ansible Tower (aka Ansible UI) prior to 2.0.5 allows remote malicious users to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/.
Ansible Tower
1 EDB exploit
490
VMScore
CVE-2021-21382
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship (https://gi...
Wire Restund
490
VMScore
CVE-2020-14296
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
Redhat Cloudforms Management Engine 4.7
Redhat Cloudforms Management Engine 5.0
490
VMScore
CVE-2019-10156
A flaw exists in the way Ansible templating was implemented in versions prior to 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variab...
Redhat Ansible
Redhat Openstack 13
Redhat Openstack 14
Debian Debian Linux 8.0
Debian Debian Linux 9.0
463
VMScore
CVE-2016-7070
A privilege escalation flaw was found in the Ansible Tower. When Tower prior to 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
Redhat Ansible Tower
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »