Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack - vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial o...
Openstack Neutron 18.0.0
Openstack Neutron
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 10.0
Redhat Openstack Platform 16.2
7.5
CVSSv3
CVE-2021-31918
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
Redhat Openstack 16.1
7.5
CVSSv3
CVE-2021-20270
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
Pygments Pygments
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 10.0
Redhat Software Collections -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
7.5
CVSSv3
CVE-2020-27827
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Lldpd Project Lldpd
Openvswitch Openvswitch
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack 13
Fedoraproject Fedora 33
Siemens Simatic Hmi Unified Comfort Panels Firmware
Siemens Simatic Net Cp 1243-1 Firmware -
Siemens Simatic Net Cp 1243-8 Irc Firmware -
Siemens Simatic Net Cp 1542sp-1 Firmware -
Siemens Simatic Net Cp 1542sp-1 Irc Firmware -
Siemens Simatic Net Cp 1543-1 Firmware -
Siemens Simatic Net Cp 1543sp-1 Firmware -
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Tim 1531 Irc Firmware
Siemens Sinumerik One Firmware
7.1
CVSSv3
CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi...
Redhat Ceph
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openshift Container Platform 4.0
Redhat Ceph Storage 4.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
5.9
CVSSv3
CVE-2020-25658
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
Python-rsa Project Python-rsa
Redhat Openstack Platform 16.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
6.6
CVSSv3
CVE-2020-14355
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send speci...
Spice Project Spice
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
Redhat Enterprise Linux Aus 8.2
Redhat Openstack 16.1
Redhat Enterprise Linux Tus 8.2
Redhat Enterprise Linux Update Services For Sap Solutions 8.0
3.2
CVSSv3
CVE-2020-25743
hw/ide/pci.c in QEMU prior to 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
Qemu Qemu
Redhat Openstack Platform 13.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
7.1
CVSSv3
CVE-2020-14365
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x prior to 2.8.15 and ansible-engine 2.9.x prior to 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the defaul...
Redhat Ansible Engine
Redhat Ansible Tower 3.0
Redhat Ansible Tower
Redhat Ceph Storage 2.0
Redhat Ceph Storage 3.0
Redhat Openstack Platform 10.0
Redhat Openstack Platform 13.0
Debian Debian Linux 10.0
5
CVSSv3
CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions prior to 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out r...
Qemu Qemu
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openstack 13
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »