Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-1633
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated malicious user to read the configuration file, gaining access to sensitive credentials.
Openstack Barbican -
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
Redhat Openstack Platform 17.0
5
CVSSv3
CVE-2023-1636
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any ...
Openstack Barbican -
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
Redhat Openstack Platform 17.0
6.5
CVSSv3
CVE-2022-3277
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were...
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 16.2
Openstack Neutron
7.5
CVSSv3
CVE-2017-7539
An assertion-failure flaw was found in Qemu prior to 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation....
Qemu Qemu
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 3.0
6
CVSSv3
CVE-2016-7466
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.
Qemu Qemu
Opensuse Leap 42.2
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 4.0
5.5
CVSSv3
CVE-2022-3146
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local malicious user to use brute force to explore the relevant directory and discover the file. This issue leads...
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack For Ibm Power 16.1
Redhat Openstack For Ibm Power 16.2
Openstack Tripleo Ansible -
5.5
CVSSv3
CVE-2022-3101
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local malicious user to use brute force to explore the relevant directory and discover the file, leading to infor...
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack For Ibm Power 16.1
Redhat Openstack For Ibm Power 16.2
Openstack Tripleo Ansible -
6.5
CVSSv3
CVE-2019-9735
An issue exists in the iptables firewall module in OpenStack Neutron prior to 10.0.8, 11.x prior to 11.0.7, 12.x prior to 12.0.6, and 13.x prior to 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for exam...
Openstack Neutron
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Debian Debian Linux 9.0
NA
CVE-2014-0134
The instance rescue mode in OpenStack Compute (Nova) 2013.2 prior to 2013.2.3 and Icehouse prior to 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk ...
Openstack Compute 2013.2
Openstack Compute 2013.2.1
Openstack Compute 2013.2.2
6.5
CVSSv3
CVE-2015-5695
Designate 2015.1.0 up to and including 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote malicious users to cause a denial of service (infinite ...
Openstack Designate 2015.1.0
Openstack Designate 1.0.0.0b1
Openstack Designate 1.0.0a0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »