Show filters
17 Total Results
Displaying 11-17 of 17
Sort by:
Attacker Value
Unknown
CVE-2012-6685
Disclosure Date: February 19, 2020 (last updated February 21, 2025)
Nokogiri before 1.5.4 is vulnerable to XXE attacks
0
Attacker Value
Unknown
CVE-2019-14864
Disclosure Date: January 02, 2020 (last updated February 21, 2025)
Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.
0
Attacker Value
Unknown
CVE-2014-3536
Disclosure Date: December 15, 2019 (last updated November 27, 2024)
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
0
Attacker Value
Unknown
CVE-2013-6461
Disclosure Date: November 05, 2019 (last updated November 27, 2024)
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
0
Attacker Value
Unknown
CVE-2013-6460
Disclosure Date: November 05, 2019 (last updated November 27, 2024)
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
0
Attacker Value
Unknown
CVE-2017-7528
Disclosure Date: August 22, 2018 (last updated November 27, 2024)
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback).
0
Attacker Value
Unknown
CVE-2016-3702
Disclosure Date: April 21, 2017 (last updated November 26, 2024)
Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.
0
