Show filters
341 Total Results
Displaying 51-60 of 341
Sort by:
Attacker Value
Unknown
CVE-2020-14394
Disclosure Date: August 17, 2022 (last updated February 24, 2025)
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
0
Attacker Value
Unknown
CVE-2022-36913
Disclosure Date: July 27, 2022 (last updated February 24, 2025)
Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
0
Attacker Value
Unknown
CVE-2022-36912
Disclosure Date: July 27, 2022 (last updated February 24, 2025)
A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
0
Attacker Value
Unknown
CVE-2022-36911
Disclosure Date: July 27, 2022 (last updated February 24, 2025)
A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.
0
Attacker Value
Unknown
CVE-2022-1655
Disclosure Date: July 22, 2022 (last updated February 24, 2025)
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity.
0
Attacker Value
Unknown
CVE-2022-0866
Disclosure Date: May 10, 2022 (last updated February 23, 2025)
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it's also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all v…
0
Attacker Value
Unknown
CVE-2022-27239
Disclosure Date: April 27, 2022 (last updated February 23, 2025)
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
0
Attacker Value
Unknown
CVE-2021-4180
Disclosure Date: March 23, 2022 (last updated February 23, 2025)
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.
0
Attacker Value
Unknown
CVE-2021-3656
Disclosure Date: March 04, 2022 (last updated February 23, 2025)
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
0
Attacker Value
Unknown
CVE-2021-3620
Disclosure Date: March 03, 2022 (last updated February 23, 2025)
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
0