CVE-2025-14874

all versions

A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that trigge

7.5HIGH

CVE-2025-13601

all versions

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string(

7.7HIGH

CVE-2023-48795

all versions

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker

5.9MEDIUM

CVE-2023-44487

all versions

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2023-0056

all versions

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow

6.5MEDIUM

CVE-2022-3854

all versions

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing

6.5MEDIUM

CVE-2021-3979

all versions

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in

6.5MEDIUM

CVE-2022-0670

< 5.2

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share o

9.1CRITICAL

CVE-2022-26148

all versions

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc

9.8CRITICAL

CVE-2021-4048

all versions

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also

9.1CRITICAL

CVE-2021-20236

all versions

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overfl

9.8CRITICAL

CVE-2021-3509

all versions

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved fro

6.1MEDIUM

CVE-2021-3531

all versions

A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that en

5.3MEDIUM

CVE-2021-3524

all versions

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is relate

6.5MEDIUM

CVE-2021-20288

all versions

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests,

7.2HIGH

CVE-2020-25678

all versions

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by se

4.4MEDIUM

CVE-2020-27781

all versions

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege es

7.1HIGH

CVE-2020-25677

all versions

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This

5.5MEDIUM

CVE-2020-25660

all versions

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph

8.8HIGH

CVE-2020-25626

all versions

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django R

6.1MEDIUM

CVE-2020-14365

all versions

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when install

7.1HIGH

CVE-2020-10753

all versions

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP

5.4MEDIUM

CVE-2020-10685

all versions

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before

5.0MEDIUM

CVE-2020-12458

all versions

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/

5.5MEDIUM

CVE-2020-1760

all versions

A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lea

5.8MEDIUM

CVE-2020-1699

all versions

A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage a

7.5HIGH

CVE-2020-1759

all versions

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability

6.4MEDIUM

CVE-2020-1712

all versions

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed

7.8HIGH

CVE-2019-14905

all versions

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, wher

5.6MEDIUM

CVE-2019-14864

all versions

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_l

6.5MEDIUM

CVE-2019-14859

all versions

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encodin

9.1CRITICAL

CVE-2019-19337

all versions

A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated

6.5MEDIUM

CVE-2019-10222

all versions

A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker c

7.5HIGH

CVE-2018-14662

all versions

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption

5.7MEDIUM

CVE-2018-16846

all versions

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding

6.5MEDIUM

CVE-2018-19039

all versions

Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin

6.5MEDIUM

CVE-2018-14649

all versions

It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. T

9.8CRITICAL

CVE-2018-15727

all versions

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid

9.8CRITICAL

CVE-2016-9579

all versions

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origi

6.5MEDIUM

CVE-2018-10875

all versions

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plu

7.8HIGH

CVE-2018-1129

all versions

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph

6.5MEDIUM

CVE-2018-1128

all versions

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any att

7.5HIGH

CVE-2018-10861

all versions

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, cre

8.1HIGH

CVE-2018-1059

all versions

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when p

6.1MEDIUM

CVE-2016-7031

<= 1.3.2

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket

7.5HIGH