CVE-2026-43001

>= 13.0.0 and <= 19.0.0

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projec

7.9HIGH

CVE-2024-40767

< 27.4.1

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafte

6.5MEDIUM

CVE-2024-32498

< 27.3.1

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access ca

6.5MEDIUM

CVE-2022-45582

>= 19.4.0 and <= 20.1.4

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.

6.1MEDIUM

CVE-2023-2088

all versions

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by acc

6.5MEDIUM

CVE-2022-3146

all versions

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not suffici

5.5MEDIUM

CVE-2022-3101

all versions

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not suffici

5.5MEDIUM

CVE-2022-4134

all versions

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising

2.8LOW

CVE-2022-3277

< 18.6.0

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a

6.5MEDIUM

CVE-2022-47951

< 24.1.2

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.

5.7MEDIUM

CVE-2022-3100

all versions

A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing

5.9MEDIUM

CVE-2022-38065

all versions

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly

8.8HIGH

CVE-2022-2447

all versions

A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a

6.6MEDIUM

CVE-2021-3563

all versions

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypa

7.4HIGH

CVE-2022-37394

< 23.2.2

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port wi

3.3LOW

CVE-2022-1655

all versions

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies a

6.5MEDIUM

CVE-2021-4180

all versions

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname.

4.3MEDIUM

CVE-2021-3656

all versions

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual

8.8HIGH

CVE-2021-3620

all versions

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials i

5.5MEDIUM

CVE-2021-3654

< 21.2.3

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect t

6.1MEDIUM

CVE-2021-3930

all versions

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_s

6.5MEDIUM

CVE-2020-25717

all versions

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possibl

8.1HIGH

CVE-2016-2124

all versions

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext passw

5.9MEDIUM

CVE-2021-40797

< 16.4.1

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. B

6.5MEDIUM

CVE-2021-40085

< 16.4.1

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers ca

6.5MEDIUM

CVE-2021-38598

< 16.4.1

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver

9.1CRITICAL

CVE-2021-38155

>= 10.0.0 and < 16.0.2

OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows informat

7.5HIGH

CVE-2020-1690

< 0.8.24

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a

6.5MEDIUM

CVE-2021-20267

< 16.3.3

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in contr

7.1HIGH

CVE-2021-31918

all versions

A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users du

7.5HIGH

CVE-2020-27827

all versions

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating d

7.5HIGH

CVE-2020-29565

>= 15.3.0 and < 15.3.2

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. T

6.1MEDIUM

CVE-2020-14355

all versions

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before

6.6MEDIUM

CVE-2020-14364

all versions

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs whil

5.0MEDIUM

CVE-2020-17376

< 19.3.1

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0.

8.3HIGH

CVE-2020-9490

all versions

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would re

7.5HIGH

CVE-2020-10756

all versions

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the

6.5MEDIUM

CVE-2019-14900

all versions

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the

6.5MEDIUM

CVE-2020-10753

all versions

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP

5.4MEDIUM

CVE-2018-16848

<= 7.0.3

A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially

6.5MEDIUM

CVE-2020-10755

< 14.1.0

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.

6.5MEDIUM

CVE-2020-10711

all versions

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while i

5.9MEDIUM

CVE-2020-1758

all versions

A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emai

5.3MEDIUM

CVE-2020-10685

all versions

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before

5.0MEDIUM

CVE-2020-12692

< 15.0.1

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Si

5.4MEDIUM

CVE-2020-12691

< 15.0.1

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for t

8.8HIGH

CVE-2020-12690

< 15.0.1

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is

8.8HIGH

CVE-2020-12689

< 15.0.1

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oaut

8.8HIGH

CVE-2020-1759

all versions

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability

6.4MEDIUM

CVE-2019-14905

all versions

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, wher

5.6MEDIUM

CVE-2020-10684

all versions

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using

7.9HIGH

CVE-2020-1740

all versions

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit"

3.9LOW

CVE-2020-1738

all versions

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previ

3.9LOW

CVE-2020-1736

all versions

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This set

2.2LOW

CVE-2020-1735

all versions

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, a

4.2MEDIUM

CVE-2020-1739

all versions

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "passw

3.9LOW

CVE-2020-1733

all versions

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with

5.0MEDIUM

CVE-2012-6685

all versions

Nokogiri before 1.5.4 is vulnerable to XXE attacks

7.5HIGH

CVE-2015-9543

< 18.2.4

An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth token

3.3LOW

CVE-2020-1711

all versions

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled

7.7HIGH

CVE-2015-5741

all versions

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attacker

9.8CRITICAL

CVE-2015-6815

all versions

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when send

3.5LOW

CVE-2019-14859

all versions

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encodin

9.1CRITICAL

CVE-2012-5476

all versions

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable wh

5.5MEDIUM

CVE-2012-5474

all versions

The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horiz

5.5MEDIUM

CVE-2019-16789

all versions

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker t

7.1HIGH

CVE-2019-16786

all versions

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was

7.1HIGH

CVE-2019-16785

all versions

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-l

7.1HIGH

CVE-2013-2167

all versions

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

9.8CRITICAL

CVE-2013-2166

all versions

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass

9.8CRITICAL

CVE-2013-1793

all versions

openstack-utils openstack-db has insecure password creation

7.5HIGH

CVE-2019-19687

all versions

OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is

8.8HIGH

CVE-2013-0326

all versions

OpenStack nova base images permissions are world readable

5.5MEDIUM

CVE-2019-14856

all versions

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None

6.5MEDIUM

CVE-2011-4076

>= 2010.1 and < 2012.1

OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_K

5.9MEDIUM

CVE-2019-11287

all versions

Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prio

7.5HIGH

CVE-2019-11291

all versions

Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.

4.8MEDIUM

CVE-2019-14818

all versions

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.

7.5HIGH

CVE-2012-1572

all versions

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space

7.5HIGH

CVE-2019-3866

all versions

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text informat

5.5MEDIUM

CVE-2013-6461

all versions

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits

6.5MEDIUM

CVE-2013-6460

all versions

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents

6.5MEDIUM

CVE-2013-2255

all versions

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate s

5.9MEDIUM

CVE-2019-11281

all versions

Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16

4.8MEDIUM

CVE-2019-14846

all versions

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at

7.8HIGH

CVE-2017-18635

all versions

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVN

6.1MEDIUM

CVE-2019-9515

all versions

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a s

7.5HIGH

CVE-2019-9514

all versions

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a numb

7.5HIGH

CVE-2019-14433

all versions

An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an au

6.5MEDIUM

CVE-2018-10899

all versions

A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds

8.1HIGH

CVE-2019-10156

all versions

A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possi

5.4MEDIUM

CVE-2019-10141

all versions

A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injecti

8.3HIGH

CVE-2019-10193

all versions

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0

7.2HIGH

CVE-2019-10192

all versions

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.

7.2HIGH

CVE-2019-3895

all versions

An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Dire

8.0HIGH

CVE-2019-0223

all versions

While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C libr

7.4HIGH

CVE-2011-3147

>= 2010.1 and < 2012.1

Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constr

8.6HIGH

CVE-2019-10876

all versions

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two secur

6.5MEDIUM

CVE-2019-3830

all versions

A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive c

7.8HIGH

CVE-2018-16856

all versions

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and ope

5.5MEDIUM

CVE-2019-9735

all versions

An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6

6.5MEDIUM

CVE-2018-16876

all versions

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can

5.3MEDIUM

CVE-2018-20170

<= 14.0.1

OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than v

5.3MEDIUM

CVE-2018-16849

< 7.0.1

A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose th

3.1LOW

CVE-2016-2121

all versions

A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain

4.0MEDIUM

CVE-2018-18438

all versions

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.

5.5MEDIUM

CVE-2018-17963

all versions

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial o

9.8CRITICAL

CVE-2018-1000808

all versions

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing La

5.9MEDIUM

CVE-2018-1000807

all versions

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509

8.1HIGH

CVE-2018-17206

all versions

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected

4.9MEDIUM

CVE-2018-17205

all versions

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bu

7.5HIGH

CVE-2018-17204

all versions

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util

4.3MEDIUM

CVE-2018-14636

>= 7.0.0 and <= 11.0.4

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be

5.3MEDIUM

CVE-2018-14635

all versions

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP addres

6.5MEDIUM

CVE-2018-14620

all versions

The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. Thi

4.7MEDIUM

CVE-2017-15139

all versions

A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain stora

7.5HIGH

CVE-2017-2627

all versions

A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed

8.2HIGH

CVE-2018-10915

all versions

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state

8.5HIGH

CVE-2018-14432

all versions

In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/proje

5.3MEDIUM

CVE-2018-10898

all versions

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default

8.8HIGH

CVE-2018-10903

all versions

A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag

7.5HIGH

CVE-2016-9603

all versions

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue c

5.5MEDIUM

CVE-2017-2620

all versions

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access iss

5.5MEDIUM

CVE-2017-2621

all versions

An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log d

5.5MEDIUM

CVE-2017-2622

all versions

An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made worl

5.9MEDIUM

CVE-2017-7543

all versions

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x

5.3MEDIUM

CVE-2017-7539

all versions

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiati

5.3MEDIUM

CVE-2017-2637

all versions

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. L

9.9CRITICAL

CVE-2017-7481

all versions

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t

9.8CRITICAL

CVE-2017-2673

all versions

An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authentic

6.8MEDIUM

CVE-2018-2767

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that

3.1LOW

CVE-2018-10875

all versions

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plu

7.8HIGH

CVE-2018-10892

all versions

The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The

5.3MEDIUM

CVE-2018-10855

all versions

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has b

5.9MEDIUM

CVE-2017-2615

all versions

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It coul

5.5MEDIUM

CVE-2018-10874

all versions

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are u

7.8HIGH

CVE-2017-7466

all versions

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker wit

8.0HIGH

CVE-2018-11219

all versions

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and

9.8CRITICAL

CVE-2018-11218

all versions

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x b

9.8CRITICAL

CVE-2018-11806

all versions

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

8.2HIGH

CVE-2018-3639

all versions

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all

5.5MEDIUM

CVE-2018-10237

all versions

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service a

5.9MEDIUM

CVE-2016-9590

all versions

puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's inst

6.5MEDIUM

CVE-2018-1059

all versions

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when p

6.1MEDIUM

CVE-2016-9587

all versions

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client

8.1HIGH

CVE-2016-9599

all versions

puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowe

7.1HIGH

CVE-2018-2819

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.5

6.5MEDIUM

CVE-2018-2817

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are

6.5MEDIUM

CVE-2018-2813

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are

4.3MEDIUM

CVE-2018-2781

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte

4.9MEDIUM

CVE-2018-2771

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected

4.4MEDIUM

CVE-2018-2761

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected

5.9MEDIUM

CVE-2018-2755

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec

7.7HIGH

CVE-2018-1000127

all versions

memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corrup

7.5HIGH

CVE-2018-7536

all versions

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() fun

5.3MEDIUM

CVE-2018-1000115

all versions

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability

7.5HIGH

CVE-2017-18191

all versions

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted v

7.5HIGH

CVE-2018-2668

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte

6.5MEDIUM

CVE-2018-2665

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte

6.5MEDIUM

CVE-2018-2640

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte

6.5MEDIUM

CVE-2018-2622

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are

6.5MEDIUM

CVE-2018-2562

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affect

7.1HIGH

CVE-2017-10906

all versions

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal U

9.8CRITICAL

CVE-2017-17051

all versions

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new ima

8.6HIGH

CVE-2017-16239

<= 14.0.9

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user m

6.5MEDIUM

CVE-2017-10384

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are

6.5MEDIUM

CVE-2017-10379

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected

6.5MEDIUM

CVE-2017-10378

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte

6.5MEDIUM

CVE-2017-10268

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec

4.1MEDIUM

CVE-2017-3653

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are

3.1LOW

CVE-2017-3651

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected

4.3MEDIUM

CVE-2017-3641

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are

4.9MEDIUM

CVE-2017-3636

all versions

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected

5.3MEDIUM

CVE-2017-10664

all versions

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon

7.5HIGH

CVE-2017-7980

all versions

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users t

7.8HIGH

CVE-2017-9214

all versions

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that i

9.8CRITICAL

CVE-2017-8379

all versions

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to ca

6.5MEDIUM

CVE-2017-8309

all versions

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consump

7.5HIGH

CVE-2016-6519

all versions

Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated use

5.4MEDIUM

CVE-2017-5936

<= 13.1.0

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances,

7.5HIGH

CVE-2017-7400

all versions

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS att

4.8MEDIUM

CVE-2014-5009

all versions

Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-20

9.8CRITICAL

CVE-2014-5008

all versions

Snoopy allows remote attackers to execute arbitrary commands.

9.8CRITICAL

CVE-2008-7313

all versions

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an in

9.8CRITICAL

CVE-2017-5973

all versions

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a d

5.5MEDIUM

CVE-2017-7214

all versions

An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.

9.8CRITICAL

CVE-2016-7103

all versions

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or

6.1MEDIUM

CVE-2016-9921

all versions

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur

6.5MEDIUM

CVE-2016-9911

all versions

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while proc

6.5MEDIUM

CVE-2016-9907

all versions

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while

6.5MEDIUM

CVE-2016-7466

all versions

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local

6.0MEDIUM

CVE-2016-7422

all versions

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a

6.0MEDIUM

CVE-2016-6888

all versions

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS adminis

4.4MEDIUM

CVE-2016-8910

all versions

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause

6.0MEDIUM

CVE-2016-8909

all versions

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a d

6.0MEDIUM

CVE-2016-8669

all versions

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cau

6.0MEDIUM

CVE-2016-8576

all versions

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a den

6.0MEDIUM

CVE-2015-5162

<= 12.0.3

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13

7.5HIGH

CVE-2016-6662

all versions

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.

9.8CRITICAL

CVE-2016-5403

all versions

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory

5.5MEDIUM

CVE-2016-4985

all versions

The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain

7.5HIGH

CVE-2016-4428

all versions

Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote

5.4MEDIUM

CVE-2016-4474

all versions

The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux

8.8HIGH

CVE-2016-5363

all versions

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-

8.2HIGH

CVE-2016-5362

>= 7.0.0 and < 7.0.4

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP

8.2HIGH

CVE-2015-8914

>= 7.0.0 and < 7.0.4

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMP

9.1CRITICAL

CVE-2016-5126

all versions

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial

7.8HIGH

CVE-2016-4020

all versions

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS a

6.5MEDIUM

CVE-2016-3710

all versions

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administr

8.8HIGH

CVE-2015-5271

all versions

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Obj

7.5HIGH

CVE-2016-0757

all versions

OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enable

4.3MEDIUM

CVE-2015-8080

all versions

Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-depende

7.5HIGH

CVE-2016-2140

>= 12.0.0 and < 12.0.3

The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage a

5.3MEDIUM

CVE-2016-2857

all versions

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bou

8.4HIGH

CVE-2016-1568

all versions

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause

8.8HIGH

CVE-2015-5329

all versions

The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly u

7.3HIGH

CVE-2016-1714

all versions

The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configura

8.1HIGH

CVE-2015-7546

>= 8.0.0 and < 8.0.2

The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddlewa

7.5HIGH

CVE-2015-5295

all versions

The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows

5.4MEDIUM

CVE-2015-8749

>= 12.0.0 and < 12.0.1

The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty)

5.9MEDIUM

CVE-2015-7548

>= 12.0.0 and < 12.0.1

OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_

3.5LOW

CVE-2015-7512

all versions

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attacker

9.0CRITICAL

CVE-2015-5225

all versions

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to

CVE-2015-7713

>= 2014.2 and < 2014.2.4

OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes,

CVE-2015-5240

all versions

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups A

CVE-2015-5286

<= 2014.2.3

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to b

CVE-2015-5251

<= 2014.2.3

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to ch

CVE-2015-3280

>= 2014.2 and < 2014.2.4

OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from comput

CVE-2015-3241

>= 2014.2 and <= 2014.2.3

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is d

CVE-2015-3214

all versions

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths a

CVE-2015-3221

>= 2014.2 and < 2014.2.4

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remo

CVE-2015-3219

all versions

Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.

CVE-2015-5165

all versions

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote at

CVE-2015-3209

all versions

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet w

CVE-2015-3988

all versions

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to

CVE-2015-3456

all versions

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of

CVE-2015-3646

>= 2014.1 and < 2014.1.5

OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content,

CVE-2015-1842

<= 6.0

The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for th

CVE-2015-0259

>= 2014.1 and < 2014.1.4

OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websock

CVE-2015-0271

all versions

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attacker

CVE-2014-3691

all versions

Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates,

CVE-2015-1881

all versions

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remot

CVE-2014-9684

all versions

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remot

CVE-2014-9623

all versions

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota an

CVE-2015-1195

>= 2014.1 and < 2014.1.4

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote au

CVE-2014-8153

all versions

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a de

CVE-2014-9493

all versions

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.2.2 and 2014.1.4 allows remote authenticated user

CVE-2014-8124

>= 2014.1 and < 2014.1.3

OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a d

CVE-2014-7821

all versions

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (cra

CVE-2014-0204

>= 2014.1 and < 2014.1.1

OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as

CVE-2014-3615

all versions

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

CVE-2014-8578

>= 2013.2 and < 2013.2.4

Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.

CVE-2014-3475

>= 2013.2 and < 2013.2.4

Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.

CVE-2014-3474

>= 2013.2 and < 2013.2.4

Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStac

CVE-2014-3473

>= 2013.2 and < 2013.2.4

Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Da

CVE-2014-8333

all versions

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk

CVE-2014-3708

all versions

OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of servi

CVE-2014-3520

>= 2013.2 and < 2013.2.4

OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees

CVE-2014-8750

>= 2014.1 and < 2014.1.4

Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenti

CVE-2014-7231

all versions

The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 befo

CVE-2014-7230

all versions

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3

CVE-2014-3632

>= 2014.1 and <= 2014.1.2

The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterpr

CVE-2014-3608

>= 2013.2 and <= 2013.2.4

The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and caus

CVE-2014-6414

>= 2013.2 and <= 2013.2.4

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to

CVE-2014-3621

all versions

The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authentica

CVE-2014-5356

<= 2013.2.3

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using

CVE-2014-5253

all versions

OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is i

CVE-2014-5252

all versions

The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID

CVE-2014-5251

all versions

The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with t

CVE-2014-3594

>= 2013.2 and < 2013.2.4

Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1

CVE-2014-4615

all versions

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 201

CVE-2014-3517

>= 2013.2 and <= 2013.2.4

api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying

CVE-2014-3555

all versions

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a den

CVE-2014-4167

>= 2011.1 and <= 2013.2.3

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated user

CVE-2014-3476

>= 2013.2 and < 2013.2.4

OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained del

CVE-2014-0042

all versions

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for cert

CVE-2014-0041

all versions

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for

CVE-2014-0040

all versions

OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, uses an HTTP connection to

CVE-2013-6470

all versions

The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Ente

CVE-2013-6433

>= 2013.1 and <= 2013.2.3

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file fo

CVE-2013-2014

>= 2013 and < 2013.1

OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) vi

CVE-2013-4471

>= 2013.1 and < 2013.2

The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords f

CVE-2014-0056

all versions

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote aut

CVE-2014-0187

all versions

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated u

CVE-2014-0162

all versions

The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse

CVE-2014-0071

all versions

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote atta

CVE-2014-2828

all versions

The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cau

CVE-2014-0157

all versions

Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before

CVE-2014-2237

all versions

The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before

CVE-2013-6437

>= 2013.1 and < 2013.1.5

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to

CVE-2014-1948

all versions

OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containin

CVE-2013-6393

all versions

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attacke

CVE-2013-4463

all versions

OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows loca

CVE-2013-6491

all versions

The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protoc

CVE-2013-7048

>= 2013.1 and <= 2013.1.4

OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the

CVE-2013-2030

all versions

keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing s

CVE-2013-6391

all versions

The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-s

CVE-2013-6858

>= 2013.1 and <= 2013.2

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to injec

CVE-2013-4354

all versions

The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into

CVE-2013-4214

all versions

rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbit

CVE-2013-2029

all versions

nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local use

CVE-2013-4386

all versions

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to exe

CVE-2013-4497

all versions

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (

CVE-2013-4469

all versions

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a Q

CVE-2013-4261

all versions

OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors

CVE-2013-4185

all versions

Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly hand

CVE-2013-4222

all versions

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user token

CVE-2013-4294

all versions

The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not pr

CVE-2013-4182

all versions

app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote

CVE-2013-4180

all versions

The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of

CVE-2013-2256

>= 2013.1 and < 2013.1.3

OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public prope

CVE-2013-4155

all versions

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous"

CVE-2013-2161

all versions

XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid

CVE-2013-2157

>= 2012.2 and <= 2012.2.4

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to

CVE-2013-2121

all versions

Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authentica

CVE-2013-2113

all versions

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permis

CVE-2013-2882

all versions

Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have uns

CVE-2013-2096

all versions

OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users t

CVE-2013-2059

all versions

OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the aut

CVE-2013-2006

all versions

OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password

CVE-2013-0282

>= 2012.1 and <= 2012.1.3

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tena

CVE-2013-0270

>= 2012.1 and <= 2012.1.3

A flaw was found in OpenStack Keystone. A remote attacker could exploit this vulnerability by sending a large HTTP request, specif

6.5MEDIUM

CVE-2013-1665

all versions

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibl

CVE-2013-1664

all versions

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (

CVE-2013-1865

all versions

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server,

CVE-2013-1838

all versions

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which all

CVE-2013-0335

all versions

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in

CVE-2013-0266

all versions

A flaw was found in the puppetlabs-cinder module, as used in PackStack. This vulnerability is due to incorrect file permissions,

5.5MEDIUM

CVE-2013-0261

all versions

A flaw was found in PackStack. A local user could exploit a symlink attack on a temporary file with a predictable name in the `/tm

8.8HIGH

CVE-2013-0212

all versions

store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode,

CVE-2013-0247

>= 2012.1 and <= 2012.1.3

OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attack

CVE-2013-0208

all versions

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated us

CVE-2012-5625

all versions

OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear

CVE-2012-5483

all versions

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses

CVE-2012-5571

all versions

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization rest

5.4MEDIUM

CVE-2012-5563

all versions

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenti

CVE-2012-5482

all versions

The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary

CVE-2012-4573

all versions

The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary

CVE-2012-4457

>= 2012.1 and < 2012.1.2

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled ten

CVE-2012-4456

>= 2012.1 and < 2012.1.2

The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not proper

CVE-2012-4413

all versions

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated

CVE-2012-3542

all versions

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an

CVE-2012-3540

all versions

Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redi

CVE-2012-3447

all versions

virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users

CVE-2012-1585

>= 2011.1 and < 2011.3

OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and

CVE-2012-3426

all versions

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement t

CVE-2012-3361

all versions

virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated user

CVE-2012-3360

all versions

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used ov

CVE-2012-3371

all versions

The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is e

CVE-2012-2654

all versions

The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check

CVE-2012-2101

all versions

Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authent

CVE-2012-2144

all versions

Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions

CVE-2012-2094

all versions

Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in Ope

CVE-2012-0030

all versions

Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants o

CVE-2011-4596

>= 2011.3 and < 2011.3.1

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-re