CVE-2021-3620

all versions

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials i

5.5MEDIUM

CVE-2019-11135

all versions

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enabl

6.5MEDIUM

CVE-2019-10744

all versions

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into addin

9.1CRITICAL

CVE-2019-10194

all versions

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected

5.5MEDIUM

CVE-2019-11358

all versions

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Objec

6.1MEDIUM

CVE-2019-8331

all versions

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

6.1MEDIUM

CVE-2018-16881

all versions

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to

7.5HIGH

CVE-2018-17963

all versions

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial o

9.8CRITICAL

CVE-2018-17958

all versions

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

7.5HIGH

CVE-2017-7481

all versions

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control t

9.8CRITICAL

CVE-2018-3639

all versions

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all

5.5MEDIUM

CVE-2018-1059

all versions

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when p

6.1MEDIUM

CVE-2017-9214

all versions

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that i

9.8CRITICAL

CVE-2016-5709

<= 6.3.1

SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local use

4.7MEDIUM

CVE-2016-3643

<= 6.3.1

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo,

7.8HIGH

CVE-2016-3642

<= 6.3.1

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a

9.8CRITICAL

CVE-2011-2163

all versions

Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors.