Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Openstack platform'
2022-05-10
CVE-2022-0866
CWE-863
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it's also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled.
2022-03-02
CVE-2021-3654
CWE-601
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
2021-03-23
CVE-2021-20270
CWE-835
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
2020-12-18
CVE-2020-27781
CWE-522
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 16.2.0.
2020-10-06
CVE-2020-25743
CWE-476
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
2020-09-23
CVE-2020-14365
CWE-347
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
2017-11-27
CVE-2017-15114
CWE-295
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
>>>
Vendor:
Redhat
373
Products
Linux
Certificate server
Directory server
Sendmail
Openssl
Rsync
Tcpdump
Enterprise linux
Enterprise linux desktop
Linux powertools
Tmpwatch
Pam smb
Stronghold
Redhat package manager
Docbook stylesheets
Docbook utils
Libpng
Pre-execution environment
Interchange
Linux advanced workstation
Rhmask
LV
Analog real-time synthesizer
Kdebase
Kdelibs
Kdelibs devel
Kdelibs sound
Kdelibs sound devel
Wu ftpd
Daredevil skk
Ddskk-xemacs
Up2date
Kernel
Vsftpd
Bigmem kernel
Kernel doc
Kernel source
Sysstat
Gdk pixbuf
LHA
Fedora core
Linux desktop
Sysreport
JBPM
Desktop
Package manager
Jboss application server
Conga
Open iscsi
Cluster suite
Network satelite server
Fedora
Mcstrans
Cairo
Network satellite server
Cygwin
Enterprise linux desktop workstation
Fedora directory server
Nfs utils
Policykit
Desktop workstation
Fedora 8
Certificate system
KVM
Adminutil
Enterprise ipa
Freeipa
Jboss enterprise application platform
Initscripts
CMAN
dogtag certificate system
Libvirt
Cluster project
Gfs2-utils
Rgmanager
Dogtag certificate system
Enterprise mrg
Spacewalk-java
Enterprise virtualization
Qspice
Network satellite
Yum-rhn-plugin
Enterprise virtualization hypervisor
Enterprise virtualization manager
Jboss enterprise service bus
Jboss enterprise soa platform
LVM2
Evince
Spice-xpi
Spice-activex
LUCI
Icedtea
Jboss enterprise web platform
Jboss remoting
389 directory server
Libuser
Icedtea-web
Policycoreutils
Jboss seam 2 framework
Virtualization manager
See all Products for Vendor
Redhat
Copyright
2024
, cxsecurity.com
Back to Top