CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2019-14433 – openstack-nova: Nova server resource faults leak external exception details
https://notcve.org/view.php?id=CVE-2019-14433
09 Aug 2019 — An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. Se detectó un problema en OpenStack Nova en versiones anteriores a 17.0.12, versiones 18.x anteriores a 18.2.2, y versiones 19.x anteriores a 19.0.2. Si una petición de la API de un u... • http://www.openwall.com/lists/oss-security/2019/08/06/6 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.2EPSS: 34%CPEs: 22EXPL: 0CVE-2019-10193 – redis: Stack buffer overflow in HyperLogLog triggered by malicious client
https://notcve.org/view.php?id=CVE-2019-10193
11 Jul 2019 — A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. Se detectó una vulnerabilidad de desbordamiento del búfer de la pila en hyperloglog data structure de Redis en las versiones 3.x anteriores a 3.2.13, versiones 4.x anteriores a ... • http://www.securityfocus.com/bid/109290 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 22%CPEs: 23EXPL: 0CVE-2019-10192 – redis: Heap buffer overflow in HyperLogLog triggered by malicious client
https://notcve.org/view.php?id=CVE-2019-10192
11 Jul 2019 — A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. Se detectó una vulnerabilidad de desbordamiento del búfer de la pila en hyperloglog data structure versiones 3.x anteriores a 3.2.13, versiones 4.x anteriores... • http://www.securityfocus.com/bid/109290 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2019-10141 – openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data
https://notcve.org/view.php?id=CVE-2019-10141
02 Jul 2019 — A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how... • https://access.redhat.com/errata/RHSA-2019:2505 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.1EPSS: 2%CPEs: 8EXPL: 1CVE-2019-9735 – openstack-neutron: incorrect validation of port settings in iptables security group driver
https://notcve.org/view.php?id=CVE-2019-9735
13 Mar 2019 — An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affe... • http://www.openwall.com/lists/oss-security/2019/03/18/2 • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-18438
https://notcve.org/view.php?id=CVE-2018-18438
19 Oct 2018 — Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. Qemu tiene desbordamientos de enteros debido a que IOReadHandler y sus funciones asociadas emplean un tipo de datos de enteros firmados para un valor tamaño. • http://www.openwall.com/lists/oss-security/2018/10/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 16EXPL: 0CVE-2018-17963 – QEMU: net: ignore packets with large size
https://notcve.org/view.php?id=CVE-2018-17963
09 Oct 2018 — qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. qemu_deliver_packet_iov en net/net.c en Qemu acepta tamaños de paquetes mayores a INT_MAX, lo que permite que los atacantes provoquen una denegación de servicio (DoS) o tengan otro tipo de impacto sin especificar. A potential integer overflow issue was found in the networking back-end of QEMU. It could occur while receiving pac... • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 1%CPEs: 6EXPL: 0CVE-2018-17204 – openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure
https://notcve.org/view.php?id=CVE-2018-17204
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. Se ha descubierto un problema en Open vSwi... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-17205 – openvswitch: Error during bundle commit in ofproto/ofproto.c:ofproto_rule_insert__() allows for crash
https://notcve.org/view.php?id=CVE-2018-17205
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While rei... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 4.9EPSS: 2%CPEs: 6EXPL: 0CVE-2018-17206 – openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()
https://notcve.org/view.php?id=CVE-2018-17206
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. Se ha descubierto un problema en Open vSwitch, en versiones 2.7.x hasta la 2.7.6. La función decode_bundle dentro de lib/ofp-actions.c se ve afectada por un problema de sobrelectura de búfer durante la decodificación de la acción BUNDLE. An issue was discovered in Open vSwitch (OvS) 2.5.x through 2.5.5, 2.6.x through 2.6... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-125: Out-of-bounds Read •