CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2015-5295 – openstack-heat: Vulnerability in Heat template validation leading to DoS
https://notcve.org/view.php?id=CVE-2015-5295
20 Jan 2016 — The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero. El comando template-validate en OpenStack Orchestration API (Heat) en versiones anteriores a 2015.1.3 (kilo) y 5.0.x en versiones anteriores a 5.0.1 (liberty) permite a usuarios remotos au... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176700.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5329 – openstack-tripleo-heat-templates: Using hardcoded rabbitmq credentials regardless of supplied values
https://notcve.org/view.php?id=CVE-2015-5329
21 Dec 2015 — The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials. Las plantillas TripleO Heat (tripleo-heat-templates), según se utiliza en Red Hat Enterprise Linux OpenStack Platform 7.0, no utiliza correctamente las credenciales RabbitMQ configuradas, lo que ... • https://access.redhat.com/errata/RHSA-2015:2650 • CWE-264: Permissions, Privileges, and Access Controls CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 1CVE-2015-8080 – redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2015-8080
04 Dec 2015 — Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. Desbordamiento de entero en la función getnum en lua_struct.c en Redis 2.8.x en versiones anteriores a 2.8.24 y 3.0.x en versiones a... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00126.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 14%CPEs: 14EXPL: 0CVE-2015-7512 – Qemu: net: pcnet: buffer overflow in non-loopback mode
https://notcve.org/view.php?id=CVE-2015-7512
03 Dec 2015 — Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. Desbordamiento de buffer en la función pcnet_receive en hw/net/pcnet.c en QEMU, cuando un NIC invitado tiene un MTU más grande, permite a atacantes provocar una denegación de servicio (caída de SO invitado) o ejecutar código arbitrario a través de un paquete grande. A buffer overflow fla... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 11%CPEs: 25EXPL: 0CVE-2015-5194 – ntp: crash with crafted logconfig configuration command
https://notcve.org/view.php?id=CVE-2015-5194
27 Oct 2015 — The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. La función log_config_command en el archivo ntp_parser.y en ntpd en NTP anterior a versión 4.2.7p42, permite a los atacantes remotos causar una denegación de servicio (bloqueo de ntpd) por medio de comandos logconfig creados. It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig confi... • http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 33EXPL: 0CVE-2015-5219 – ntp: infinite loop in sntp processing crafted packet
https://notcve.org/view.php?id=CVE-2015-5219
27 Oct 2015 — The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. La función ULOGTOD en el archivo ntp.d en SNTP en versiones anteriores a la 4.2.7p366 no realiza apropiadamente las conversiones de tipo de un valor de precisión a uno doble, lo que permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de... • http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc • CWE-704: Incorrect Type Conversion or Cast CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 17%CPEs: 38EXPL: 0CVE-2015-5300 – ntp: MITM attacker can force ntpd to make a step larger than the panic threshold
https://notcve.org/view.php?id=CVE-2015-5300
27 Oct 2015 — The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). La comprobación panic_gate en NTP anterior a versión 4.2.8p5 es solo h... • http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc • CWE-20: Improper Input Validation CWE-361: 7PK - Time and State •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5271 – openstack-tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware
https://notcve.org/view.php?id=CVE-2015-5271
09 Oct 2015 — The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors. Las plantillas TripleO Heat (tripleo-heat-templates) no ordena correctamente el Identity Service (keystone) en versiones anteriores al middleware de web est... • https://access.redhat.com/errata/RHSA-2015:1862 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 3.5EPSS: 1%CPEs: 30EXPL: 0CVE-2015-6815 – Gentoo Linux Security Advisory 201602-01
https://notcve.org/view.php?id=CVE-2015-6815
21 Sep 2015 — The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. La función process_tx_desc en el archivo hw/net/e1000.c en QEMU versiones anteriores a 2.4.0.1, no procesa apropiadamente los datos del descriptor de transmisión cuando se envía un paquete de red, lo que permite a atacantes causar una denegación de se... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2015-5225 – Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface
https://notcve.org/view.php?id=CVE-2015-5225
27 Aug 2015 — Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface. Desbordamiento de buffer en la función vnc_refresh_server_surface en el controlador de pantalla VNC en QEMU en versiones anteriores a 2.4.0.1 permite a usuarios invitados provocar una denegac... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •