CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15123
https://notcve.org/view.php?id=CVE-2017-15123
12 Jun 2019 — A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentially sensitive information from CloudForms including data such as newly created virtual machines. Se descubrió un defecto en el CloudFoms en el interface, versiones 5.8- 5.10, donde las URL de las fuentes RSS No están restringidas adecuadamente para los usuarios autorizados solamente. Un atacante podría usar est... • http://www.securityfocus.com/bid/108690 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.1EPSS: 0%CPEs: 218EXPL: 7CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://github.com/isacaya/CVE-2019-11358 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.8EPSS: 9%CPEs: 11EXPL: 1CVE-2019-5419 – rubygem-actionpack: denial of service vulnerability in Action View
https://notcve.org/view.php?id=CVE-2019-5419
27 Mar 2019 — There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. Hay una posible vulnerabilidad de denegación de servicio (DoS) en la vista de acción en Rails, en versiones anteriores a las 5.2.2.1, 5.1.6.2, 5.0.7.2 y 4.2.11.1 donde las cabeceras de aceptación especialmente manipuladas pueden provocar que dicha vista consuma el 100 % de la CPU y... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.1EPSS: 94%CPEs: 10EXPL: 12CVE-2019-5418 – Rails 5.2.1 - Arbitrary File Content Disclosure
https://notcve.org/view.php?id=CVE-2019-5418
21 Mar 2019 — There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. Existe una vulnerabilidad de Divulgación del contenido del archivo en la Vista de acción versión anterior a .2.2.1, versión anterior a 1.6.2, versión anterior a 5.0.7.2, versión anterior a 4.2.11.1 y v3, donde los encabezados de aceptación especialmente diseñados pueden expo... • https://packetstorm.news/files/id/180660 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-16476 – activejob: Information Exposure through deserialization using GlobalId
https://notcve.org/view.php?id=CVE-2018-16476
30 Nov 2018 — A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1. Una vulnerabilidad del Control de acceso roto en las versiones de Trabajo activo> = versión 4.2.0 permite a un atacante crear una entrada de usuario que puede hacer que el Trabajo activo lo deser... • https://access.redhat.com/errata/RHSA-2019:0600 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7528
https://notcve.org/view.php?id=CVE-2017-7528
22 Aug 2018 — Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback). Ansible Tower tal y como viene con Red Hat CloudForms Management Engine 5 es vulnerable a la inyección de CRLF. Se ha detectado que la cabecera X-Forwarded-For permite a los servidores internos desplegar otros sistemas (usando callback). • http://www.securityfocus.com/bid/105143 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10905 – cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root
https://notcve.org/view.php?id=CVE-2018-10905
24 Jul 2018 — CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user. CloudForms Management Engine (cfme) es vulnerable a una opción de seguridad incorrecta en el componente dRuby de CloudForms. Un atacante con acceso a un shell local sin privilegios podría emplear este error para ejecutar comandos como usuario con altos privilegios. Clou... • https://access.redhat.com/errata/RHSA-2018:2561 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 93%CPEs: 19EXPL: 3CVE-2018-3760 – rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files
https://notcve.org/view.php?id=CVE-2018-3760
26 Jun 2018 — There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. Existe una vulnerabilidad de fuga de información en Sprockets. • https://github.com/mpgn/CVE-2018-3760 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-1000544 – rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file
https://notcve.org/view.php?id=CVE-2018-1000544
26 Jun 2018 — rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem.. rubyzip gem rubyzip en versiones 1.2.1 y anteriores contiene una vulnerabilidad de salto de directorio en e... • https://access.redhat.com/errata/RHSA-2018:3466 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.9EPSS: 2%CPEs: 12EXPL: 0CVE-2018-10855 – ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs
https://notcve.org/view.php?id=CVE-2018-10855
19 Jun 2018 — Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible. Ansible, en versiones 2.5 anteriores a la 2.5.5 y 2.4 anteriores a la 2.4.5, no cumplen con la marca de tarea no_log para las tareas fallidas. Cuando se ha empleado la marca... • https://access.redhat.com/errata/RHBA-2018:3788 • CWE-532: Insertion of Sensitive Information into Log File •