Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-254
Total 412 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7713 1 Openstack 1 Nova 2023-02-12 5.0 MEDIUM N/A
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
CVE-2015-3230 1 Fedoraproject 1 389 Directory Server 2023-02-12 7.5 HIGH N/A
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.
CVE-2016-4451 1 Theforeman 1 Foreman 2023-02-12 6.0 MEDIUM 5.0 MEDIUM
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that organization.
CVE-2016-4475 1 Theforeman 1 Foreman 2023-02-12 6.5 MEDIUM 8.8 HIGH
The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.
CVE-2015-5306 1 Openstack 1 Ironic Inspector 2023-02-12 6.8 MEDIUM N/A
OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error.
CVE-2015-5178 1 Redhat 2 Jboss Enterprise Application Platform, Jboss Wildfly Application Server 2023-02-12 4.3 MEDIUM N/A
The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
CVE-2016-2118 3 Canonical, Debian, Samba 3 Ubuntu Linux, Debian Linux, Samba 2022-08-29 6.8 MEDIUM 7.5 HIGH
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
CVE-2015-0201 2 Pivotal Software, Vmware 2 Spring Framework, Spring Framework 2022-04-11 5.0 MEDIUM N/A
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors.
CVE-2015-7330 1 Puppet 1 Puppet Enterprise 2022-01-24 6.5 MEDIUM 8.8 HIGH
Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol.
CVE-2015-8857 1 Uglifyjs Project 1 Uglifyjs 2021-10-28 7.5 HIGH 9.8 CRITICAL
The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
CVE-2014-8152 1 Apache 1 Santuario Xml Security For Java 2021-09-17 5.0 MEDIUM N/A
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document.
CVE-2016-6639 2 Cloudfoundry, Pivotal 2 Php-buildpack, Cloud Foundry Elastic Runtime 2021-09-09 5.0 MEDIUM 7.5 HIGH
Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products, place the .profile file in the htdocs directory, which might allow remote attackers to obtain sensitive information via an HTTP GET request for this file.
CVE-2016-10224 1 Sauter-controls 1 Novaweb Web Hmi 2021-08-31 6.5 MEDIUM 7.2 HIGH
An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user.
CVE-2016-0266 1 Ibm 2 Aix, Vios 2021-08-31 4.3 MEDIUM 3.7 LOW
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
CVE-2016-4474 1 Redhat 1 Openstack 2021-08-04 3.3 LOW 8.8 HIGH
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.
CVE-2015-7837 1 Redhat 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server Aus and 3 more 2021-07-15 2.1 LOW 5.5 MEDIUM
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
CVE-2015-6473 1 Wago 4 750-849, 750-849 Firmware, 758-870 and 1 more 2021-07-09 10.0 HIGH 9.8 CRITICAL
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.
CVE-2016-4376 2 Broadcom, Hp 2 Fabric Operating System, Storefabric B Series Switch 2021-06-22 7.8 HIGH 6.5 MEDIUM
HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-7973 5 Canonical, Freebsd, Netapp and 2 more 9 Ubuntu Linux, Freebsd, Clustered Data Ontap and 6 more 2021-04-26 5.8 MEDIUM 6.5 MEDIUM
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2016-10178 1 Dlink 2 Dwr-932b, Dwr-932b Firmware 2021-04-23 10.0 HIGH 9.8 CRITICAL
An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 (UDP) launches the "/sbin/telnetd -l /bin/sh" command.