Redhat Openstack

85 CVEs affecting Redhat Openstack. Latest disclosed: 2018-05-22. Critical: 7, High: 13.

Top CVEs affecting Redhat Openstack
CVESeverityScorePublishedSummary
CVE-2017-10906Critical9.82017-12-08Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary comman…
CVE-2017-9214Critical9.82017-05-23In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integ…
CVE-2014-5009Critical9.82017-03-31Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.
CVE-2014-5008Critical9.82017-03-31Snoopy allows remote attackers to execute arbitrary commands.
CVE-2008-7313Critical9.82017-03-31The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-479…
CVE-2016-6662Critical9.82016-09-20Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Perco…
CVE-2015-7512Critical9.02016-01-08Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of servic…
CVE-2016-4474High8.82016-06-30The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo…
CVE-2016-3710High8.82016-05-11The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary co…
CVE-2016-1568High8.82016-04-12Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance…
CVE-2016-2857High8.42016-04-12The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via…
CVE-2016-1714High8.12016-04-07The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support…
CVE-2017-7980High7.82017-07-25Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or c…
CVE-2016-5126High7.82016-06-01Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process cras…
CVE-2017-10664High7.52017-08-02qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting durin…
CVE-2017-8309High7.52017-05-23Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting…
CVE-2016-4985High7.52016-07-12The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a…
CVE-2015-5271High7.52016-04-15The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb…
CVE-2015-8080High7.52016-04-13Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission…
CVE-2015-5329High7.32016-04-11The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ cr…