Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 97849 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2017-2632 A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges. MEDIUM Jul 28, 2018 n/a
CVE-2017-2630 Quick Emulator(Qemu) built with the Network Block Device(NBD) client support is vulnerable to a stack buffer overflow issue. It could occur while processing server\'s response to a \'NBD_OPT_LIST\' request. MEDIUM Jun 21, 2018 n/a
CVE-2017-2629 A coding mistake was found in TLS Certificate Status Request extension feature that asks for a fresh proof of the server\'s certificate\'s validity in the code that checks for a test success or failure. It ends up always thinking there\'s valid proof, even when there is none or if the server doesn\'t support the TLS extension in question. Contrary to how it used to function and contrary to how this feature is documented to work. MEDIUM Feb 24, 2017 webcli_curl-7.55.1.0 (VxWorks 7)
CVE-2017-2628 curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only. HIGH Mar 12, 2018 n/a
CVE-2017-2627 A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user. HIGH Aug 22, 2018 n/a
CVE-2017-2626 It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. LOW Jul 28, 2018 n/a
CVE-2017-2625 It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users\' sessions. LOW Jul 28, 2018 n/a
CVE-2017-2624 It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack. LOW Jul 28, 2018 n/a
CVE-2017-2623 It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default. MEDIUM Jul 28, 2018 n/a
CVE-2017-2622 An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. LOW Jul 28, 2018 n/a
CVE-2017-2621 An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. LOW Jul 28, 2018 n/a
CVE-2017-2620 Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data in cirrus_bitblt_cputovideo. HIGH Jun 21, 2018 n/a
CVE-2017-2619 Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. MEDIUM Mar 12, 2018 n/a
CVE-2017-2618 A flaw was found in the Linux kernels handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. MEDIUM Jun 21, 2018 n/a
CVE-2017-2617 hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed. MEDIUM May 23, 2018 n/a
CVE-2017-2616 A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. MEDIUM Jul 28, 2018 n/a
CVE-2017-2615 Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. HIGH Feb 24, 2017 n/a
CVE-2017-2614 When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts. LOW Jul 28, 2018 n/a
CVE-2017-2613 jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406). MEDIUM May 16, 2018 n/a
CVE-2017-2612 In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK. MEDIUM May 16, 2018 n/a
CVE-2017-2611 Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents. MEDIUM May 9, 2018 n/a
CVE-2017-2610 jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388). LOW May 16, 2018 n/a
CVE-2017-2609 jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to. MEDIUM May 23, 2018 n/a
CVE-2017-2608 Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs (SECURITY-383). MEDIUM May 16, 2018 n/a
CVE-2017-2607 jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins users, or users with SCM access, could configure jobs or modify build scripts such that they print serialized console notes that perform cross-site scripting attacks on Jenkins users viewing the build logs. LOW May 22, 2018 n/a
CVE-2017-2606 Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible (SECURITY-380). This only affects anonymous users (other users legitimately have access) that were able to get a list of items via an UnprotectedRootAction. MEDIUM May 9, 2018 n/a
CVE-2017-2604 In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371). MEDIUM May 16, 2018 n/a
CVE-2017-2603 Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. This could leak sensitive data such as API tokens (SECURITY-362). LOW May 16, 2018 n/a
CVE-2017-2602 jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents (SECURITY-358). MEDIUM May 16, 2018 n/a
CVE-2017-2601 Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions (SECURITY-353). Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions. LOW May 10, 2018 n/a
CVE-2017-2600 In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343). MEDIUM May 16, 2018 n/a
CVE-2017-2599 Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new items (e.g. jobs) to overwrite existing items they don't have access to (SECURITY-321). MEDIUM Apr 11, 2018 n/a
CVE-2017-2598 Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304). MEDIUM May 24, 2018 n/a
CVE-2017-2596 The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references. MEDIUM Feb 7, 2017 n/a
CVE-2017-2595 It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal. MEDIUM Jul 28, 2018 n/a
CVE-2017-2594 hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root. MEDIUM May 9, 2018 n/a
CVE-2017-2592 python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback\'s error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs (for example, keystone tokens). LOW May 9, 2018 n/a
CVE-2017-2591 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the attribute uniqueness plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service. MEDIUM Apr 30, 2018 n/a
CVE-2017-2590 A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. MEDIUM Jul 28, 2018 n/a
CVE-2017-2589 It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. MEDIUM Jul 26, 2018 n/a
CVE-2017-2587 A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. MEDIUM Jul 28, 2018 n/a
CVE-2017-2586 A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. MEDIUM Jul 28, 2018 n/a
CVE-2017-2585 Red Hat Keycloak before version 2.5.1 has an implementation of HMAC verification for JWS tokens that uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. MEDIUM Mar 12, 2018 n/a
CVE-2017-2584 arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. LOW Jan 18, 2017 n/a
CVE-2017-2583 The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a MOV SS, NULL selector instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application. MEDIUM Feb 6, 2017 n/a
CVE-2017-2582 It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the InResponseTo field in the response. MEDIUM Jul 26, 2018 n/a
CVE-2017-2581 An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution. MEDIUM Jul 28, 2018 n/a
CVE-2017-2580 An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution. MEDIUM Jul 28, 2018 n/a
CVE-2017-2579 An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution. MEDIUM Jul 28, 2018 n/a
CVE-2017-2578 In Moodle 3.x, there is XSS in the assignment submission page. MEDIUM Jan 25, 2017 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online