Vulnerabilities > Apache > Cloudstack > 2.1.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-15 | CVE-2022-26779 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cloudstack Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. | 7.5 |
| 2020-05-14 | CVE-2019-17562 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Cloudstack A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. | 9.8 |
| 2016-02-08 | CVE-2015-3252 | Credentials Management vulnerability in Apache Cloudstack Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server. | 9.8 |