Vulnerabilities > Redhat > Openstack

DATE CVE VULNERABILITY TITLE RISK
2017-05-23 CVE-2017-8309 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
network
low complexity
qemu debian redhat CWE-772
7.5
2017-04-21 CVE-2016-6519 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
network
low complexity
redhat openstack CWE-79
5.4
2017-03-31 CVE-2014-5009 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
9.8
2017-03-31 CVE-2014-5008 Command Injection vulnerability in multiple products
Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat debian CWE-77
critical
9.8
2017-03-31 CVE-2008-7313 Command Injection vulnerability in multiple products
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands.
network
low complexity
snoopy redhat nagios CWE-77
critical
9.8
2017-03-27 CVE-2017-5973 Infinite Loop vulnerability in multiple products
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
local
low complexity
qemu debian redhat CWE-835
5.5
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1
2016-12-23 CVE-2016-9921 Divide By Zero vulnerability in multiple products
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue.
local
low complexity
qemu debian redhat CWE-369
6.5
2016-12-23 CVE-2016-9911 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue.
local
low complexity
qemu debian redhat CWE-772
6.5
2016-12-23 CVE-2016-9907 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw.
local
low complexity
qemu debian redhat CWE-772
6.5