Redhat: Security Vulnerabilities
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-22
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
CVSS Score
9.8
EPSS Score
0.031
Published
2019-11-21
cumin: At installation postgresql database user created without password
CVSS Score
9.8
EPSS Score
0.004
Published
2019-11-21
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-21
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
CVSS Score
7.5
EPSS Score
0.016
Published
2019-11-20
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
CVSS Score
7.5
EPSS Score
0.041
Published
2019-11-20
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-11-20
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVSS Score
7.5
EPSS Score
0.013
Published
2019-11-19
tog-Pegasus has a package hash collision DoS vulnerability
CVSS Score
7.5
EPSS Score
0.007
Published
2019-11-19
Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-18