|
267261
|
7.7 |
HIGH
Network
|
redhat
|
openshift
|
The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. An attacker with access to create routes can potentially overwrite existing routes and redirect net…
|
-
|
CVE-2016-8631
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267262
|
9.1 |
CRITICAL
Network
|
redhat
|
ansible
|
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbit…
|
CWE-77
Command Injection
|
CVE-2016-8628
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267263
|
6.1 |
MEDIUM
Network
|
theforeman
|
foreman
|
A flaw was found in foreman 1.5.1. The remote execution plugin runs commands on hosts over SSH from the Foreman web UI. When a job is submitted that contains HTML tags, the console output shown in th…
|
-
|
CVE-2016-8613
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267264
|
6.5 |
MEDIUM
Network
|
openstack
|
glance
|
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denia…
|
-
|
CVE-2016-8611
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267265
|
7.8 |
HIGH
Local
|
redhat
|
jboss_enterprise_application_platform
|
It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8657
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267266
|
6.5 |
MEDIUM
Network
|
redhat
|
ceph
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
|
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or sp…
|
CWE-20
Improper Input Validation
|
CVE-2016-8626
|
2024-11-21 11:59 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267267
|
4.9 |
MEDIUM
Network
|
redhat
|
ansible_engine
virtualization
|
An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would sti…
|
-
|
CVE-2016-8647
|
2024-11-21 11:59 |
2018-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267268
|
7.8 |
HIGH
Local
|
cryptic-apps
|
hopper_disassembler
|
An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithm…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8390
|
2024-11-21 11:59 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267269
|
7.8 |
HIGH
Local
|
redhat
|
jboss_enterprise_application_platform
|
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8656
|
2024-11-21 11:59 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267270
|
6.5 |
MEDIUM
Network
|
redhat
|
jboss_enterprise_application_platform
keycloak
|
admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-8627
|
2024-11-21 11:59 |
2018-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
