redhat cloudforms の CVE(48 件)

CVE 件数: 48 CPE versions: View versions table

概要

本ページは redhat cloudforms に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 4148 / 48 CVE 件数
«« 先頭 « 前へ 3 / 3 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2014-0057 The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors. [email protected] 7.5 1.59% 2014-03-18 2026-06-16
CVE-2014-0081 Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. [email protected] 4.3 4.03% 2014-02-20 2026-06-16
CVE-2013-6443 CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request. [email protected] 6.8 0.60% 2014-01-22 2026-06-16
CVE-2012-5604 The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. [email protected] 4.3 1.21% 2013-03-01 2026-06-16
CVE-2012-5605 Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files. [email protected] 2.1 0.36% 2013-01-04 2026-06-16
CVE-2012-5603 proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system. [email protected] 5.5 1.04% 2013-01-04 2026-06-16
CVE-2012-4574 Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file. [email protected] 2.1 0.36% 2013-01-04 2026-06-16
CVE-2012-3538 Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log. [email protected] 3.3 0.64% 2013-01-04 2026-06-16
«« 先頭 « 前へ 3 / 3 次へ »
cvelogic Threat Intelligence