CVE-2016-1000229
- EPSS 4.85%
- Published 20.12.2019 14:15:11
- Last modified 21.11.2024 02:43:01
swagger-ui has XSS in key names
CVE-2014-0175
- EPSS 0.6%
- Published 13.12.2019 13:15:10
- Last modified 21.11.2024 02:01:33
mcollective has a default password set at install
- EPSS 1.79%
- Published 11.12.2019 16:15:10
- Last modified 21.11.2024 02:01:30
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
CVE-2013-7370
- EPSS 1.08%
- Published 11.12.2019 14:15:09
- Last modified 21.11.2024 02:00:51
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware
CVE-2013-0163
- EPSS 0.12%
- Published 05.12.2019 15:15:11
- Last modified 21.11.2024 01:46:58
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
CVE-2013-2103
- EPSS 0.31%
- Published 03.12.2019 14:15:09
- Last modified 21.11.2024 01:51:02
OpenShift cartridge allows remote URL retrieval
CVE-2012-6135
- EPSS 1.27%
- Published 19.11.2019 17:15:11
- Last modified 21.11.2024 01:45:53
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVE-2014-0023
- EPSS 0.12%
- Published 15.11.2019 15:15:11
- Last modified 21.11.2024 02:01:11
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
CVE-2013-5123
- EPSS 12.86%
- Published 05.11.2019 22:15:10
- Last modified 21.11.2024 01:57:03
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
CVE-2013-0165
- EPSS 0.35%
- Published 01.11.2019 19:15:10
- Last modified 21.11.2024 01:46:58
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.