Vulnerabilities in [UNKNOWN]
240 resultsCVE-2018-10871LOW389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica anEPSS 1.0%CVE-2018-1072MEDIUMovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of tEPSS 1.0%CVE-2017-7497MEDIUMThe dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability toEPSS 1.0%CVE-2017-15137MEDIUMThe OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This coulEPSS 1.0%CVE-2019-3848MEDIUMA vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Permissions were not correctly checked before loading event infoEPSS 0.9%CVE-2019-3852MEDIUMA vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not takingEPSS 0.9%CVE-2019-10179MEDIUMA vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize reEPSS 0.9%CVE-2019-14884MEDIUMA vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7 and 3.5 before 3.5.9, where a reflected XSS possible from some fatal eEPSS 0.9%CVE-2019-3809MEDIUMA flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsupported versions. The mybackpack functionality allowed setting the URL of EPSS 0.9%CVE-2019-3851MEDIUMA vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layouEPSS 0.9%CVE-2017-15138MEDIUMThe OpenShift Enterprise cluster-read can access webhook tokens which would allow an attacker with sufficient privileges to view confidentiaEPSS 0.9%CVE-2018-16856MEDIUMIn a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octEPSS 0.9%CVE-2018-10856MEDIUMIt has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This resulEPSS 0.9%CVE-2018-10898HIGHA vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuratEPSS 0.9%CVE-2018-10922HIGHAn input validation flaw exists in ttembed. With a crafted input file, an attacker may be able to trigger a denial of service condition due EPSS 0.9%CVE-2018-10879MEDIUMA flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a deniaEPSS 0.9%CVE-2018-1070MEDIUMrouting before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire sEPSS 0.8%CVE-2019-3850MEDIUMA vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open dEPSS 0.8%CVE-2018-14637MEDIUMThe SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can eEPSS 0.8%CVE-2020-1727MEDIUMA vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validationEPSS 0.8%