Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. Date published : 2019-12-30 https://access.redhat.com/security/cve/cve-2012-5476 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5476
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. Date published : 2019-12-30 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092841.html https://access.redhat.com/security/cve/cve-2012-5474
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such...
An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it....
A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using ‘Basic authentication’ and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the...
A security vulnerability in D-Link DGS-1510-series switches with firmware 1.20.011, 1.30.007, 1.31.B003 and older that may allow a remote attacker to inject malicious scripts in the device and execute commands via browser that is...
An issue was discovered in GitLab Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/53543
An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/55439
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/50995
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/51327
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/54427
An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/51969
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/54334