A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
Max CVSS
5.5
EPSS Score
0.05%
Published
2021-05-26
Updated
2023-12-28
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.
Max CVSS
5.3
EPSS Score
0.16%
Published
2020-08-24
Updated
2020-09-04
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.
Max CVSS
6.4
EPSS Score
0.21%
Published
2015-07-16
Updated
2015-07-17
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-2476.
Max CVSS
5.0
EPSS Score
0.53%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-6459.
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-10-15
Updated
2015-08-26
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2476, and CVE-2014-6459.
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv) and SGD SSL Daemon (ttassl).
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2474, CVE-2014-2476, and CVE-2014-6459.
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.
Max CVSS
6.4
EPSS Score
0.19%
Published
2014-04-16
Updated
2014-04-16
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Max CVSS
7.8
EPSS Score
6.44%
Published
2015-06-07
Updated
2019-04-15
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv.
Max CVSS
5.0
EPSS Score
0.12%
Published
2013-10-16
Updated
2013-10-16
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
Max CVSS
7.5
EPSS Score
0.67%
Published
2013-07-17
Updated
2013-08-22
Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attackers to affect integrity, related to Authentication. NOTE: this identifier was inadvertently used for an Oracle Industry Applications issue involving TMS Help, but that issue has been assigned CVE-2011-2323.
Max CVSS
6.8
EPSS Score
0.70%
Published
2011-10-18
Updated
2017-08-29
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!