Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-2299 |
|
Vulnerability in apache (CVE-2017-2299)
vulnerability in apache (CVE-2017-2299). Confidential information can be exposed externally. Exploitable via ``ssl_ca``.
|
| CVE-2017-1002100 |
|
Information Disclosure in kubernetes (CVE-2017-1002100)
vulnerability in kubernetes (CVE-2017-1002100). Confidential information can be exposed externally.
|
| CVE-2014-9634 |
|
Vulnerability in tomcat (CVE-2014-9634)
vulnerability in tomcat (CVE-2014-9634). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-9635 |
|
Vulnerability in tomcat (CVE-2014-9635)
vulnerability in tomcat (CVE-2014-9635). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
|
| CVE-2016-5716 |
|
Vulnerability in puppet (CVE-2016-5716)
vulnerability in puppet (CVE-2016-5716). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7561 |
|
Vulnerability in kubernetes (CVE-2015-7561)
vulnerability in kubernetes (CVE-2015-7561). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11468 |
|
Vulnerability in dos (CVE-2017-11468)
vulnerability in dos (CVE-2017-11468). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000362 |
|
Information Disclosure in jenkins (CVE-2017-1000362)
vulnerability in jenkins (CVE-2017-1000362). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000056 |
|
Vulnerability in privilege-escalation (CVE-2017-1000056)
vulnerability in privilege-escalation (CVE-2017-1000056). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7529 |
|
Vulnerability in nginx (CVE-2017-7529)
vulnerability in nginx (CVE-2017-7529). Confidential information can be exposed externally.
|
| CVE-2017-2294 |
|
Information Disclosure in puppet (CVE-2017-2294)
vulnerability in puppet (CVE-2017-2294). Confidential information can be exposed externally.
|
| CVE-2017-2295 |
|
Unsafe Deserialization in deserialization (CVE-2017-2295)
vulnerability in deserialization (CVE-2017-2295). Confidential information can be exposed externally.
|
| CVE-2017-2292 |
|
Unsafe Deserialization in puppet (CVE-2017-2292)
vulnerability in puppet (CVE-2017-2292). Confidential information can be exposed externally.
|
| CVE-2017-2298 |
|
Vulnerability in puppet (CVE-2017-2298)
vulnerability in puppet (CVE-2017-2298). Data can be tampered with by attackers.
|
| CVE-2014-3498 |
|
Vulnerability in ansible (CVE-2014-3498)
vulnerability in ansible (CVE-2014-3498). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8ed6350e65c82292a631f08845dfaacffe7f07f5, 1.6.6` or later.
|
| CVE-2015-6240 |
|
Vulnerability in ansible (CVE-2015-6240)
vulnerability in ansible (CVE-2015-6240). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b, 952166f48eb0f5797b75b160fd156bbe1e8fc647, 1.9.2` or later.
|
| CVE-2017-2290 |
|
Vulnerability in puppet (CVE-2017-2290)
vulnerability in puppet (CVE-2017-2290). Successful exploitation can lead to full system takeover.
|
| CVE-2016-2787 |
|
Vulnerability in puppet (CVE-2016-2787)
vulnerability in puppet (CVE-2016-2787). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-2788 |
|
Vulnerability in puppet (CVE-2016-2788)
vulnerability in puppet (CVE-2016-2788). Successful exploitation can lead to full system takeover.
|
| CVE-2016-3102 |
|
Vulnerability in jenkins (CVE-2016-3102)
vulnerability in jenkins (CVE-2016-3102). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4986 |
|
Path Traversal in path-traversal (CVE-2016-4986)
path traversal in path-traversal (CVE-2016-4986). Confidential information can be exposed externally.
|
| CVE-2016-4987 |
|
Path Traversal in path-traversal (CVE-2016-4987)
path traversal in path-traversal (CVE-2016-4987). Confidential information can be exposed externally.
|
| CVE-2016-4988 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2016-4988)
cross-site scripting in jenkins (CVE-2016-4988). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-3101 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2016-3101)
cross-site scripting in jenkins (CVE-2016-3101). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9686 |
|
Vulnerability in puppet (CVE-2016-9686)
vulnerability in puppet (CVE-2016-9686). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9962 |
|
Vulnerability in docker (CVE-2016-9962)
vulnerability in docker (CVE-2016-9962). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9299 |
|
Vulnerability in jenkins (CVE-2016-9299)
vulnerability in jenkins (CVE-2016-9299). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5715 |
|
Open Redirect in puppet (CVE-2016-5715)
vulnerability in puppet (CVE-2016-5715). Risk of unauthorized operations or information disclosure.
|