|Max CVSS||9.0||Min CVSS||3.5||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call.
|04-05-2021 - 09:08||07-12-2013 - 00:55|
It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or
|09-10-2019 - 23:27||27-07-2018 - 13:29|
|09-10-2019 - 23:24||27-07-2018 - 15:29|
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user C
|09-10-2019 - 23:18||31-10-2018 - 13:29|
CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
|05-01-2018 - 02:30||08-06-2017 - 18:29|