Max CVSS 6.5 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-4492 4.3
Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call.
04-05-2021 - 09:08 07-12-2013 - 00:55
CVE-2017-2639 5.0
It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or
09-10-2019 - 23:27 27-07-2018 - 13:29
CVE-2017-15125 3.5
A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application admi
09-10-2019 - 23:24 27-07-2018 - 15:29
CVE-2016-4457 5.0
CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
05-01-2018 - 02:30 08-06-2017 - 18:29
CVE-2016-5383 6.5
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
26-08-2016 - 19:12 26-08-2016 - 14:59
Back to Top Mark selected
Back to Top