Filter
AND

Versions

4.7
5
3.0
4
4.2
4
4.6
3
5.0.0
3
1.0
1
1.1
1
3.2
1
4.0
1
4.5
1
5.11
1

redhat/cfme-gemset 5.11.8.1CSRF

medium
6.8
First published (updated )
CVE-2020-14369

Red Hat CloudFormsRed Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level …

medium
6.5
First published (updated )
CVE-2020-10779

Red Hat CloudFormsIn Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dro…

medium
6.5
First published (updated )
CVE-2020-10778

Red Hat CloudFormsXSS

medium
5.4
First published (updated )
CVE-2020-10777

Red Hat CloudFormsCloudForms stores user passwords in recoverable format

medium
5.5
First published (updated )
CVE-2013-4423

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Red Hat CloudFormsXSS

medium
6.1
First published (updated )
CVE-2013-0186

Red Hat CloudForms Management Engine Gemsetcfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an …

medium
4.3
First published (updated )
CVE-2019-10159

Red Hat CloudForms Management EngineA logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant admi…

medium
4.9
First published (updated )
CVE-2017-2632

Red Hat Ansible EngineLast updated 24 July 2024

medium
5.9
First published (updated )
CVE-2018-10855

Red Hat CloudFormsXSS

medium
6.1
First published (updated )
CVE-2018-11627

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/cfmeLibor Pichler and Martin Povolny report: Cloudforms lacks RBAC controls on a variety of methods pot…

medium
6.5
First published (updated )
CVE-2017-2664

redhat/cfmeInput Validation

medium
6.5
First published (updated )
CVE-2017-2653

redhat/cfmeInfoleak

medium
4.3
First published (updated )
CVE-2016-7047

Red Hat CloudForms Management EngineInfoleak

medium
5.1
First published (updated )
CVE-2015-7502

rubyonrails RailsXSS

medium
4.3
First published (updated )
CVE-2014-0081

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Red Hat CloudForms Management EngineCSRF

medium
6.8
First published (updated )
CVE-2013-6443

Red Hat CloudFormsThe ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for auth…

medium
4.3
First published (updated )
CVE-2012-5604

Red Hat CloudFormsLukas Zapletal of Red Hat reports: Regular user (somebody with username and password) and a consume…

medium
5.5
First published (updated )
CVE-2012-5603

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203