OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or. Rated medium severity (CVSS 6.9). No vendor patch available.
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.3). No vendor patch available.
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.