Weekly Update: a new vulnerability is published on the National Vulnerability Database (5 items)

New vulnerabilities from the NVD: CVE-2013-2095 rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection Published at: December 10, 2019 at 04:15PM View on website December 10, 2019 at 05:50PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2013-1793 openstack-utils openstack-db has insecure password creation Published at: December 10, 2019 at 04:15PM View on website December 10, 2019 at 05:50PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2013-0293 oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation Published at: December 10, 2019 at 04:15PM View on website December 10, 2019 at 05:50PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2012-5620 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. Published at: December 10, 2019 at 09:15PM View on website December 11, 2019 at 12:07AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2012-1577 lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. Published at: December 10, 2019 at 09:15PM View on website December 11, 2019 at 12:07AM via National Vulnerability Database