Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise virtualization manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-2144
Red Hat Enterprise Virtualization Manager (RHEVM) prior to 3.2 does not properly check permissions for the target storage domain, which allows malicious users to cause a denial of service (disk space consumption) by cloning a VM from a snapshot.
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 3.0
Redhat Enterprise Virtualization Manager 2.2.3
2.1
CVSSv2
CVE-2012-5516
Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors.
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2.4
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
4
CVSSv2
CVE-2013-0168
The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and previous versions does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage doma...
Redhat Enterprise Virtualization Manager 3.0
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
2.1
CVSSv2
CVE-2012-6115
The domain management tool (rhevm-manage-domains) in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and previous versions, when the validate action is enabled, logs the administrative password to a world-readable log file, which allows local users to obtain sensitive info...
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 3.0
2.7
CVSSv2
CVE-2012-2696
The backend in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a (1) SOAP or (2) GWT request.
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
6.2
CVSSv2
CVE-2012-0860
Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /tmp/.
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.1
6.8
CVSSv2
CVE-2012-0861
The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents SSL certificates from being validated and allows remote malicious users to exec...
Redhat Enterprise Virtualization Manager 2.1
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager
3.7
CVSSv2
CVE-2011-4316
Red Hat Enterprise Virtualization Manager (RHEV-M) prior to 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a virtual machine to gain access to other users' desktop sessions via unspecif...
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.2.3
Redhat Enterprise Virtualization Manager
Redhat Enterprise Virtualization Manager 2.1
6.8
CVSSv2
CVE-2010-2793
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager prior to 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of thi...
Redhat Enterprise Virtualization Manager 2.2
Redhat Enterprise Virtualization Manager 2.1
Redhat Spice-activex -
Redhat Enterprise Virtualization Manager
4.3
CVSSv2
CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and previous versions gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote malicious users to communicate with a system designated to be unreachable.
Redhat Enterprise Virtualization Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »