Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise virtualization 3.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3559
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the d...
Redhat Enterprise Virtualization 3.4
NA
CVE-2014-3561
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
Redhat Enterprise Virtualization 3.4
5.5
CVSSv3
CVE-2016-5403
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Oracle Vm Server 3.4
Oracle Linux 6
Oracle Linux 7
Oracle Linux 5
Qemu Qemu
Qemu Qemu 2.7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Openstack 5.0
Redhat Enterprise Linux Server 7.0
Redhat Openstack 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
8.8
CVSSv3
CVE-2016-3710
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
Debian Debian Linux 8.0
Hp Helion Openstack 2.1.2
Hp Helion Openstack 2.1.4
Hp Helion Openstack 2.1.0
Hp Helion Openstack 2.0.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Qemu Qemu
Qemu Qemu 2.6.0
Oracle Linux 5
Oracle Vm Server 3.2
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Oracle Linux 6
Oracle Linux 7
Citrix Xenserver
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
7.5
CVSSv3
CVE-2019-16056
An issue exists in Python up to and including 2.7.16, 3.x up to and including 3.5.7, 3.6.x up to and including 3.6.9, and 3.7.x up to and including 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module...
Python Python
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Redhat Software Collections 1.0
Oracle Solaris 11
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Communications Operations Monitor 3.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Operations Monitor
Oracle Zfs Storage Appliance Kit 8.8
Opensuse Leap 15.0
Opensuse Leap 15.1
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
170 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started