Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat libvirt 1.1.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4401
The virConnectDomainXMLToNative API function in libvirt 1.1.0 up to and including 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows malicious users to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: so...
Redhat Libvirt 1.1.2
Redhat Libvirt 1.1.1
Redhat Libvirt 1.1.0
Redhat Libvirt 1.1.3
NA
CVE-2014-0028
libvirt 1.1.1 up to and including 1.2.0 allows context-dependent malicious users to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDo...
Redhat Libvirt 1.2.0
Redhat Libvirt 1.1.2
Redhat Libvirt 1.1.4
Redhat Libvirt 1.1.1
Redhat Libvirt 1.1.3
NA
CVE-2013-4400
virt-login-shell in libvirt 1.1.2 up to and including 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
Redhat Libvirt 1.1.2
Redhat Libvirt 1.1.3
NA
CVE-2013-6436
The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 up to and including 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash...
Redhat Libvirt 1.0.5.4
Redhat Libvirt 1.0.5.3
Redhat Libvirt 1.0.5
Redhat Libvirt 1.0.5.6
Redhat Libvirt 1.2.0
Redhat Libvirt 1.1.2
Redhat Libvirt 1.1.4
Redhat Libvirt 1.0.6
Redhat Libvirt 1.1.1
Redhat Libvirt 1.0.5.1
Redhat Libvirt 1.0.5.2
Redhat Libvirt 1.0.5.5
Redhat Libvirt 1.1.0
Redhat Libvirt 1.1.3
NA
CVE-2013-6456
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 up to and including 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach ...
Redhat Libvirt 1.0.5.4
Redhat Libvirt 1.0.5.3
Redhat Libvirt 1.0.5
Redhat Libvirt 1.0.5.6
Redhat Libvirt 1.0.4
Redhat Libvirt 1.2.0
Redhat Libvirt 1.0.1
Redhat Libvirt 1.2.1
Redhat Libvirt 1.1.2
Redhat Libvirt 1.1.4
Redhat Libvirt 1.0.6
Redhat Libvirt 1.0.2
Redhat Libvirt 1.1.1
Redhat Libvirt 1.0.5.1
Fedoraproject Fedora 20
Redhat Libvirt 1.0.5.2
Redhat Libvirt 1.0.3
Redhat Libvirt 1.0.5.5
Redhat Libvirt 1.1.0
Redhat Libvirt 1.1.3
NA
CVE-2013-4297
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and previous versions allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
Redhat Libvirt 0.4.1
Redhat Libvirt 0.9.13
Redhat Libvirt 0.8.6
Redhat Libvirt 0.9.6.3
Redhat Libvirt 0.9.2
Redhat Libvirt 0.4.5
Redhat Libvirt 0.7.5
Redhat Libvirt 0.0.6
Redhat Libvirt 0.9.5
Redhat Libvirt 0.5.0
Redhat Libvirt 0.10.2.2
Redhat Libvirt 0.9.11.3
Redhat Libvirt 0.7.2
Redhat Libvirt 0.1.1
Redhat Libvirt 0.0.3
Redhat Libvirt 0.1.7
Redhat Libvirt 0.0.1
Redhat Libvirt 1.0.5
Redhat Libvirt 0.2.0
Redhat Libvirt 0.9.11.8
Redhat Libvirt 0.7.4
Redhat Libvirt 0.9.10
NA
CVE-2013-5651
The virBitmapParse function in util/virbitmap.c in libvirt prior to 1.1.2 allows context-dependent malicious users to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
Redhat Libvirt 0.4.1
Redhat Libvirt 0.9.13
Redhat Libvirt 0.8.6
Redhat Libvirt 1.0.5.4
Redhat Libvirt 0.9.6.3
Redhat Libvirt 0.9.2
Redhat Libvirt 0.4.5
Redhat Libvirt 0.7.5
Redhat Libvirt 0.0.6
Redhat Libvirt 0.9.5
Redhat Libvirt 1.0.5.3
Redhat Libvirt 0.5.0
Redhat Libvirt 0.10.2.2
Redhat Libvirt
Redhat Libvirt 0.9.11.3
Redhat Libvirt 0.7.2
Redhat Libvirt 0.1.1
Redhat Libvirt 0.0.3
Redhat Libvirt 0.1.7
Redhat Libvirt 0.0.1
Redhat Libvirt 1.0.5
Redhat Libvirt 0.2.0
NA
CVE-2013-6457
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt prior to 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via...
Redhat Libvirt 0.4.1
Redhat Libvirt 0.9.13
Redhat Libvirt 0.8.6
Redhat Libvirt 1.0.5.4
Redhat Libvirt 0.9.6.3
Redhat Libvirt 0.9.2
Redhat Libvirt 0.4.5
Redhat Libvirt 0.7.5
Redhat Libvirt 0.0.6
Redhat Libvirt 0.9.5
Redhat Libvirt 1.0.5.3
Redhat Libvirt 0.5.0
Redhat Libvirt 0.10.2.2
Redhat Libvirt 0.9.11.3
Redhat Libvirt 0.7.2
Redhat Libvirt 0.1.1
Redhat Libvirt 0.0.3
Redhat Libvirt 0.1.7
Redhat Libvirt 0.0.1
Redhat Libvirt 1.0.5
Redhat Libvirt 0.2.0
Redhat Libvirt 0.9.11.8
NA
CVE-2013-4399
The remoteClientFreeFunc function in daemon/remote.c in libvirt prior to 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote malicious users to cause a denial of service (use-after-free and crash) by registering an event...
Redhat Libvirt 0.4.1
Redhat Libvirt 0.9.13
Redhat Libvirt 0.8.6
Redhat Libvirt 1.0.5.4
Redhat Libvirt
Redhat Libvirt 0.9.6.3
Redhat Libvirt 0.9.2
Redhat Libvirt 0.4.5
Redhat Libvirt 0.7.5
Redhat Libvirt 0.0.6
Redhat Libvirt 0.9.5
Redhat Libvirt 1.0.5.3
Redhat Libvirt 0.5.0
Redhat Libvirt 0.10.2.2
Redhat Libvirt 0.9.11.3
Redhat Libvirt 0.7.2
Redhat Libvirt 0.1.1
Redhat Libvirt 0.0.3
Redhat Libvirt 0.1.7
Redhat Libvirt 0.0.1
Redhat Libvirt 1.0.5
Redhat Libvirt 0.2.0
NA
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started