Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization manager vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
10
CVSSv2
CVE-2016-3642
The RMI service in SolarWinds Virtualization Manager 6.3.1 and previous versions allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Solarwinds Virtualization Manager
2.1
CVSSv2
CVE-2010-2224
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) prior to 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allows guest OS users to obtain sensitive information by examining the disk blocks a...
Redhat Enterprise Virtualization Manager
4.3
CVSSv2
CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and previous versions gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote malicious users to communicate with a system designated to be unreachable.
Redhat Enterprise Virtualization Manager
6.8
CVSSv2
CVE-2013-0185
Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote malicious users to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
Redhat Manageiq Enterprise Virtualization Manager -
2.9
CVSSv2
CVE-2009-3552
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manage...
Redhat Enterprise Virtualization Manager 2.2
2.1
CVSSv2
CVE-2019-10194
Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts.
Ovirt Ovirt
Redhat Virtualization Manager 4.3
4.3
CVSSv2
CVE-2013-0186
Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Cloudforms 3.0
Redhat Manageiq Enterprise Virtualization Manager -
9.3
CVSSv2
CVE-2011-2163
Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors.
Ibm Systems Director 1.2.2
Ibm Virtualization Manager 1.2.2
7.5
CVSSv2
CVE-2013-2050
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter...
Redhat Cloudforms Management Engine 5.1
Redhat Manageiq Enterprise Virtualization Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »