Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data virtualization vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2023-43632
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The co...
Linuxfoundation Edge Virtualization Engine
NA
CVE-2010-2223
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive inf...
Redhat Enterprise Virtualization Hypervisor
NA
CVE-2011-3571
Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Con...
Oracle Virtualization 3.2
6.5
CVSSv3
CVE-2015-1780
oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center
Redhat Ovirt-engine -
Redhat Virtualization 3.0
8.8
CVSSv3
CVE-2023-43636
In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” design, the PCR values calculated at different stages of the boot process will change if any of their...
Linuxfoundation Edge Virtualization Engine
9.9
CVSSv3
CVE-2020-14316
A flaw was found in kubevirt 0.29 and previous versions. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an malicious user to assume the privileges of the VM process on the host system. In worst-case scenar...
Kubevirt Kubevirt
Redhat Openshift Virtualization 1
7.5
CVSSv3
CVE-2017-7539
An assertion-failure flaw was found in Qemu prior to 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation....
Qemu Qemu
Redhat Openstack 7.0
Redhat Openstack 6.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Openstack 9
Redhat Openstack 8
Redhat Openstack 11
Redhat Virtualization 3.0
7.5
CVSSv3
CVE-2018-17958
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
9.8
CVSSv3
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Au...
Microfocus Data Center Automation 2017.05
Microfocus Data Center Automation 2017.08
Microfocus Data Center Automation 2017.09
Microfocus Data Center Automation 2017.11
Microfocus Data Center Automation 2018.02
Microfocus Data Center Automation 2018.05
Microfocus Data Center Automation 2017.01
Microfocus Service Management Automation 2018.05
Microfocus Service Management Automation 2018.02
Microfocus Service Management Automation 2017.11
Microfocus Network Operations Management 2018.02
Microfocus Network Operations Management 2017.11
Microfocus Hybrid Cloud Management 2017.11
Microfocus Hybrid Cloud Management 2018.02
Microfocus Hybrid Cloud Management 2018.05
Microfocus Operations Bridge 2017.11
Microfocus Operations Bridge 2018.02
Microfocus Operations Bridge 2018.05
Microfocus Network Operations Management 2018.05
Microfocus Network Virtualization 12.50
Microfocus Service Virtualization 1.00
Microfocus Unified Functional Testing 12.50
5.9
CVSSv3
CVE-2020-14340
A vulnerability exists in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the malicious user to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 up to and including 3.8.1.Final.
Redhat Xnio
Redhat Xnio 3.6.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Brms 5
Redhat Jboss Soa Platform 5
Redhat Jboss Brms 6
Redhat Jboss Data Grid 6.0.0
Redhat Jboss Data Virtualization 6.0.0
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Unified Data Repository 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.15.0
Oracle Communications Cloud Native Core Console 1.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »