Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat enterprise virtualization vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0167
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
Redhat Enterprise Virtualization 3.2
Redhat Enterprise Virtualization 3.0
NA
CVE-2013-2151
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
Redhat Enterprise Virtualization 3.2
Redhat Enterprise Virtualization 3.0
7.8
CVSSv3
CVE-2019-10161
It exists that libvirtd prior to 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could ...
Redhat Libvirt
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
7.5
CVSSv3
CVE-2018-16881
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions prior to 8.27.0 are vulnerable.
Rsyslog Rsyslog
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Virtualization Manager 4.3
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2012-0877
PyXML: Hash table collisions CPU usage Denial of Service
Python Pyxml -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Virtualization Hypervisor -
5.9
CVSSv3
CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and previous versions gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote malicious users to communicate with a system designated to be unreachable.
Redhat Enterprise Virtualization Manager
NA
CVE-2013-2152
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
Redhat Enterprise Virtualization 3.2
NA
CVE-2014-3559
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the d...
Redhat Enterprise Virtualization 3.4
NA
CVE-2010-2223
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive inf...
Redhat Enterprise Virtualization Hypervisor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »