Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-8167
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
Redhat Enterprise Virtualization 3.0
Redhat Vdsclient -
Redhat Virtual Desktop Server Manager -
7.5
CVSSv2
CVE-2017-9214
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
Openvswitch Openvswitch 2.7.0
Debian Debian Linux 9.0
Redhat Openstack 6.0
Redhat Openstack 7.0
Redhat Openstack 8
Redhat Openstack 9
Redhat Openstack 10
Redhat Openstack 11
Redhat Virtualization 4.1
Redhat Virtualization Manager 4.1
Redhat Virtualization 4.0
2.1
CVSSv2
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
NA
CVE-2022-2805
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.
Redhat Virtualization 4.0
2.1
CVSSv2
CVE-2013-4280
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
Redhat Virtual Desktop Server Manager 4.9.6
Redhat Storage 2.0
Redhat Enterprise Virtualization 3.0
Redhat Storage 2.1
2.6
CVSSv2
CVE-2020-10775
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and previous versions, where it allows remote malicious users to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical p...
Oracle Virtualization 4.0
Redhat Ovirt-engine
5
CVSSv2
CVE-2018-17958
Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
Qemu Qemu
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Virtualization 4.0
Redhat Virtualization Manager 4.3
4.3
CVSSv2
CVE-2019-19336
A cross-site scripting vulnerability was reported in the oVirt-engine's OAuth authorization endpoint before version 4.3.8. URL parameters were included in the HTML response without escaping. This flaw would allow an malicious user to craft malicious HTML pages that can run s...
Ovirt Ovirt-engine
Redhat Virtualization 4.3
5
CVSSv2
CVE-2019-3888
A vulnerability was found in Undertow web server prior to 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFai...
Redhat Undertow
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Netapp Active Iq Unified Manager -
5.7
CVSSv2
CVE-2010-2811
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote malicious users to cause a denial of service (daemon outage) via crafted SSL traffic.
Redhat Enterprise Virtualization 2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »