Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat libvirt vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2013-4292
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.
Redhat Libvirt 1.1.1
Redhat Libvirt 1.1.0
356
VMScore
CVE-2020-10703
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as netwo...
Redhat Libvirt
356
VMScore
CVE-2020-10701
A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value t...
Redhat Libvirt
356
VMScore
CVE-2014-8131
The qemu implementation of virConnectGetAllDomainStats in libvirt prior to 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via...
Redhat Libvirt
187
VMScore
CVE-2014-8135
The storageVolUpload function in storage/storage_driver.c in libvirt prior to 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload&quo...
Redhat Libvirt -
169
VMScore
CVE-2015-5313
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write t...
Redhat Libvirt -
356
VMScore
CVE-2017-2635
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.
Redhat Libvirt
614
VMScore
CVE-2011-1146
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote malicious users to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceRese...
Redhat Libvirt 0.8.8
312
VMScore
CVE-2012-3445
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers a...
Redhat Libvirt 0.9.13
505
VMScore
CVE-2013-2218
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote malicious users to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by ...
Redhat Libvirt 1.0.6
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »