Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-2805
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.
Redhat Virtualization 4.0
NA
CVE-2013-4679
Symantec Workspace Virtualization prior to 6.x prior to 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
Symantec Workspace Virtualization
1 EDB exploit
NA
CVE-2013-3834
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote malicious users to affect availability via unknown vectors related to ttaauxserv.
Oracle Virtualization 5.0
NA
CVE-2012-1685
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote malicious users to affect integrity via unknown vectors related to Core.
Oracle Virtualization 4.6
5.7
CVSSv3
CVE-2016-2205
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior t...
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Streaming 7.6.0
5.7
CVSSv3
CVE-2016-2206
The management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 allows remote authenticated users to read arbitrary files by modify...
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.6.0
NA
CVE-2010-2811
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote malicious users to cause a denial of service (daemon outage) via crafted SSL traffic.
Redhat Enterprise Virtualization 2.2
8.8
CVSSv3
CVE-2023-43630
PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measur...
Linuxfoundation Edge Virtualization Engine
8.8
CVSSv3
CVE-2023-43631
On boot, the Pillar eve container checks for the existence and content of “/config/authorized_keys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for r...
Linuxfoundation Edge Virtualization Engine
9.9
CVSSv3
CVE-2023-43632
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The co...
Linuxfoundation Edge Virtualization Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »