Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43635
Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unse...
Linuxfoundation Edge Virtualization Engine
4.3
CVSSv2
CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and previous versions gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote malicious users to communicate with a system designated to be unreachable.
Redhat Enterprise Virtualization Manager
5.7
CVSSv2
CVE-2010-2811
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote malicious users to cause a denial of service (daemon outage) via crafted SSL traffic.
Redhat Enterprise Virtualization 2.2
6.8
CVSSv2
CVE-2013-5493
The diagnostic module in the firmware on Cisco Virtualization Experience Client 6000 devices allows local users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors, aka Bug ID CSCug68407.
Cisco Virtualization Experience Client 6000 Series Firmware -
Cisco Virtualization Experience Client 6000 -
2.1
CVSSv2
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
6.8
CVSSv2
CVE-2013-0185
Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote malicious users to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
Redhat Manageiq Enterprise Virtualization Manager -
4
CVSSv2
CVE-2022-34816
Jenkins HPE Network Virtualization Plugin 1.0 stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Jenkins Hpe Network Virtualization 1.0
5.5
CVSSv2
CVE-2019-3879
It exists that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is triggered as an internal command, meaning the permission validation that should be performed against the calling user is skipped. A user with low privileges (eg Basic Operations) could exploi...
Ovirt Ovirt
Redhat Virtualization 4.2
2.9
CVSSv2
CVE-2009-3552
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manage...
Redhat Enterprise Virtualization Manager 2.2
4.6
CVSSv2
CVE-2021-25653
A privilege escalation vulnerability exists in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 up to and including 8.1.3.1 versions of AVPU.
Avaya Aura Appliance Virtualization Platform
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »