Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-2152
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
Redhat Enterprise Virtualization 3.2
NA
CVE-2014-3559
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the d...
Redhat Enterprise Virtualization 3.4
NA
CVE-2010-2223
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive inf...
Redhat Enterprise Virtualization Hypervisor
NA
CVE-2013-6221
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x prior to 3.50.1, when the AutoPass license server is enabled, allows remote malicious users to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZD...
Hp Service Virtualization 3.0
1 EDB exploit
NA
CVE-2014-2625
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to read arbitrary files via crafted input, aka ZDI-CAN-2023.
Hp Network Virtualization 8.6
NA
CVE-2014-2626
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.
Hp Network Virtualization 8.6
NA
CVE-2010-2224
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) prior to 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allows guest OS users to obtain sensitive information by examining the disk blocks a...
Redhat Enterprise Virtualization Manager
NA
CVE-2010-2811
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote malicious users to cause a denial of service (daemon outage) via crafted SSL traffic.
Redhat Enterprise Virtualization 2.2
NA
CVE-2010-0430
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memo...
Redhat Enterprise Virtualization Hypervisor
NA
CVE-2014-3561
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
Redhat Enterprise Virtualization 3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »