Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
daniel p. berrange vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-1000256
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
Redhat Libvirt
Debian Debian Linux 9.0
NA
CVE-2014-9718
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 up to and including 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and sys...
Debian Debian Linux 8.0
Qemu Qemu 1.0
Qemu Qemu 2.0.0
Qemu Qemu 2.0.2
Qemu Qemu 1.1
Qemu Qemu 2.1.3
Qemu Qemu 2.1.0
Qemu Qemu 1.6.0
Qemu Qemu 1.5.0
Qemu Qemu 1.5.3
Qemu Qemu 1.5.1
Qemu Qemu 2.1.1
Qemu Qemu 1.5.2
Qemu Qemu 1.0.1
Qemu Qemu 1.7.1
Qemu Qemu 1.4.1
Qemu Qemu 1.4.2
Qemu Qemu 1.6.2
Qemu Qemu 1.6.1
Qemu Qemu 2.1.2
NA
CVE-2015-2756
QEMU, as used in Xen 3.3.x up to and including 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI...
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.5.0
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.1
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
NA
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and previous versions and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_...
Qemu Qemu
Redhat Openstack 4.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Openstack 5.0
Redhat Openstack 7.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
Xen Xen 4.5.0
Redhat Openstack 6.0
1 EDB exploit
5 Github repositories
3 Articles
NA
CVE-2013-2218
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote malicious users to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by ...
Redhat Libvirt 1.0.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started