Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise virtualization vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-0186
Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Redhat Cloudforms 3.0
Redhat Manageiq Enterprise Virtualization Manager -
2.1
CVSSv2
CVE-2021-3620
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Openstack 16.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Virtualization For Ibm Power Little Endian 4.0
Redhat Openstack 1
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Engine
Redhat Virtualization Manager 4.4
5
CVSSv2
CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote malicious users to cause a denial of service (crash) via a long password in a SPICE ticket.
Spice Project Spice 0.12.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Redhat Enterprise Linux 5
5.7
CVSSv2
CVE-2011-1576
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote malicious users to cause a denial o...
Linux Linux Kernel 2.6.18
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization Hypervisor
2.6
CVSSv2
CVE-2019-14850
A denial of service vulnerability exists in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could ca...
Nbdkit Project Nbdkit
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server 7.0
1 Github repository
7.5
CVSSv2
CVE-2013-2050
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter...
Redhat Cloudforms Management Engine 5.1
Redhat Manageiq Enterprise Virtualization Manager
5.5
CVSSv2
CVE-2020-3478
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforceme...
Cisco Enterprise Network Function Virtualization Infrastructure
4.3
CVSSv2
CVE-2014-8167
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
Redhat Enterprise Virtualization 3.0
Redhat Vdsclient -
Redhat Virtual Desktop Server Manager -
9.3
CVSSv2
CVE-2021-3621
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an malicious user to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root ...
Fedoraproject Sssd 2.6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Virtualization Host 4.0
Redhat Virtualization 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2020-25657
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.
M2crypto Project M2crypto
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Virtualization 4.0
Fedoraproject Fedora 33
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »