Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vdsm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-5201
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x prior to 7-7.2-20151119.0 and 6-6.x prior to 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization prior to 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended a...
Redhat Enterprise Virtualization Hypervisor
Redhat Enterprise Virtualization
7.5
CVSSv3
CVE-2012-5518
vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate)
Ovirt Vdsm -
6.7
CVSSv3
CVE-2019-3831
A vulnerability exists in vdsm, version 4.19 up to and including 4.30.3 and 4.30.5 up to and including 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
Ovirt Vdsm
Redhat Gluster Storage 3.0
5.9
CVSSv3
CVE-2014-8167
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
Redhat Enterprise Virtualization 3.0
Redhat Vdsclient -
Redhat Virtual Desktop Server Manager -
5.9
CVSSv3
CVE-2014-3706
ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle malicious users to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates.
Redhat Enterprise Mrg 3.0
5.6
CVSSv3
CVE-2019-11091
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c...
Intel Microarchitectural Data Sampling Uncacheable Memory Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12126
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found...
Intel Microarchitectural Store Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12127
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...
Intel Microarchitectural Load Port Data Sampling Firmware -
Fedoraproject Fedora 29
2 Github repositories
1 Article
5.6
CVSSv3
CVE-2018-12130
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h...
Intel Microarchitectural Fill Buffer Data Sampling Firmware -
Fedoraproject Fedora 29
3 Github repositories
1 Article
5.6
CVSSv3
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
47 Github repositories
9 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »