Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2016-5709
SolarWinds Virtualization Manager 6.3.1 and previous versions uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.
Solarwinds Virtualization Manager
NA
CVE-2013-3834
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote malicious users to affect availability via unknown vectors related to ttaauxserv.
Oracle Virtualization 5.0
7.8
CVSSv3
CVE-2016-3643
SolarWinds Virtualization Manager 6.3.1 and previous versions allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
Solarwinds Virtualization Manager
1 EDB exploit
6.5
CVSSv3
CVE-2022-2805
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.
Redhat Virtualization 4.0
5.7
CVSSv3
CVE-2016-2205
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior t...
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Streaming 7.6.0
5.7
CVSSv3
CVE-2016-2206
The management console in Symantec Workspace Streaming (SWS) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x prior to 7.5 SP1 HF9 and 7.6.0 prior to 7.6 HF5 allows remote authenticated users to read arbitrary files by modify...
Symantec Workspace Streaming 7.5.0
Symantec Workspace Virtualization 7.6.0
Symantec Workspace Virtualization 7.5.0
Symantec Workspace Streaming 7.6.0
NA
CVE-2010-2223
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive inf...
Redhat Enterprise Virtualization Hypervisor
NA
CVE-2014-3561
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
Redhat Enterprise Virtualization 3.4
NA
CVE-2015-4727
Unspecified vulnerability in Oracle Virtualization Sun Ray Software prior to 5.4.4 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.
Oracle Virtualization Sun Ray
NA
CVE-2014-2626
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.
Hp Network Virtualization 8.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »