Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virtualization vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-5293
Red Hat Enterprise Virtualization Manager 3.6 and previous versions gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote malicious users to communicate with a system designated to be unreachable.
Redhat Enterprise Virtualization Manager
7.5
CVSSv2
CVE-2015-4727
Unspecified vulnerability in Oracle Virtualization Sun Ray Software prior to 5.4.4 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.
Oracle Virtualization Sun Ray
8.5
CVSSv2
CVE-2014-2625
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to read arbitrary files via crafted input, aka ZDI-CAN-2023.
Hp Network Virtualization 8.6
9.4
CVSSv2
CVE-2014-2626
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote malicious users to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.
Hp Network Virtualization 8.6
5.7
CVSSv2
CVE-2010-2811
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not properly accept TCP connections for SSL sessions, which allows remote malicious users to cause a denial of service (daemon outage) via crafted SSL traffic.
Redhat Enterprise Virtualization 2.2
2.1
CVSSv2
CVE-2014-3561
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive information by listing the processes.
Redhat Enterprise Virtualization 3.4
2.1
CVSSv2
CVE-2010-2223
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) prior to 5.5-2.2 does not properly perform VM post-zeroing after the removal of a virtual machine's data, which allows guest OS users to obtain sensitive inf...
Redhat Enterprise Virtualization Hypervisor
7.2
CVSSv2
CVE-2013-2152
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.
Redhat Enterprise Virtualization 3.2
NA
CVE-2023-43630
PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measur...
Linuxfoundation Edge Virtualization Engine
NA
CVE-2023-43631
On boot, the Pillar eve container checks for the existence and content of “/config/authorized_keys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for r...
Linuxfoundation Edge Virtualization Engine
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »