Lucene search
+L

200 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.61 views

Oracle Linux 9 : libvirt (ELSA-2023-6409)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6409 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' CVE-2023-3750, rhbz2221851 Tenable has extracted the preceding description block...

6.5CVSS6.5AI score0.00621EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.28 views

Oracle Linux 7 : libvirt (ELSA-2019-4687)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4687 advisory. - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug:...

8.8CVSS7.5AI score0.01411EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.27 views

Oracle Linux 7 : libvirt (ELSA-2020-5719)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5719 advisory. 5.7.0-15.el7 - qemu: Escape the qemu driver systemd DOT hoax Wim ten Have Orabug: 31380815 5.7.0-14.el7 - vmx: make 'fileName' optional for CD-ROMs Pino Toscano...

6.5CVSS7AI score0.02294EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.6 views

PT-2023-8982 · Libvirt +6 · Libvirt +6

Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A flaw was found in the virStoragePoolObjListSearch function of libvirt, which does not return a locked pool as expected. This results in a race condition and denial of service when...

6.5CVSS6.2AI score0.00621EPSS
Exploits0References45
Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.32 views

Oracle Linux 9 : libvirt (ELSA-2023-3715)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3715 advisory. 9.0.0-10.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 9.0.0-10.2.el92 - virpci: Resolve leak in virPCIVirtualFunctionList cleanup CVE-2023-2700,...

5.5CVSS6.7AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2023/05/15 10:15 p.m.8 views

AZL-26736 CVE-2023-2700 affecting package libvirt for versions less than 7.10.0-5

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

5.5CVSS6.7AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2023/05/15 10:15 p.m.5 views

UBUNTU-CVE-2023-2700

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

5.5CVSS6.7AI score0.00298EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/15 12:0 a.m.14 views

CVE-2023-2700

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

5.4AI score0.00298EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/02/21 7:8 p.m.27 views

K17218: Libvirt vulnerability CVE-2014-8135

Security Advisory Description The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload"...

2.1CVSS6.5AI score0.00467EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.2 views

SUSE CVE-2008-5086

Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions...

7.2CVSS6.6AI score0.00383EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.3 views

SUSE CVE-2010-2239

Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors...

4.4CVSS7AI score0.00325EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.3 views

SUSE CVE-2010-2237

Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors...

4.4CVSS7.3AI score0.00317EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.4 views

SUSE CVE-2012-4423

The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service NULL pointer dereference and segmentation fault via an RPC call with 1 an event as the RPC number or 2 an RPC number whose value is in a "gap" in the RPC dispatch table...

5CVSS6.8AI score0.03718EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.7 views

SUSE CVE-2013-4153

Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemuagent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service daemon crash via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command...

5CVSS6.8AI score0.01676EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.3 views

SUSE CVE-2013-4291

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges...

6.9CVSS6.9AI score0.00487EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.5 views

SUSE CVE-2013-4296

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a crafted RPC ca...

4CVSS6.6AI score0.02678EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.4 views

SUSE CVE-2013-6436

The lxcDomainGetMemoryParameters method in lxc/lxcdriver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service NULL pointer dereference and libvirtd crash via a guest in the shutdown...

2.1CVSS6.4AI score0.00354EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.6 views

SUSE CVE-2014-1447

Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service libvirtd crash by closing a connection before a keepalive response is sent...

3.3CVSS6.8AI score0.02343EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3633

The qemuDomainGetBlockIoTune function in qemu/qemudriver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service crash or read sensitive heap information via a crafted blkiotune query, which triggers an...

5.8CVSS6.7AI score0.02751EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8135

The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload" command...

2.1CVSS6.4AI score0.00467EPSS
Exploits1References3
Rows per page
Query Builder