Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2019/01/15 9:3 a.m.28 views

Out-Of-Bounds Read

libvirt.so is vulnerable to an out-of-bounds read. An attacker will be able to cause a denial of service condition or read sensitive heap information using a crafted blkiotune query when a disk is hot-plugged to the live definition. The qemuDomainGetBlockIoTune function in qemu/qemudriver.c...

5.8CVSS5.8AI score0.02862EPSS
Exploits0References17Affected Software1
Veracode
Veracodeadded 2018/08/13 8:43 a.m.38 views

Out-Of-Bounds Read

libvirt.so is vulnerable to an out-of-bound read. The vulnerability exists in qemuDomainGetBlockIoTune function in qemu/qemudriver.c file because the live definition is used to look up the disk index while the persistant one is indexed which allows an attacker to cause a denial of service conditi...

5.8CVSS5.7AI score0.02862EPSS
Exploits0References18Affected Software1
OSV
OSVadded 2014/10/06 2:55 p.m.6 views

CVE-2014-3633

The qemuDomainGetBlockIoTune function in qemu/qemudriver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service crash or read sensitive heap information via a crafted blkiotune query, which triggers an...

8.1AI score
Exploits0References10
Tenable Nessus
Tenable Nessusadded 2014/10/01 12:0 a.m.27 views

Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2366-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2366-1 advisory. Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker...

5.8CVSS7.4AI score0.02862EPSS
Exploits0References4
Oracle linux
Oracle linuxadded 2014/10/01 12:0 a.m.42 views

libvirt security and bug fix update

1.1.1-29.0.1.el70.3 - Replace docs/et.png in tarball with blank image 1.1.1-29.el70.3 - domainconf: fix domain deadlock CVE-2014-3657 1.1.1-29.el70.2 - qemu: split out cpuset.mems setting rhbz1135871 - qemu: leave restricting cpuset.mems after initialization rhbz1135871 - qemu: blkiotune: Use...

5.8CVSS2.2AI score0.02862EPSS
Exploits0
Ubuntu
Ubuntuadded 2014/09/30 5:41 p.m.51 views

USN-2366-1: libvirt vulnerabilities

Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if...

5.8CVSS7.2AI score0.02862EPSS
Exploits0
OSV
OSVadded 2014/09/30 5:41 p.m.0 views

USN-2366-1 libvirt vulnerabilities

Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if...

5.8CVSS6.9AI score0.02862EPSS
Exploits0References4
Rows per page
Query Builder