69 matches found
EUVD-2009-3534
Malware in sbrugna...
EUVD-2011-4250
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2013-2144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat Enterprise Virtualization Manager RHEVM before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a...
CVE-2009-3552
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface a Windows Presentation Foundation WPF XAML browser application to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the...
CVE-2009-3552
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface a Windows Presentation Foundation WPF XAML browser application to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the...
CVE-2009-3552
In RHEV-M VDC 2.2.0, the SSL certificate validation was not performed when using the client-side Red Hat Enterprise Virtualization Manager interface (a WPF-based browser app) to connect to the manager. This allows a local-network attacker to conduct a man-in-the-middle, potentially fooling users ...
Buffer Overflow
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Multiple integer...
RHEL 7 : qemu-kvm-rhev (RHSA-2016:0725)
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 : qemu-kvm-rhev (RHSA-2016:1607)
An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2013-0185
Cross-site request forgery CSRF vulnerability in ManageIQ Enterprise Virtualization Manager EVM allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
Low: Red Hat Security Advisory: org.ovirt.engine-root security, bug fix, and enhancement update
An update for org.ovirt.engine-root is now available for Red Hat Virtualization Manager version 4.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Command injection
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager aka RHEV Manager before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment...
CVE-2015-7544
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager aka RHEV Manager before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment...
CVE-2015-7544
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager aka RHEV Manager before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment...
PT-2017-7223 · Red Hat · Red Hat Enterprise Virtualization Manager
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager versions prior to 3.6 Description: The issue allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the environment. Recommendations: For...
CVE-2016-6338
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
org.ovirt.engine-root: engine-setup logs contained information for extracting admin password
A flaw was found in RHEV Manager, where it wrote sensitive data to the engine-setup log file. A local attacker could exploit this flaw to view sensitive information such as encryption keys and certificates which could then be used to steal other sensitive information such as passwords...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...